# Solved: explorer.exe high memory usage



## breizhoubzh

Hi,

When turning on my laptop with Windows 7 (x64), the process explorer.exe memory usage increases significantly to reach 2GB.
Using Process Explorer, I identified the thread msvcrt.ddl which may cause the problem, see below the print screen.
I did a safe mode reboot, it works fine. I did a clean boot by disabling all the processes, the problem is there.

Do you have any ideas?
Thanks a lot,
Julien


----------



## blues_harp28

Hi, let us have some Pc specifications.
Check and post
*TSG System Information Utility* - found here.
http://static.techguy.org/download/SysInfo.exe
======
Download Security Check by screen317 from.
http://screen317.spywareinfoforum.org/
Or
http://www.bleepingcomputer.com/download/securitycheck/

Save it to your Desktop.
Double click the install icon.
If using Vista or Win 7 - right click the icon - run as Administrator
A command Prompt window will open.
Let it scan the Pc - press any key when asked.
It should now open in Notepad.
Copy and Paste the result of the scan in the reply box below.

The saved log will be called checkup.txt.
======
Click Start - in the search box.
Type 
msconfig

Click on the Start Up Tab.
Write down carefully what is listed and post the list here.
Or post a screenshot 
http://library.techguy.org/wiki/TSG_Posting_a_Screenshot


----------



## breizhoubzh

Here is the *TSG System Information Utility:*

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 2923 Mb
Graphics Card: Intel(R) HD Graphics Family, 1333 Mb
Hard Drives: C: Total - 461477 MB, Free - 371414 MB;
Motherboard: Acer, JM40_HR
Antivirus: avast! Antivirus, Updated and Enabled

The checkup.txt:

Results of screen317's Security Check version 0.99.74 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 10 
*``````````````Antivirus/Firewall Check:``````````````* 
Windows Firewall Enabled! 
avast! Antivirus 
Antivirus up to date! 
*`````````Anti-malware/Other Utilities Check:`````````* 
Java 7 Update 40 
Adobe Flash Player 11.9.900.117 
Adobe Reader 10.1.4 *Adobe Reader out of Date!* 
Mozilla Firefox (24.0) 
Google Chrome 29.0.1547.76 
Google Chrome 30.0.1599.69 
*````````Process Check: objlist.exe by Laurent````````* 
Symantec Norton Online Backup NOBuAgent.exe 
AVAST Software Avast AvastSvc.exe 
AVAST Software Avast afwServ.exe 
AVAST Software Avast AvastUI.exe 
*`````````````````System Health check`````````````````* 
Total Fragmentation on Drive C: 3% 
*````````````````````End of Log``````````````````````*

msconfig/startup: see the attachment

thanks,

Julien


----------



## blues_harp28

Download *MalwareBytes* and *SuperAntiSpyware* to your desktop.
Download the Free versions of both programs.

MalwareBytes
SuperAntiSpyware

Once they are downloaded to your desktop.
Close all open browser windows.

*MalwareBytes*
Click on the Install icon - allow it to update during the install process.
Start Malwarebytes Anti-Malware.
Click on Scanner > then quick scan > then Scan.
Any infections or problems will be highlighted in red.
After the scan is finished - Click - Show Results.
Check that all entries are selected.
Click - Remove Selected.
When it has finished removing the malware - it will open a log file in Notepad.
Copy and paste the log file.

You may be prompted to restart to finish the removal process.
If that is the case - restart your Pc.
Then start Malwarebytes again.
Click on the Logs Tab.
Highlight the scan log entry.
Click - Open.
The scan log will appear in Notepad.
Copy and paste it in your next post.

*SuperAntiSpyware*
Click on the install icon - allow it to update during the install process.
Select the Quick Scan option.
Click Scan your Computer.
Any infections or problems will be highlighted in red.
After the scan is finished.
Click Continue.
Check that everything is listed.
Click Remove Threats.
Click OK - then click Finish
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.

Start SuperAntiSpyware again.
Click View Scan Logs.
Highlight the scan log entry.
Click - View Selected Log.
The scan log will appear in Notepad.
Copy and paste in your next post.
======
Post Screenshot of msconfig.
TSG Posting a Screenshot - TSG Library of Knowledge
http://library.techguy.org/wiki/TSG_Posting_a_Screenshot
======
Or Download SINO by Artellos.


Save SINO to your desktop and run *SINO.exe*. (If you downloaded the ZIP version you will need to extract it first)
Then please check the following checkboxes:


Code:


Startup items.


Once checked, hit the *Run Scan!* button and wait for the program to finish the scan.

A notepad window will pop up. Please copy all of the content into your next reply.
Note: If you try to interact with the program once its started scanning it might appear to hang. The scan however will continue.


----------



## blues_harp28

No need to Download SINO by Artellos.
In msconfig - Start up tab.
Untick all entries *Except*

*Acer Backup Manager.
Norton Online Backup.
Java Auto Updater.
Avast Anti-Virus.*

Apply > Ok > Reboot your Pc.

The System Configuration Utility box will appear on retstart - saying changes have been made.
Tick the box on the lower left and then OK.

*Any entry can be re-enabled using msconfig - if it needs to be*
http://netsquirrel.com/msconfig/index.html


----------



## breizhoubzh

I followed our last thread.
I still have the same issue: explorer.exe memory usage is growing. After 1 minute, it is at 1GB.


----------



## breizhoubzh

This is the log for malwarebytes:

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.11.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Gaonac'h :: GAONACH-PC [administrator]

Protection: Enabled

11/10/2013 22:10:16
mbam-log-2013-10-11 (22-10-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218012
Time elapsed: 24 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{204DF522-9A96-4A72-ABB0-60F7A216D6D2} (Adware.Whilokii) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{204DF522-9A96-4A72-ABB0-60F7A216D6D2} (Adware.Whilokii) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 1W1G1U1K1O1H -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Users\Gaonac'h\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.10.0 (PUP.Optional.Delta.A) -> No action taken.

Files Detected: 21
C:\Users\Gaonac'h\AppData\Local\Temp\ICReinstall_Firefox_Setup.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\27928866-BAB0-7891-85BC-FF7DD17D6EE8\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\27928866-BAB0-7891-85BC-FF7DD17D6EE8\Latest\MyBabylonTB.exe (PUP.Optional.Delta) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\27928866-BAB0-7891-85BC-FF7DD17D6EE8\Latest\Setup.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\is1275519350\23685580_stp\wajam_validate.exe (PUP.Optional.Wajam) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\is1275519350\23685624_stp\SearchGol.exe (PUP.Optional.PCFixSpeed.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\is1275519350\23801380_stp\wajam_validate.exe (PUP.Optional.Wajam) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\is1275519350\23801476_stp\SearchGol.exe (PUP.Optional.PCFixSpeed.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\__TEMPWEBPLAYER__\DeltaTB.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\__TEMPWEBPLAYER__\iminent.exe (PUP.Optional.Iminent.A) -> No action taken.
C:\Users\Gaonac'h\Downloads\Avast_Antivirus_Pro_Premier_8_0_1482_Final_Activation_2050.exe (PUP.Optional.OneClickDownloader.A) -> No action taken.
C:\Users\Gaonac'h\Downloads\SoftonicDownloader_for_mobster.exe (PUP.Optional.Softonic) -> No action taken.
C:\Users\Gaonac'h\Downloads\SoftonicDownloader_for_sonicstage (1).exe (PUP.Optional.Softonic) -> No action taken.
C:\Users\Gaonac'h\Downloads\SoftonicDownloader_for_sonicstage.exe (PUP.Optional.Softonic) -> No action taken.
C:\Users\Gaonac'h\Downloads\winamp5623_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\27J4X03F\DeltaTB[2].exe (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\27J4X03F\IminentSetup[1].exe (PUP.Optional.Iminent.A) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\G9MDYO3U\Firefox_Setup.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\S73IR28I\coupish[2].exe (PUP.Optional.BrowserCompanion.A) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\XIJ6IE2Y\optimizerpro_ala5[1].exe (PUP.Optional.OptimizePro.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> No action taken.

(end)


----------



## blues_harp28

Run Malwarebytes again - make sure it removes all that it finds.
Post the log file.
======
Scan with SuperAntiSpyware - remove all that it finds.
Post the log file.
Information in post # 4.
======
Download AdwCleaner to your desktop.
Click on the *Download Now* button and save it to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close any browsers that may be open - double click on the ADWCleaner icon on your desktop

Click on the *Scan* button.
Let it scan your Pc - when that is done click on the *Report* button.
Copy and Paste it into your next post.


----------



## breizhoubzh

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.11.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Gaonac'h :: GAONACH-PC [administrator]

Protection: Enabled

12/10/2013 07:07:37
MBAM-log-2013-10-12 (07-34-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217805
Time elapsed: 23 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.

Registry Values Detected: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 1W1G1U1K1O1H -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Users\Gaonac'h\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.10.0 (PUP.Optional.Delta.A) -> No action taken.

Files Detected: 21
C:\Users\Gaonac'h\AppData\Local\Temp\ICReinstall_Firefox_Setup.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\27928866-BAB0-7891-85BC-FF7DD17D6EE8\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\27928866-BAB0-7891-85BC-FF7DD17D6EE8\Latest\MyBabylonTB.exe (PUP.Optional.Delta) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\27928866-BAB0-7891-85BC-FF7DD17D6EE8\Latest\Setup.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\is1275519350\23685580_stp\wajam_validate.exe (PUP.Optional.Wajam) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\is1275519350\23685624_stp\SearchGol.exe (PUP.Optional.PCFixSpeed.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\is1275519350\23801380_stp\wajam_validate.exe (PUP.Optional.Wajam) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\is1275519350\23801476_stp\SearchGol.exe (PUP.Optional.PCFixSpeed.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\__TEMPWEBPLAYER__\DeltaTB.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Temp\__TEMPWEBPLAYER__\iminent.exe (PUP.Optional.Iminent.A) -> No action taken.
C:\Users\Gaonac'h\Downloads\Avast_Antivirus_Pro_Premier_8_0_1482_Final_Activation_2050.exe (PUP.Optional.OneClickDownloader.A) -> No action taken.
C:\Users\Gaonac'h\Downloads\SoftonicDownloader_for_mobster.exe (PUP.Optional.Softonic) -> No action taken.
C:\Users\Gaonac'h\Downloads\SoftonicDownloader_for_sonicstage (1).exe (PUP.Optional.Softonic) -> No action taken.
C:\Users\Gaonac'h\Downloads\SoftonicDownloader_for_sonicstage.exe (PUP.Optional.Softonic) -> No action taken.
C:\Users\Gaonac'h\Downloads\winamp5623_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\27J4X03F\DeltaTB[2].exe (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\27J4X03F\IminentSetup[1].exe (PUP.Optional.Iminent.A) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\G9MDYO3U\Firefox_Setup.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\S73IR28I\coupish[2].exe (PUP.Optional.BrowserCompanion.A) -> No action taken.
C:\Users\Gaonac'h\Local Settings\Temporary Internet Files\Content.IE5\XIJ6IE2Y\optimizerpro_ala5[1].exe (PUP.Optional.OptimizePro.A) -> No action taken.
C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> No action taken.

(end)

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.12.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Gaonac'h :: GAONACH-PC [administrator]

Protection: Enabled

12/10/2013 07:47:16
mbam-log-2013-10-12 (07-47-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217679
Time elapsed: 24 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/12/2013 at 11:34 AM

Application Version : 5.6.1040

Core Rules Database Version : 10812
Trace Rules Database Version: 8624

Scan type : Quick Scan
Total Scan Time : 00:21:25

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 536
Memory threats detected : 0
Registry items scanned : 60939
Registry threats detected : 0
File items scanned : 13216
File threats detected : 143

Adware.Tracking Cookie
.doubleclick.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
myaccount.sky.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
myaccount.sky.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.bouyguestelecom.solution.weborama.fr [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.bouyguestelecom.solution.weborama.fr [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.bouyguestelecom.solution.weborama.fr [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.bouyguestelecom.solution.weborama.fr [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ww84.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
fr-amaurymedias.videoplaza.tv [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.pmu3.solution.weborama.fr [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.pmu3.solution.weborama.fr [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.pmu3.solution.weborama.fr [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.pmu3.solution.weborama.fr [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad.piximedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad.piximedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtechus.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.uk.at.atwola.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.accounts.o2.co.uk [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.accounts.o2.co.uk [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
accounts.o2.co.uk [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
lo.marketer.lpsnmedia.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.uk.at.atwola.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.account.live.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.account.live.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.account.live.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.account.live.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.account.live.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
target.tangomedia.co.uk [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.media.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.uk.at.atwola.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
www4.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
www4.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.oracle.112.2o7.net [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\GAONAC'H\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/12/2013 at 12:03 PM

Application Version : 5.6.1040

Core Rules Database Version : 10812
Trace Rules Database Version: 8624

Scan type : Quick Scan
Total Scan Time : 00:19:13

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 520
Memory threats detected : 0
Registry items scanned : 60939
Registry threats detected : 0
File items scanned : 13212
File threats detected : 2

Adware.Tracking Cookie
.doubleclick.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\GAONAC'H\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQHSM80P.DEFAULT\COOKIES.SQLITE ]

I cannot run adwcleaner, it says:
it is not a valid Win32 application.


----------



## blues_harp28

Download TFC and save it to your desktop.
http://www.bleepingcomputer.com/download/tfc/

Close All running applications.
Double-click on the TFC icon.
Click on the Start button.
When it has finished - press Ok to restart your Pc to finish the cleanup process.
======
Try and run Adwcleaner again.
======
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
Malwarebytes does have a free version available from the same website - if that is what you choose to do.
Should you download the Trial version - it will revert to the Free version when the Trial is over.
=====
*Edit*
Should Adwcleaner not run after cleaning the Temp files.
While Offline, disable your Anti Virus Program and see if it will run now.


----------



## breizhoubzh

# AdwCleaner v3.007 - Report created 12/10/2013 at 14:46:36
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Gaonac'h - GAONACH-PC
# Running from : C:\Users\Gaonac'h\Downloads\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Folder Deleted : C:\Users\Gaonac'h\AppData\Local\service-x86
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Gaonac'h\AppData\Roaming\Mozilla\Firefox\Profiles\uqhsm80p.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_8e4eb48d
Key Deleted : HKCU\Software\5c2d7dce639e440
Key Deleted : HKLM\SOFTWARE\5c2d7dce639e440
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Key Deleted : HKCU\Software\BlabbersToolbar
Key Deleted : HKLM\Software\service-x86
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\Gaonac'h\AppData\Roaming\Mozilla\Firefox\Profiles\uqhsm80p.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [3977 octets] - [12/10/2013 14:44:45]
AdwCleaner[S0].txt - [3796 octets] - [12/10/2013 14:46:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3856 octets] ##########


----------



## breizhoubzh

I also ran TFC


----------



## blues_harp28

Adwcleaner needs to be run until it comes back clean.
Run again - Scan then Clean - post the log file.
======
Any improvement with the running of your system?
======
Download Mini Tool Box
Download to your desktop.
Double Click on the Mini Toolbox icon.
Put a Tick in *List Installed Programs*
Leave the Tick in Only Problems - under List Devices

Click *Go* and let it scan your Pc.
It will then open in Notepad - copy and paste the log file here.


----------



## breizhoubzh

# AdwCleaner v3.007 - Report created 12/10/2013 at 16:37:20
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Gaonac'h - GAONACH-PC
# Running from : C:\Users\Gaonac'h\Downloads\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\Gaonac'h\AppData\Roaming\Mozilla\Firefox\Profiles\uqhsm80p.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3977 octets] - [12/10/2013 14:44:45]
AdwCleaner[R1].txt - [1022 octets] - [12/10/2013 16:28:14]
AdwCleaner[R2].txt - [1143 octets] - [12/10/2013 16:35:49]
AdwCleaner[S0].txt - [3972 octets] - [12/10/2013 14:46:36]
AdwCleaner[S1].txt - [1084 octets] - [12/10/2013 16:29:52]
AdwCleaner[S2].txt - [1065 octets] - [12/10/2013 16:37:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1125 octets] ##########

No improvement so far...

will run minitool box soon


----------



## breizhoubzh

MiniToolBox by Farbar Version: 13-07-2013
Ran by Gaonac'h (administrator) on 12-10-2013 at 16:43:50
Running from "C:\Users\Gaonac'h\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

=========================== Installed Programs ============================

???? ??? Windows Live (Version: 15.4.3502.0922)
???? Windows Live (Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
Acer Backup Manager (Version: 3.0.0.99)
Acer Crystal Eye Webcam (Version: 1.0.1904)
Acer ePower Management (Version: 6.00.3008)
Acer eRecovery Management (Version: 5.00.3504)
Acer Games (Version: 1.0.2.5)
Acer Registration (Version: 1.04.3503)
Acer ScreenSaver (Version: 20.11.0921.1957)
Acer Updater (Version: 1.02.3500)
Acer USB Charge Manager (Version: 1.00.3001)
Acer VCM (Version: 4.05.3501)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Agatha Christie - Death on the Nile (Version: 2.2.0.98)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
avast! Premier (Version: 8.0.1482.0)
Backup Manager V3 (Version: 3.0.0.99)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
BitTorrent (Version: 7.8.1.30016)
Bonjour (Version: 3.0.0.10)
Chuzzle Deluxe (Version: 2.2.0.95)
clear.fi (Version: 1.0.1517_36458)
clear.fi (Version: 1.0.2024.00)
clear.fi (Version: 9.0.8026)
clear.fi Client (Version: 1.00.3500)
Codec (Version: 1.5.0.0)
Conexant HD Audio (Version: 8.54.17.51)
Crazy Chicken Kart 2 (Version: 2.2.0.97)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DLL Suite 2013
eBay Worldwide (Version: 2.2.0409)
eMule
FATE (Version: 2.2.0.97)
Final Drive: Nitro (Version: 2.2.0.95)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Garmin ANT Agent (Version: 2.3.4)
Garmin Communicator Plugin (Version: 4.0.4)
Garmin Communicator Plugin x64 (Version: 4.0.4)
Garmin USB Drivers (Version: 2.3.1.0)
Google Chrome (Version: 30.0.1599.69)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP FWUpdateEDO2 (Version: 1.2.0.0)
HP Photo Creations (Version: 1.0.0.5192)
HP Photosmart 5510 series Basic Device Software (Version: 24.0.342.0)
HP Photosmart 5510 series Help (Version: 140.0.2.2)
HP Photosmart 5510 series Product Improvement Study (Version: 24.0.342.0)
HP Product Detection (Version: 11.14.0001)
HP Update (Version: 5.003.001.001)
iCloud (Version: 2.1.2.8)
Identity Card (Version: 1.00.3501)
Insaniquarium Deluxe (Version: 2.2.0.97)
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Management Engine Components (Version: 7.0.0.1144)
Intel(R) Processor Graphics (Version: 8.15.10.2418)
Intel(R) Rapid Storage Technology (Version: 10.6.0.1002)
iTunes (Version: 11.0.2.26)
Java 7 Update 40 (Version: 7.0.400)
Java Auto Updater (Version: 2.1.9.8)
Jewel Match 3 (Version: 2.2.0.97)
Jewel Quest Solitaire (Version: 2.2.0.95)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo (Version: 1.9)
Launch Manager (Version: 5.1.7)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Memory-Map European Edition (Version: 5.4.2)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mobster 1.0.1
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Mystery of Mortlake Mansion (Version: 2.2.0.98)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (Version: 4.0.14.27)
MyWinLocker Suite (Version: 4.0.14.18)
newsXpresso (Version: 1.0.0.40)
Norton Online Backup (Version: 2.1.17869)
OpenMG Secure Module 5.0.00 (Version: 5.0.00.11280)
Penguins! (Version: 2.2.0.95)
PHOTOfunSTUDIO 5.0 HD Edition (Version: 5.00.320)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Polar Bowler (Version: 2.2.0.97)
Pota Windows Live (Version: 15.4.3502.0922)
Process Hacker 2.31 (r5355) (Version: 2.31.0.5355)
QuickTime (Version: 7.73.80.64)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek PCIE Card Reader (Version: 6.1.7601.85)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
Sapphire Plus (Version: 1.0.6)
Shredder (Version: 2.0.8.9)
Sky Go Desktop
Skype 6.3 (Version: 6.3.107)
Slingo Deluxe (Version: 2.2.0.95)
SonicStage 4.3 (Version: 4.3)
SUPERAntiSpyware (Version: 5.6.1040)
Synaptics Pointing Device Driver (Version: 15.2.9.0)
TeamViewer 7 (Version: 7.0.13989)
Torchlight (Version: 2.2.0.97)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.97)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Wedding Dash (Version: 2.2.0.95)
Welcome Center (Version: 1.02.3503)
WIDCOMM Bluetooth Software (Version: 6.5.0.2200)
WildTangent Games App (Acer Games) (Version: 4.0.5.14)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (Version: 07/07/2009 1.12.2)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (Version: 02/06/2007 3.1)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
WinRAR 5.00 (64-bit) (Version: 5.00.0)
Zuma Deluxe (Version: 2.2.0.95)

**** End of log ****


----------



## blues_harp28

BitTorrent 
Using BitTorrent - can leave you open to infection.
======
Run Process Explorer again.
Double click Explorer.exe

It will open and show the Threads associated with Explorer.exe
Let it settle until it lists one Thread at the top

Note down what is listed at the top under Start Address.
Or post a Screenshot of the Process Explorer window.
http://library.techguy.org/wiki/TSG_...g_a_Screenshot
======
Adobe reader *out of Date!*
http://get.adobe.com/reader/
Untick the free McAfee scan before downloading Adobe


----------



## breizhoubzh

Please see the attachment for the process explorer screenshot.


----------



## breizhoubzh

I have now updated Adobe


----------



## blues_harp28

What you have posted is not showing what is listed at the top under *Start Address*
If we can see that it, may help us isolate the problem.

Run Process Explorer again.
Double click *Explorer.exe*

It will open and show the Threads associated with Explorer.exe
Let it settle until it lists one Thread at the top
Note what is listed at the top under *Start Address*

Read the following 
http://library.techguy.org/wiki/TSG_...g_a_Screenshot

And then post a *Screenshot* of the Process Explorer window.
One Screenshot for the Main Process Explorer window.
And one showing the Start Address window.


----------



## breizhoubzh

Sorry, I am not sure I understood.
I attached the screenshot of the two windows..


----------



## blues_harp28

I had to download a program to read the above files!
You say this happens when you turn on your Pc.
Does it stay this way and it is slowing down your system?
The CPU will go up and down at all times, at all times of the day, depending on what we are doing.
Using high process programs, videos, games etc, will affect the amount of CPU being used.

So, the question is - what effect is it having on you Pc?


----------



## breizhoubzh

When turning on my laptop, and starting Windows 7, the memory usage of explorer.exe increases significantly to reach 2gb. It also slows down the system. I have to kill explorer.exe in order to send you this post!
I don't have any video games.


----------



## blues_harp28

You have Process Hacker installed.

Run the program - leave it set to Processes.
Click on Hacker in the top tool bar.
Save - save the file to your desk top.

Click on the desktop icon - it will open in Notepad.
Click Edit - Select All.
Edit - Copy.
Come back here and paste the result in the reply box below.


----------



## breizhoubzh

Process Hacker 2.31
Windows NT 6.1 Service Pack 1 (64-bit)
13/10/2013 13:42:18

Name PID CPU I/O Total Rate Private Bytes User Name Description 
System Idle Process 0 71.66 0 NT AUTHORITY\SYSTEM 
System 4 1.22 470 B/s 180 kB NT AUTHORITY\SYSTEM NT Kernel & System 
smss.exe 384 560 kB Windows Session Manager 
Interrupts 0.25 0 Interrupts and DPCs 
csrss.exe 532 3.16 MB Client Server Runtime Process 
conhost.exe 1240 1.06 MB Console Window Host 
conhost.exe 4012 1.65 MB Console Window Host 
wininit.exe 608 1.7 MB Windows Start-Up Application 
services.exe 668 0.10 104 B/s 7.34 MB Services and Controller app 
svchost.exe 800 0.02 232 B/s 4.42 MB Host Process for Windows Services 
svchost.exe 940 4.9 MB Host Process for Windows Services 
svchost.exe 120 18.39 MB Host Process for Windows Services 
svchost.exe 428 99 B/s 139.3 MB Host Process for Windows Services 
wlanext.exe 1232 48 B/s 1.94 MB Windows Wireless LAN 802.11 Extensibility Framework 
dwm.exe 2420 0.19 2.14 kB/s 103.36 MB Gaonach-PC\Gaonac'h Desktop Window Manager 
svchost.exe 544 10.5 MB Host Process for Windows Services 
svchost.exe 584 24.84 MB Host Process for Windows Services 
taskeng.exe 3992 3.17 MB Gaonach-PC\Gaonac'h Task Scheduler Engine 
clear.fiAgent.exe 4032 1.84 MB Gaonach-PC\Gaonac'h clear.fi Resident Program 
DMREngine.exe 2724 8 B/s 5.24 MB Gaonach-PC\Gaonac'h DMREngine 
PmmUpdate.exe 3904 4.41 MB Gaonach-PC\Gaonac'h PMM Update Application 
taskeng.exe 3204 2.79 MB Task Scheduler Engine 
FlashPlayerUpdateService.exe 1176 704 kB Adobe® Flash® Player Update Service 11.9 r900 
svchost.exe 1136 14.98 MB Host Process for Windows Services 
AvastSvc.exe 1264 128 B/s 71.26 MB avast! Service 
afwServ.exe 1476 200 B/s 14.73 MB avast! firewall service 
spoolsv.exe 1644 7.8 MB Spooler SubSystem App 
svchost.exe 1672 0.02 264.2 kB/s 37.91 MB Host Process for Windows Services 
SASCore64.exe 1884 1.55 MB Core Service 
AppleMobileDeviceService.exe 1952 2.97 MB MobileDeviceService 
bgsvcgen.exe  2008 1.28 MB B's Recorder GOLD Service Library 
mDNSResponder.exe 2044 2.41 MB Bonjour Service 
btwdins.exe 1104 2.64 MB Bluetooth Support Server 
CxAudMsg64.exe 1416 6.04 MB Conexant Audio Message Service 
dsiwmis.exe 1436 2.16 MB Dritek WMI Service 
LMutilps32.exe 1356 1.87 MB Launch Manager utility process 
ePowerSvc.exe 1380 2.27 MB ePowerSvc 
svchost.exe 1820 0.07 224 B/s 8.21 MB Host Process for Windows Services 
GREGsvc.exe 1840 1.02 MB Global Registration Service 
UpdaterService.exe 748 1.18 MB Updater Service 
mbamscheduler.exe 1316 2.21 MB Malwarebytes Anti-Malware 
mbamservice.exe 2200 48 B/s 106.69 MB Malwarebytes Anti-Malware 
mbamgui.exe 2476 16 B/s 3.16 MB Gaonach-PC\Gaonac'h Malwarebytes Anti-Malware 
NOBuAgent.exe 2256 32 B/s 3.2 MB Norton Online Backup Service 
IScheduleSvc.exe 2380 5.68 MB Backup Manager Module 
taskhost.exe 2388 56 B/s 13.21 MB Gaonach-PC\Gaonac'h Host Process for Windows Tasks 
RS_Service.exe 2732 1.54 MB Raw Socket Service 
TeamViewer_Service.exe 2860 3.81 MB TeamViewer Remote Control Application 
svchost.exe 3244 3.21 MB Host Process for Windows Services 
SearchIndexer.exe 4084 38.57 MB Microsoft Windows Search Indexer 
wmpnetwk.exe 3788 8 B/s 13.42 MB Windows Media Player Network Sharing Service 
svchost.exe 616 6.32 MB Host Process for Windows Services 
IAStorDataMgrSvc.exe 260 17.77 MB IAStorDataSvc 
RIconMan.exe 508 2.9 MB Realtek Card Reader Icon Tool. 
LMS.exe 4440 0.01 597 B/s 2.88 MB Local Manageability Service 
svchost.exe 2208 8.01 kB/s 45.53 MB Host Process for Windows Services 
UNS.exe 4400 3.45 MB User Notification Service 
rundll32.exe 3740 11.44 MB Windows host process (Rundll32) 
TrustedInstaller.exe 2328 0.64 54.46 kB/s 20.48 MB Windows Modules Installer 
lsass.exe 692 5.66 MB Local Security Authority Process 
lsm.exe 700 2.56 MB Local Session Manager Service 
csrss.exe 632 0.04 552 B/s 2.88 MB Client Server Runtime Process 
winlogon.exe 868 3.04 MB Windows Logon Application 
AvastUI.exe 3564 0.01 32 B/s 10.56 MB Gaonach-PC\Gaonac'h avast! Antivirus 
jusched.exe 3908 1.44 MB Gaonach-PC\Gaonac'h Java(TM) Update Scheduler 
BackupManagerTray.exe 3944 3.76 MB Gaonach-PC\Gaonac'h Acer Backup Manager 
firefox.exe 4256 0.24 212.8 MB Gaonach-PC\Gaonac'h Firefox 
EgisUpdate.exe 3328 4.36 MB Gaonach-PC\Gaonac'h EgisUpdate Release Application 
taskmgr.exe 3316 0.20 1.66 kB/s 7.28 MB Gaonach-PC\Gaonac'h Windows Task Manager 
explorer.exe 3088 24.61 3.89 kB/s 1.04 GB Gaonach-PC\Gaonac'h Windows Explorer 
ProcessHacker.exe 4216 0.65 704 B/s 24.54 MB Gaonach-PC\Gaonac'h Process Hacker 
MpCmdRun.exe 3456 5.7 MB Microsoft Malware Protection Command Line Utility


----------



## blues_harp28

You said that you did a Clean Boot - did you do all that is listed in the link below.
That should have helped to isolate the problem.
How to perform a clean boot.
http://support.microsoft.com/kb/929135/en-us
=====
Just to double check that Avast is doing its job.
Run an online virus scan with ESET.
http://www.eset.com/us/online-scanner/

*Do not* let ESET remove what it finds.
*Untick* the box next to *Remove found threats*

Post the log files - they can be found here.
C:\Program Files\ESET\EsetOnlineScanner\log.txt

Please note - *Do not* let ESET remove what it finds.


----------



## breizhoubzh

[email protected] as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1eb819fb873cd345aa152c0ff1d11a9a
# engine=15467
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-13 07:03:56
# local_time=2013-10-13 08:03:56 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=772 16777213 83 94 340239 158400908 0 0
# compatibility_mode=5893 16776574 100 94 18290 134156086 0 0
# scanned=152826
# found=1
# cleaned=0
# scan_time=4761
sh=341967CE6E59E661D2071CBA4D769C16290C69BD ft=0 fh=0000000000000000 vn="LNK/URL.B trojan" ac=I fn="C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Codec 1.5.0.0\Visit Codec website.lnk"


----------



## blues_harp28

breizhoubzh said:


> "LNK/URL.B trojan" ac=I fn="C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Codec 1.5.0.0\Visit Codec website.lnk"


Linked to video and audio codecs - it may Ok but it will need to be checked.

I am asking for the ESET scan log file to be checked by one of our Malware Experts - they may ask you to run other scans on your Pc


----------



## breizhoubzh

Thanks a lot for your help...!


----------



## Mark1956

Hi, the file found by Eset is probably a false positive but we should have it checked. Please also follow the instructions to run FRST and post the logs.

Go to one of the following online services that analyzes suspicious files:

*Jotti's virusscan*
*VirusTotal*
*VirSCAN*

In the "*File to Scan*" (Upload or Submit) box, click the "*browse*" button and locate the following file:

C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Codec 1.5.0.0\*Visit Codec website.lnk* _<- this file_

Click "*Open*", then click the "*Submit*" button. If you get a message saying "_File has already been analyzed_", click *Reanalyze* or *Scan again*.
-- Post back with the results of the file analysis in your next reply.

=========================================================

Please download Farbar Recovery Scan Tool and save it to your desktop. Do not get tempted to download Regclean Pro.

*Note*: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click *Yes* to disclaimer.
Press *Scan* button.
It will make a log (*FRST.txt*) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (*Addition.txt*). Please also copy and paste that into your reply.


----------



## breizhoubzh

It seems that Avast deleted *the file Visit Codec website.lnk*. When running Jotti virusscan, Avast says: "malicious URL Blocked"

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Gaonac'h (administrator) on GAONACH-PC on 14-10-2013 19:05:29
Running from C:\Users\Gaonac'h\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(B.H.A Corporation) C:\Windows\SysWOW64\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(GARMIN Corp.) C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dolby Laboratories Inc.) C:\DOLBY PCEE4\pcee4.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2011-01-13] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6588144 2013-10-02] (SUPERAntiSpyware)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKCU\...\Run: [Google Update] - C:\Users\Gaonac'h\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-26] (Google Inc.)
HKCU\...\Run: [ANT Agent] - C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe [14731776 2013-02-15] (GARMIN Corp.)
MountPoints2: {71b0c409-cf78-11e1-9054-9439e56c6bdf} - E:\DVAP.exe
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-02-28] (AVAST Software)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Gaonac'h\AppData\Roaming\Mozilla\Firefox\Profiles\uqhsm80p.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Gaonac'h\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Gaonac'h\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.co.uk/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\Application\30.0.1599.69\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Gaonac'h\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1
CHR Extension: (Webmail Ad Blocker) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp\3.2.2_0
CHR Extension: (Google Search) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1
CHR Extension: (Browser Companion Helper) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmidecaaklaaadhjgbkjkigonkfbgnik\1.0
CHR Extension: (AdBlock) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (Find and Remind by easyfundraising) - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfknkdmhngcjepkalkhgpmhpolandfp\2.2.1_0
CHR HKLM-x32\...\Chrome\Extension: [popfpdmpofaljlfdnajekkpfnfogcgmn] - C:\ProgramData\SaveAs\popfpdmpofaljlfdnajekkpfnfogcgmn.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Gaonac'h\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-02-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [136912 2013-02-28] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2007-11-28] (Sony Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2007-11-28] (Sony Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2007-11-28] (Sony Corporation)
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33472 2013-02-28] (AVAST Software)
R1 aswFW; C:\Windows\system32\drivers\aswFW.sys [127208 2013-02-28] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22664 2013-02-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80888 2013-02-28] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2013-02-18] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [263168 2013-02-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [71064 2013-02-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65408 2013-02-28] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025880 2013-02-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377992 2013-02-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68992 2013-02-28] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177672 2013-02-28] ()
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-30] (Broadcom Corporation.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-14 19:04 - 2013-10-14 19:04 - 00000000 ____D C:\FRST
2013-10-14 19:03 - 2013-10-14 19:03 - 01954124 _____ (Farbar) C:\Users\Gaonac'h\Downloads\FRST64.exe
2013-10-14 11:58 - 2013-10-14 11:58 - 00002174 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-14 11:57 - 2013-10-14 11:57 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-14 11:57 - 2013-10-14 11:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-14 08:49 - 2013-10-14 08:50 - 00262144 _____ C:\Windows\Minidump\101413-5232616-01.dmp
2013-10-14 08:49 - 2013-10-14 08:49 - 388242334 _____ C:\Windows\MEMORY.DMP
2013-10-14 08:49 - 2013-10-14 08:49 - 00000000 ____D C:\Windows\Minidump
2013-10-13 17:59 - 2013-10-13 17:59 - 00000000 ____D C:\Program Files (x86)\ESET
2013-10-13 13:42 - 2013-10-13 13:42 - 00005770 _____ C:\Users\Gaonac'h\Desktop\Process Hacker.txt
2013-10-12 16:43 - 2013-10-12 16:43 - 00012881 _____ C:\Users\Gaonac'h\Downloads\Result.txt
2013-10-12 16:42 - 2013-10-12 16:42 - 00760937 _____ (Farbar) C:\Users\Gaonac'h\Downloads\MiniToolBox.exe
2013-10-12 14:44 - 2013-10-12 16:37 - 00000000 ____D C:\AdwCleaner
2013-10-12 14:44 - 2013-10-12 14:44 - 01048960 _____ C:\Users\Gaonac'h\Downloads\AdwCleaner(1).exe
2013-10-12 14:34 - 2013-10-12 14:34 - 00001122 _____ C:\Users\Gaonac'h\Desktop\TFC - Shortcut.lnk
2013-10-12 14:32 - 2013-10-12 14:32 - 00448512 _____ (OldTimer Tools) C:\Users\Gaonac'h\Downloads\TFC.exe
2013-10-12 12:11 - 2013-10-12 12:11 - 00000776 _____ C:\Users\Gaonac'h\Desktop\AdwCleaner - Shortcut.lnk
2013-10-12 12:09 - 2013-10-12 12:09 - 00000000 _____ C:\Users\Gaonac'h\Downloads\AdwCleaner.exe
2013-10-12 12:04 - 2013-10-12 12:04 - 00000837 _____ C:\Users\Gaonac'h\Documents\SUPERAntiSpyware Scan Log - 10-12-2013 - 12-03-03.log
2013-10-12 11:35 - 2013-10-12 11:35 - 00016812 _____ C:\Users\Gaonac'h\Documents\SUPERAntiSpyware Scan Log - 10-12-2013 - 11-34-34.log
2013-10-11 22:01 - 2013-10-11 22:01 - 00000463 _____ C:\Users\Gaonac'h\Desktop\techguy.txt
2013-10-11 18:54 - 2013-10-11 18:54 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-11 18:54 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-11 18:53 - 2013-10-11 18:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gaonac'h\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-11 18:51 - 2013-10-11 18:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gaonac'h\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-11 18:01 - 2013-10-11 18:01 - 00000791 _____ C:\Users\Gaonac'h\Desktop\SecurityCheck - Shortcut.lnk
2013-10-11 18:00 - 2013-10-11 18:00 - 00891167 _____ C:\Users\Gaonac'h\Downloads\SecurityCheck.exe
2013-10-11 17:57 - 2013-10-11 17:57 - 00001162 _____ C:\Users\Gaonac'h\Desktop\SysInfo - Shortcut.lnk
2013-10-11 17:55 - 2013-10-11 17:55 - 00509440 _____ (Tech Support Guy System) C:\Users\Gaonac'h\Downloads\SysInfo(2).exe
2013-10-11 17:55 - 2013-10-11 17:55 - 00509440 _____ (Tech Support Guy System) C:\Users\Gaonac'h\Downloads\SysInfo(1).exe
2013-10-11 17:53 - 2013-10-11 17:54 - 00509440 _____ (Tech Support Guy System) C:\Users\Gaonac'h\Downloads\SysInfo.exe
2013-10-11 17:15 - 2013-10-11 17:15 - 00000000 ____D C:\Windows\Sun
2013-10-11 15:19 - 2013-10-11 15:19 - 00001114 _____ C:\Users\Gaonac'h\Desktop\DllSuite.lnk
2013-10-11 15:19 - 2013-10-11 15:19 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2013
2013-10-11 15:19 - 2013-10-11 15:19 - 00000000 ____D C:\Program Files (x86)\DLLSuite
2013-10-11 15:16 - 2013-10-11 15:17 - 16214030 _____ ( ) C:\Users\Gaonac'h\Downloads\DLLSuite_Setup.exe
2013-10-11 15:07 - 2013-10-11 15:07 - 00003142 _____ C:\Users\Gaonac'h\Desktop\procexp - Shortcut.lnk
2013-10-11 15:03 - 2013-10-11 15:04 - 00000000 ____D C:\Users\Gaonac'h\Documents\ProcessExplorer
2013-10-11 14:06 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-11 14:06 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-11 14:06 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-11 14:06 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-11 14:06 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-11 14:06 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-11 14:06 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-11 14:06 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-11 14:06 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 14:06 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-11 14:06 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-11 14:06 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 14:06 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-11 14:05 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-11 14:05 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-11 14:05 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-11 14:05 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-11 14:05 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-11 14:05 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-11 14:05 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-11 14:05 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-11 14:05 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-11 14:05 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-11 14:05 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-11 14:05 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-11 14:05 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-11 14:05 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-11 14:05 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-11 14:05 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-11 14:05 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-11 14:05 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 20:03 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 20:03 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 20:03 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 20:03 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 20:03 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 20:03 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 20:03 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 20:03 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 20:03 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 20:03 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 20:03 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 20:03 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 20:03 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 20:03 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 20:03 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 20:03 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 20:03 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 20:03 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 20:03 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 20:03 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 20:03 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 20:03 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 20:03 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 20:03 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 20:03 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 20:03 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 20:03 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 20:03 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 20:03 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 20:03 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 20:03 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 20:03 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 20:03 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 20:03 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 20:03 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 20:03 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 20:03 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 20:02 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 20:02 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 20:02 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 20:02 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 20:02 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 20:02 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 20:02 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 20:02 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 20:02 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 21:49 - 2013-10-09 21:49 - 01970848 _____ C:\Users\Gaonac'h\Downloads\winrar-x64-500.exe
2013-10-09 21:48 - 2013-10-09 21:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-09 21:48 - 2013-10-09 21:48 - 00000000 ____D C:\ProgramData\Oracle
2013-10-09 21:48 - 2013-10-09 21:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-09 21:48 - 2013-10-09 21:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-09 21:48 - 2013-10-09 21:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-09 21:47 - 2013-10-09 21:47 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-09 21:44 - 2013-10-09 21:45 - 00913832 _____ (Oracle Corporation) C:\Users\Gaonac'h\Downloads\chromeinstall-7u40.exe
2013-10-09 21:33 - 2013-10-09 21:33 - 00000000 ____D C:\Users\Gaonac'h\Downloads\Avast 8.Premier+crack
2013-10-09 21:12 - 2013-10-09 21:12 - 00001926 _____ C:\Users\Public\Desktop\avast! Premier.lnk
2013-10-09 21:11 - 2013-02-28 08:36 - 00263168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2013-10-09 21:11 - 2013-02-28 08:36 - 00127208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys
2013-10-09 21:11 - 2013-02-28 08:36 - 00022664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-10-09 21:10 - 2013-02-18 08:41 - 00012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2013-10-09 20:56 - 2013-10-09 20:59 - 00000000 ____D C:\Users\Gaonac'h\Downloads\Avast! Antivirus Pro + Premier 8.0.1482 Final + Activation 2050
2013-10-09 20:36 - 2013-02-28 08:36 - 00377992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-09 20:36 - 2013-02-28 08:36 - 00071064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-09 20:36 - 2013-02-28 08:36 - 00033472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-09 20:35 - 2013-10-09 21:11 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-09 20:35 - 2013-02-28 08:36 - 01025880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-09 20:35 - 2013-02-28 08:36 - 00177672 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-09 20:35 - 2013-02-28 08:36 - 00080888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-09 20:35 - 2013-02-28 08:36 - 00068992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-09 20:35 - 2013-02-28 08:36 - 00065408 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-09 20:35 - 2013-02-28 08:36 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-09 20:31 - 2013-10-09 20:33 - 131918888 _____ C:\Users\Gaonac'h\Downloads\avast_free_antivirus_setup(2).exe
2013-10-09 20:28 - 2013-10-09 20:30 - 131918888 _____ C:\Users\Gaonac'h\Downloads\avast_free_antivirus_setup(1).exe
2013-10-07 23:34 - 2013-10-07 23:34 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\Process Hacker 2
2013-10-07 23:07 - 2013-10-07 23:10 - 819074397 _____ C:\Users\Gaonac'h\Documents\explorer.exe.dmp
2013-10-07 23:06 - 2013-10-07 23:06 - 00001845 _____ C:\Users\Gaonac'h\Desktop\Process Hacker 2.lnk
2013-10-07 23:06 - 2013-10-07 23:06 - 00000000 ____D C:\Program Files\Process Hacker 2
2013-10-07 23:05 - 2013-10-07 23:05 - 01856092 _____ (wj32 ) C:\Users\Gaonac'h\Downloads\processhacker-2.31-setup.exe
2013-10-07 23:05 - 2013-10-07 23:05 - 01856092 _____ (wj32 ) C:\Users\Gaonac'h\Downloads\processhacker-2.31-setup(1).exe
2013-10-07 21:34 - 2013-10-13 21:48 - 00000000 ____D C:\Windows\pss
2013-10-06 18:16 - 2013-10-06 18:16 - 99477982 _____ C:\Windows\SysWOW64\벳吟&#151;
2013-10-05 20:00 - 2013-10-05 20:02 - 02143243 _____ C:\Users\Gaonac'h\Downloads\comptine-les-petits-poissons-dans-l-eau.zip
2013-10-05 15:48 - 2013-10-05 15:48 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\SUPERAntiSpyware.com
2013-10-05 15:47 - 2013-10-05 15:48 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-10-05 15:47 - 2013-10-05 15:47 - 00001812 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-10-05 15:47 - 2013-10-05 15:47 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-10-05 15:46 - 2013-10-05 15:46 - 27878304 _____ (SUPERAntiSpyware) C:\Users\Gaonac'h\Downloads\SUPERAntiSpyware.exe
2013-10-02 20:47 - 2013-10-02 21:12 - 13921381 _____ C:\Users\Gaonac'h\Downloads\A Drop Of The Hard Stuff.pptx
2013-10-02 19:26 - 2013-10-02 19:26 - 00000000 ____D C:\Users\Gaonac'h\AppData\Local\Macromedia
2013-10-02 19:24 - 2013-10-02 19:24 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-02 19:24 - 2013-10-02 19:24 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\Mozilla
2013-10-02 19:24 - 2013-10-02 19:24 - 00000000 ____D C:\Users\Gaonac'h\AppData\Local\Mozilla
2013-10-02 19:24 - 2013-10-02 19:24 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-02 19:24 - 2013-10-02 19:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-02 19:18 - 2013-10-02 19:18 - 00001134 _____ C:\Users\Gaonac'h\Desktop\Continue Firefox Installation.lnk
2013-10-02 19:17 - 2013-10-02 19:19 - 22404568 _____ (Mozilla) C:\Users\Gaonac'h\Downloads\Firefox_Setup [1].exe
2013-10-02 19:03 - 2013-10-02 19:03 - 00281928 _____ (Mozilla) C:\Users\Gaonac'h\Downloads\Firefox Setup Stub 24.0.exe
2013-10-02 17:24 - 2013-10-02 17:24 - 98743931 _____ C:\Windows\SysWOW64\䇆膮0
2013-09-28 16:47 - 2013-09-28 16:47 - 98442955 _____ C:\Windows\SysWOW64\᫢&#148;
2013-09-24 11:57 - 2013-09-24 11:57 - 03984005 _____ C:\Users\Gaonac'h\Downloads\IMG_0666.MOV
2013-09-22 19:59 - 2013-09-22 19:59 - 98597466 _____ C:\Windows\SysWOW64\믃
2013-09-21 21:15 - 2013-09-21 21:15 - 00001712 _____ C:\Users\Gaonac'h\Desktop\Les-mois-de-lanne-alain-le-lait-French-months-of-the-year - Shortcut.lnk
2013-09-21 20:50 - 2013-09-21 20:50 - 10113724 _____ C:\Users\Gaonac'h\Downloads\Les-mois-de-lanne-alain-le-lait-French-months-of-the-year.mp4
2013-09-21 20:06 - 2013-09-21 20:06 - 01043669 _____ C:\Users\Gaonac'h\Downloads\comptine-j-aime-la-galette.zip
2013-09-21 07:56 - 2013-09-21 19:58 - 98547399 _____ C:\Windows\SysWOW64\缡楽C
2013-09-20 17:48 - 2013-09-20 20:40 - 00011479 _____ C:\Users\Gaonac'h\Desktop\Foire_vins_auchans_2013.xlsx
2013-09-14 15:35 - 2013-09-14 15:35 - 01029509 _____ (Thisisu) C:\Users\Gaonac'h\Downloads\JRT (1).exe
2013-09-14 15:25 - 2013-09-14 15:25 - 01029509 _____ (Thisisu) C:\Users\Gaonac'h\Downloads\JRT.exe
2013-09-14 15:25 - 2013-09-14 15:25 - 00000000 ____D C:\Windows\ERUNT
2013-09-14 10:43 - 2013-09-14 10:43 - 97519942 _____ C:\Windows\SysWOW64\έ뻃&#140;

==================== One Month Modified Files and Folders =======

2013-10-14 19:04 - 2013-10-14 19:04 - 00000000 ____D C:\FRST
2013-10-14 19:03 - 2013-10-14 19:03 - 01954124 _____ (Farbar) C:\Users\Gaonac'h\Downloads\FRST64.exe
2013-10-14 19:01 - 2012-02-27 20:52 - 00000262 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2013-10-14 18:57 - 2012-01-04 09:00 - 02089500 _____ C:\Windows\WindowsUpdate.log
2013-10-14 18:42 - 2013-03-01 21:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-14 18:11 - 2012-02-26 20:39 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2031558530-1873693367-2670206133-1001UA.job
2013-10-14 17:38 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-14 17:38 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-14 17:06 - 2012-02-26 20:37 - 00000000 ____D C:\ProgramData\clear.fi
2013-10-14 17:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-14 17:05 - 2009-07-14 05:51 - 00111264 _____ C:\Windows\setupact.log
2013-10-14 15:01 - 2013-08-03 20:18 - 00000302 _____ C:\Windows\Tasks\Registry Optimizer_DEFAULT.job
2013-10-14 11:58 - 2013-10-14 11:58 - 00002174 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-14 11:58 - 2012-02-26 21:50 - 00000000 ____D C:\Users\Gaonac'h\AppData\Local\Adobe
2013-10-14 11:57 - 2013-10-14 11:57 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-14 11:57 - 2013-10-14 11:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-14 11:57 - 2011-09-06 08:30 - 00000000 ____D C:\ProgramData\Adobe
2013-10-14 08:50 - 2013-10-14 08:49 - 00262144 _____ C:\Windows\Minidump\101413-5232616-01.dmp
2013-10-14 08:49 - 2013-10-14 08:49 - 388242334 _____ C:\Windows\MEMORY.DMP
2013-10-14 08:49 - 2013-10-14 08:49 - 00000000 ____D C:\Windows\Minidump
2013-10-14 07:19 - 2012-05-07 21:46 - 00000000 ____D C:\Program Files (x86)\Codec
2013-10-13 21:48 - 2013-10-07 21:34 - 00000000 ____D C:\Windows\pss
2013-10-13 21:48 - 2012-02-25 22:01 - 00000000 ___RD C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-13 19:11 - 2012-02-26 20:39 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2031558530-1873693367-2670206133-1001Core.job
2013-10-13 17:59 - 2013-10-13 17:59 - 00000000 ____D C:\Program Files (x86)\ESET
2013-10-13 13:42 - 2013-10-13 13:42 - 00005770 _____ C:\Users\Gaonac'h\Desktop\Process Hacker.txt
2013-10-13 13:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-13 10:20 - 2010-11-21 04:47 - 00189832 _____ C:\Windows\PFRO.log
2013-10-12 16:43 - 2013-10-12 16:43 - 00012881 _____ C:\Users\Gaonac'h\Downloads\Result.txt
2013-10-12 16:42 - 2013-10-12 16:42 - 00760937 _____ (Farbar) C:\Users\Gaonac'h\Downloads\MiniToolBox.exe
2013-10-12 16:37 - 2013-10-12 14:44 - 00000000 ____D C:\AdwCleaner
2013-10-12 14:44 - 2013-10-12 14:44 - 01048960 _____ C:\Users\Gaonac'h\Downloads\AdwCleaner(1).exe
2013-10-12 14:34 - 2013-10-12 14:34 - 00001122 _____ C:\Users\Gaonac'h\Desktop\TFC - Shortcut.lnk
2013-10-12 14:32 - 2013-10-12 14:32 - 00448512 _____ (OldTimer Tools) C:\Users\Gaonac'h\Downloads\TFC.exe
2013-10-12 12:11 - 2013-10-12 12:11 - 00000776 _____ C:\Users\Gaonac'h\Desktop\AdwCleaner - Shortcut.lnk
2013-10-12 12:09 - 2013-10-12 12:09 - 00000000 _____ C:\Users\Gaonac'h\Downloads\AdwCleaner.exe
2013-10-12 12:04 - 2013-10-12 12:04 - 00000837 _____ C:\Users\Gaonac'h\Documents\SUPERAntiSpyware Scan Log - 10-12-2013 - 12-03-03.log
2013-10-12 11:35 - 2013-10-12 11:35 - 00016812 _____ C:\Users\Gaonac'h\Documents\SUPERAntiSpyware Scan Log - 10-12-2013 - 11-34-34.log
2013-10-11 22:01 - 2013-10-11 22:01 - 00000463 _____ C:\Users\Gaonac'h\Desktop\techguy.txt
2013-10-11 18:54 - 2013-10-11 18:54 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-11 18:54 - 2013-01-07 23:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-11 18:53 - 2013-10-11 18:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gaonac'h\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-11 18:51 - 2013-10-11 18:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gaonac'h\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-11 18:01 - 2013-10-11 18:01 - 00000791 _____ C:\Users\Gaonac'h\Desktop\SecurityCheck - Shortcut.lnk
2013-10-11 18:00 - 2013-10-11 18:00 - 00891167 _____ C:\Users\Gaonac'h\Downloads\SecurityCheck.exe
2013-10-11 17:57 - 2013-10-11 17:57 - 00001162 _____ C:\Users\Gaonac'h\Desktop\SysInfo - Shortcut.lnk
2013-10-11 17:55 - 2013-10-11 17:55 - 00509440 _____ (Tech Support Guy System) C:\Users\Gaonac'h\Downloads\SysInfo(2).exe
2013-10-11 17:55 - 2013-10-11 17:55 - 00509440 _____ (Tech Support Guy System) C:\Users\Gaonac'h\Downloads\SysInfo(1).exe
2013-10-11 17:54 - 2013-10-11 17:53 - 00509440 _____ (Tech Support Guy System) C:\Users\Gaonac'h\Downloads\SysInfo.exe
2013-10-11 17:15 - 2013-10-11 17:15 - 00000000 ____D C:\Windows\Sun
2013-10-11 15:19 - 2013-10-11 15:19 - 00001114 _____ C:\Users\Gaonac'h\Desktop\DllSuite.lnk
2013-10-11 15:19 - 2013-10-11 15:19 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2013
2013-10-11 15:19 - 2013-10-11 15:19 - 00000000 ____D C:\Program Files (x86)\DLLSuite
2013-10-11 15:17 - 2013-10-11 15:16 - 16214030 _____ ( ) C:\Users\Gaonac'h\Downloads\DLLSuite_Setup.exe
2013-10-11 15:07 - 2013-10-11 15:07 - 00003142 _____ C:\Users\Gaonac'h\Desktop\procexp - Shortcut.lnk
2013-10-11 15:04 - 2013-10-11 15:03 - 00000000 ____D C:\Users\Gaonac'h\Documents\ProcessExplorer
2013-10-11 14:19 - 2009-07-14 06:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-11 14:12 - 2009-07-14 05:45 - 00431224 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-11 14:11 - 2012-06-17 15:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 14:11 - 2012-06-17 15:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-11 14:09 - 2012-02-27 22:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-11 10:24 - 2013-08-15 07:25 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 10:21 - 2012-02-26 20:48 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 21:49 - 2013-10-09 21:49 - 01970848 _____ C:\Users\Gaonac'h\Downloads\winrar-x64-500.exe
2013-10-09 21:49 - 2013-01-27 09:51 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-09 21:49 - 2013-01-27 09:49 - 00000000 ____D C:\Program Files\WinRAR
2013-10-09 21:48 - 2013-10-09 21:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-09 21:48 - 2013-10-09 21:48 - 00000000 ____D C:\ProgramData\Oracle
2013-10-09 21:47 - 2013-10-09 21:48 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-09 21:47 - 2013-10-09 21:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-09 21:47 - 2013-10-09 21:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-09 21:47 - 2013-10-09 21:47 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-09 21:47 - 2013-08-23 21:45 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-09 21:47 - 2013-08-23 21:45 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-09 21:45 - 2013-10-09 21:44 - 00913832 _____ (Oracle Corporation) C:\Users\Gaonac'h\Downloads\chromeinstall-7u40.exe
2013-10-09 21:34 - 2012-12-15 14:24 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\BitTorrent
2013-10-09 21:33 - 2013-10-09 21:33 - 00000000 ____D C:\Users\Gaonac'h\Downloads\Avast 8.Premier+crack
2013-10-09 21:26 - 2012-08-28 20:37 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-09 21:12 - 2013-10-09 21:12 - 00001926 _____ C:\Users\Public\Desktop\avast! Premier.lnk
2013-10-09 21:11 - 2013-10-09 20:35 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-09 21:11 - 2012-08-28 20:37 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-09 20:59 - 2013-10-09 20:56 - 00000000 ____D C:\Users\Gaonac'h\Downloads\Avast! Antivirus Pro + Premier 8.0.1482 Final + Activation 2050
2013-10-09 20:34 - 2012-08-28 20:37 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-09 20:33 - 2013-10-09 20:31 - 131918888 _____ C:\Users\Gaonac'h\Downloads\avast_free_antivirus_setup(2).exe
2013-10-09 20:30 - 2013-10-09 20:28 - 131918888 _____ C:\Users\Gaonac'h\Downloads\avast_free_antivirus_setup(1).exe
2013-10-09 20:18 - 2013-08-03 20:18 - 00000310 _____ C:\Windows\Tasks\Registry Optimizer_UPDATES.job
2013-10-09 18:20 - 2012-04-11 19:44 - 00000000 ____D C:\Users\Gaonac'h\Desktop\catherine
2013-10-08 21:42 - 2013-03-01 21:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-08 21:42 - 2013-03-01 21:10 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 21:42 - 2011-09-06 08:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-07 23:34 - 2013-10-07 23:34 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\Process Hacker 2
2013-10-07 23:24 - 2011-09-06 08:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-07 23:24 - 2011-09-06 08:11 - 00000000 ____D C:\ProgramData\Skype
2013-10-07 23:10 - 2013-10-07 23:07 - 819074397 _____ C:\Users\Gaonac'h\Documents\explorer.exe.dmp
2013-10-07 23:06 - 2013-10-07 23:06 - 00001845 _____ C:\Users\Gaonac'h\Desktop\Process Hacker 2.lnk
2013-10-07 23:06 - 2013-10-07 23:06 - 00000000 ____D C:\Program Files\Process Hacker 2
2013-10-07 23:05 - 2013-10-07 23:05 - 01856092 _____ (wj32 ) C:\Users\Gaonac'h\Downloads\processhacker-2.31-setup.exe
2013-10-07 23:05 - 2013-10-07 23:05 - 01856092 _____ (wj32 ) C:\Users\Gaonac'h\Downloads\processhacker-2.31-setup(1).exe
2013-10-06 18:16 - 2013-10-06 18:16 - 99477982 _____ C:\Windows\SysWOW64\벳吟&#151;
2013-10-06 08:31 - 2012-02-26 20:39 - 00002389 _____ C:\Users\Gaonac'h\Desktop\Google Chrome.lnk
2013-10-05 20:02 - 2013-10-05 20:00 - 02143243 _____ C:\Users\Gaonac'h\Downloads\comptine-les-petits-poissons-dans-l-eau.zip
2013-10-05 16:21 - 2012-09-30 08:33 - 00000000 ____D C:\ProgramData\MFAData
2013-10-05 16:19 - 2012-09-30 08:35 - 00000000 ____D C:\ProgramData\AVG2013
2013-10-05 15:48 - 2013-10-05 15:48 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\SUPERAntiSpyware.com
2013-10-05 15:48 - 2013-10-05 15:47 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-10-05 15:47 - 2013-10-05 15:47 - 00001812 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-10-05 15:47 - 2013-10-05 15:47 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-10-05 15:46 - 2013-10-05 15:46 - 27878304 _____ (SUPERAntiSpyware) C:\Users\Gaonac'h\Downloads\SUPERAntiSpyware.exe
2013-10-02 21:12 - 2013-10-02 20:47 - 13921381 _____ C:\Users\Gaonac'h\Downloads\A Drop Of The Hard Stuff.pptx
2013-10-02 19:26 - 2013-10-02 19:26 - 00000000 ____D C:\Users\Gaonac'h\AppData\Local\Macromedia
2013-10-02 19:24 - 2013-10-02 19:24 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-02 19:24 - 2013-10-02 19:24 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\Mozilla
2013-10-02 19:24 - 2013-10-02 19:24 - 00000000 ____D C:\Users\Gaonac'h\AppData\Local\Mozilla
2013-10-02 19:24 - 2013-10-02 19:24 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-02 19:24 - 2013-10-02 19:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-02 19:24 - 2013-03-22 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-02 19:19 - 2013-10-02 19:17 - 22404568 _____ (Mozilla) C:\Users\Gaonac'h\Downloads\Firefox_Setup [1].exe
2013-10-02 19:18 - 2013-10-02 19:18 - 00001134 _____ C:\Users\Gaonac'h\Desktop\Continue Firefox Installation.lnk
2013-10-02 19:03 - 2013-10-02 19:03 - 00281928 _____ (Mozilla) C:\Users\Gaonac'h\Downloads\Firefox Setup Stub 24.0.exe
2013-10-02 17:24 - 2013-10-02 17:24 - 98743931 _____ C:\Windows\SysWOW64\䇆膮0
2013-09-29 17:09 - 2012-01-04 09:19 - 00001024 ___RH C:\Users\Public\Documents\NTIMMV9Acer.dll
2013-09-29 09:28 - 2012-01-04 09:20 - 00001024 ___RH C:\Users\Public\Documents\NTILiveUpdateV9.dll
2013-09-29 09:28 - 2012-01-04 09:19 - 00001024 ___RH C:\Users\Public\Documents\NTIMMV9REGET.dll
2013-09-29 09:23 - 2013-06-03 22:19 - 00000421 _____ C:\Windows\wininit.ini
2013-09-29 09:23 - 2013-06-03 22:18 - 00000000 ____D C:\Users\Gaonac'h\AppData\Roaming\Dropbox
2013-09-29 09:21 - 2013-06-03 22:22 - 00000000 ___RD C:\Users\Gaonac'h\Dropbox
2013-09-29 09:20 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-28 16:47 - 2013-09-28 16:47 - 98442955 _____ C:\Windows\SysWOW64\᫢&#148;
2013-09-24 11:57 - 2013-09-24 11:57 - 03984005 _____ C:\Users\Gaonac'h\Downloads\IMG_0666.MOV
2013-09-23 12:03 - 2012-09-07 20:31 - 00000000 ____D C:\Users\Gaonac'h\Documents\Outlook Files
2013-09-23 00:28 - 2013-10-11 14:05 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 00:28 - 2013-10-11 14:05 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 00:27 - 2013-10-11 14:06 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 00:27 - 2013-10-11 14:06 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 00:27 - 2013-10-11 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 00:27 - 2013-10-11 14:06 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:27 - 2013-10-11 14:05 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 00:27 - 2013-10-11 14:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 00:27 - 2013-10-11 14:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 00:27 - 2013-10-11 14:05 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 00:27 - 2013-10-11 14:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 00:27 - 2013-10-11 14:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 00:27 - 2013-10-11 14:05 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-22 23:55 - 2013-10-11 14:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-22 23:55 - 2013-10-11 14:05 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-22 23:55 - 2013-10-11 14:05 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-22 23:54 - 2013-10-11 14:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-22 23:54 - 2013-10-11 14:06 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-22 23:54 - 2013-10-11 14:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-22 23:54 - 2013-10-11 14:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-22 23:54 - 2013-10-11 14:05 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-22 23:54 - 2013-10-11 14:05 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-22 23:54 - 2013-10-11 14:05 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-22 23:54 - 2013-10-11 14:05 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-22 23:54 - 2013-10-11 14:05 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-22 23:54 - 2013-10-11 14:05 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-22 23:54 - 2013-10-11 14:05 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-22 19:59 - 2013-09-22 19:59 - 98597466 _____ C:\Windows\SysWOW64\믃
2013-09-21 21:15 - 2013-09-21 21:15 - 00001712 _____ C:\Users\Gaonac'h\Desktop\Les-mois-de-lanne-alain-le-lait-French-months-of-the-year - Shortcut.lnk
2013-09-21 20:50 - 2013-09-21 20:50 - 10113724 _____ C:\Users\Gaonac'h\Downloads\Les-mois-de-lanne-alain-le-lait-French-months-of-the-year.mp4
2013-09-21 20:06 - 2013-09-21 20:06 - 01043669 _____ C:\Users\Gaonac'h\Downloads\comptine-j-aime-la-galette.zip
2013-09-21 19:58 - 2013-09-21 07:56 - 98547399 _____ C:\Windows\SysWOW64\缡楽C
2013-09-21 04:38 - 2013-10-11 14:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 04:30 - 2013-10-11 14:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 03:48 - 2013-10-11 14:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 03:39 - 2013-10-11 14:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-20 20:40 - 2013-09-20 17:48 - 00011479 _____ C:\Users\Gaonac'h\Desktop\Foire_vins_auchans_2013.xlsx
2013-09-19 21:34 - 2012-07-26 22:16 - 00007601 _____ C:\Windows\SysWOW64\SystemData.xml
2013-09-14 15:35 - 2013-09-14 15:35 - 01029509 _____ (Thisisu) C:\Users\Gaonac'h\Downloads\JRT (1).exe
2013-09-14 15:25 - 2013-09-14 15:25 - 01029509 _____ (Thisisu) C:\Users\Gaonac'h\Downloads\JRT.exe
2013-09-14 15:25 - 2013-09-14 15:25 - 00000000 ____D C:\Windows\ERUNT
2013-09-14 15:21 - 2013-08-03 20:18 - 00003136 _____ C:\Windows\System32\Tasks\Registry Optimizer
2013-09-14 11:35 - 2012-02-25 22:01 - 00000000 ___RD C:\Users\Gaonac'h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-14 10:43 - 2013-09-14 10:43 - 97519942 _____ C:\Windows\SysWOW64\έ뻃&#140;
2013-09-14 02:10 - 2013-10-10 20:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

Some content of TEMP:
====================
C:\Users\Gaonac'h\AppData\Local\Temp\procexp64.exe
C:\Users\Gaonac'h\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-12 10:22

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Gaonac'h at 2013-10-14 19:06:53
Running from C:\Users\Gaonac'h\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acer Backup Manager (x32 Version: 3.0.0.99)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904)
Acer ePower Management (x32 Version: 6.00.3008)
Acer eRecovery Management (x32 Version: 5.00.3504)
Acer Games (x32 Version: 1.0.2.5)
Acer Registration (x32 Version: 1.04.3503)
Acer ScreenSaver (x32 Version: 20.11.0921.1957)
Acer Updater (x32 Version: 1.02.3500)
Acer USB Charge Manager (x32 Version: 1.00.3001)
Acer VCM (x32 Version: 4.05.3501)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Amazon MP3 Downloader 1.0.17 (x32 Version: 1.0.17)
Apple Application Support (x32 Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.36)
avast! Premier (x32 Version: 8.0.1482.0)
Backup Manager V3 (x32 Version: 3.0.0.99)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
BitTorrent (HKCU Version: 7.8.1.30016)
Bonjour (Version: 3.0.0.10)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
clear.fi (x32 Version: 1.0.1517_36458)
clear.fi (x32 Version: 1.0.2024.00)
clear.fi (x32 Version: 9.0.8026)
clear.fi Client (x32 Version: 1.00.3500)
Codec (x32 Version: 1.5.0.0)
Conexant HD Audio (Version: 8.54.17.51)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DLL Suite 2013 (x32)
eBay Worldwide (x32 Version: 2.2.0409)
eMule (x32)
ESET Online Scanner v3 (x32)
FATE (x32 Version: 2.2.0.97)
Final Drive: Nitro (x32 Version: 2.2.0.95)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Garmin ANT Agent (Version: 2.3.4)
Garmin Communicator Plugin (x32 Version: 4.0.4)
Garmin Communicator Plugin x64 (Version: 4.0.4)
Garmin USB Drivers (x32 Version: 2.3.1.0)
Google Chrome (HKCU Version: 30.0.1599.69)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000)
HP FWUpdateEDO2 (x32 Version: 1.2.0.0)
HP Photo Creations (x32 Version: 1.0.0.5192)
HP Photosmart 5510 series Basic Device Software (Version: 24.0.342.0)
HP Photosmart 5510 series Help (x32 Version: 140.0.2.2)
HP Photosmart 5510 series Product Improvement Study (Version: 24.0.342.0)
HP Product Detection (x32 Version: 11.14.0001)
HP Update (x32 Version: 5.003.001.001)
iCloud (Version: 2.1.2.8)
Identity Card (x32 Version: 1.00.3501)
Insaniquarium Deluxe (x32 Version: 2.2.0.97)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2418)
Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002)
iTunes (Version: 11.0.2.26)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Jewel Match 3 (x32 Version: 2.2.0.97)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
John Deere Drive Green (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kobo (x32 Version: 1.9)
Launch Manager (x32 Version: 5.1.7)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Memory-Map European Edition (x32 Version: 5.4.2)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mobster 1.0.1 (x32)
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (x32 Version: 4.0.14.27)
MyWinLocker Suite (x32 Version: 4.0.14.18)
newsXpresso (x32 Version: 1.0.0.40)
Norton Online Backup (x32 Version: 2.1.17869)
OpenMG Secure Module 5.0.00 (x32 Version: 5.0.00.11280)
Penguins! (x32 Version: 2.2.0.95)
PHOTOfunSTUDIO 5.0 HD Edition (x32 Version: 5.00.320)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Bowler (x32 Version: 2.2.0.97)
Pota Windows Live (x32 Version: 15.4.3502.0922)
Process Hacker 2.31 (r5355) (Version: 2.31.0.5355)
QuickTime (x32 Version: 7.73.80.64)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.85)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0)
Sapphire Plus (x32 Version: 1.0.6)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Sky Go Desktop (HKCU)
Skype 6.3 (x32 Version: 6.3.107)
Slingo Deluxe (x32 Version: 2.2.0.95)
SonicStage 4.3 (x32 Version: 4.3)
SUPERAntiSpyware (Version: 5.6.1040)
Synaptics Pointing Device Driver (Version: 15.2.9.0)
TeamViewer 7 (x32 Version: 7.0.13989)
Torchlight (x32 Version: 2.2.0.97)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Wedding Dash (x32 Version: 2.2.0.95)
Welcome Center (x32 Version: 1.02.3503)
WIDCOMM Bluetooth Software (Version: 6.5.0.2200)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14)
Winamp (x32 Version: 5.623 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (Version: 07/07/2009 1.12.2)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (Version: 02/06/2007 3.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
WinRAR 5.00 (64-bit) (Version: 5.00.0)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points =========================

07-10-2013 17:13:10 Scheduled Checkpoint
07-10-2013 22:23:04 Removed Skype Click to Call
09-10-2013 19:34:19 avast! Free Antivirus Setup
09-10-2013 20:08:57 avast! Premier Setup
09-10-2013 20:46:14 Installed Java 7 Update 40
10-10-2013 18:54:59 Windows Update
11-10-2013 09:13:30 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01E907B2-E1F9-4679-BBE1-7BBAC4967E0D} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {094AFE37-6048-44D2-BC6E-E86C3260E7BC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {1206D595-DAF3-419A-9A4F-80E111F79327} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {12270D60-495F-4782-BEBE-EB75034148B3} - System32\Tasks\Registry Optimizer_UPDATES => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {126E18E2-6FCA-41D0-87BB-4FAF83E85FB1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2031558530-1873693367-2670206133-1001Core => C:\Users\Gaonac'h\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-26] (Google Inc.)
Task: {18B0557D-8978-43EC-87ED-4554D5921901} - System32\Tasks\Registry Optimizer_DEFAULT => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {2A3710A7-7DFC-4A90-A7F4-E6020192EB82} - System32\Tasks\{54746C66-F072-4E8B-ADFE-AE42037C3B78} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/en/go/help.faq.installer?LastError=1618
Task: {3D49AA21-B2C5-46F6-87AE-ACA83BE7737F} - System32\Tasks\{695396E7-E670-4AD9-91CC-050FE88639A9} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/en/go/help.faq.installer?LastError=1618
Task: {3FF21F4E-9B53-46C3-B108-F048B09DFCD9} - System32\Tasks\{6A4C43E9-567B-42B5-933B-2471ADC72E57} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/en/go/help.faq.installer?LastError=1618
Task: {4587CC5E-49BF-4DC3-AD5B-1C142E8E1DCD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2031558530-1873693367-2670206133-1001UA => C:\Users\Gaonac'h\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-26] (Google Inc.)
Task: {49742C2D-9EE2-4A6C-A72D-234B059ADB35} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-28] (AVAST Software)
Task: {55C490D0-998B-4F9E-83EE-F884B1677311} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {658BC063-8439-4CFA-93B8-0F5974DBE83B} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {70B04D8C-B482-4EE7-8CFB-3429B9DF97EF} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {7886108E-D1DD-4314-B9B8-C22115EA37B3} - System32\Tasks\Registry Optimizer => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {9E9784BE-661C-480A-AF6D-3CB465453548} - System32\Tasks\{AB3C516B-EF67-49D7-95A4-272AABFB3DFA} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/en/go/help.faq.installer?LastError=1618
Task: {A1AB89EC-2AB3-47DC-8974-BB62FA06D467} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D5EF4AF0-A5C7-4FBF-AEB2-CE2451B67E93} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-05-25] (Hewlett-Packard Co.)
Task: {D6A56793-8611-4215-96CD-BA913EB0DFFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {DBFA0218-0621-4F8C-BF61-C7E22D6FCBAC} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {F2702778-171F-4B5C-8661-E4191997A4DF} - System32\Tasks\{10E17CAB-D825-4972-BF06-AD5C850C30A1} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/en/go/help.faq.installer?LastError=1618
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2031558530-1873693367-2670206133-1001Core.job => C:\Users\Gaonac'h\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2031558530-1873693367-2670206133-1001UA.job => C:\Users\Gaonac'h\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\Registry Optimizer_DEFAULT.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\Windows\Tasks\Registry Optimizer_UPDATES.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe

==================== Loaded Modules (whitelisted) =============

2011-06-22 04:36 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-04-05 12:58 - 2013-04-05 12:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2013-10-09 21:33 - 2012-06-29 13:10 - 00836608 _____ () C:\Program Files\AVAST Software\Avast\VERSION.dll
2013-10-14 11:30 - 2013-10-14 09:46 - 02105856 _____ () C:\Program Files\AVAST Software\Avast\defs\13101400\algo.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-24 19:03 - 2011-08-24 19:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-08-16 18:44 - 2013-08-16 18:44 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1beb84c27c2edeb38839916524b9df4d\IsdiInterop.ni.dll
2011-09-06 07:50 - 2011-05-20 18:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-10-02 19:24 - 2013-09-11 03:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-10-08 21:42 - 2013-10-08 21:42 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/14/2013 05:06:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2013 11:58:17 AM) (Source: Application Error) (User: )
Description: Faulting application name: SecurityScan_Release.exe, version: 3.0.285.6, time stamp: 0x4b1ae3c6
Faulting module name: SecurityScanner.DLL, version: 3.0.285.0, time stamp: 0x50477448
Exception code: 0xc0000005
Fault offset: 0x00026719
Faulting process id: 0x1b44
Faulting application start time: 0xSecurityScan_Release.exe0
Faulting application path: SecurityScan_Release.exe1
Faulting module path: SecurityScan_Release.exe2
Report Id: SecurityScan_Release.exe3

Error: (10/14/2013 09:36:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/14/2013 09:33:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/14/2013 08:51:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2013 10:34:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (10/13/2013 10:33:12 PM) (Source: Desktop Window Manager) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x80070008)

Error: (10/13/2013 09:50:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2013 09:46:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2013 08:15:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

System errors:
=============
Error: (10/14/2013 05:14:11 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) Management and Security Application User Notification Service service hung on starting.

Error: (10/14/2013 05:12:06 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (10/14/2013 03:32:47 PM) (Source: Service Control Manager) (User: )
Description: The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (10/14/2013 08:50:10 AM) (Source: BugCheck) (User: )
Description: 0x00000050 (0xfffff900c2df4818, 0x0000000000000001, 0xfffff960001476c6, 0x0000000000000000)C:\Windows\MEMORY.DMP101413-5232616-01

Error: (10/14/2013 08:49:49 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 07:21:24 on ‎14/‎10/‎2013 was unexpected.

Error: (10/14/2013 07:16:48 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.

Error: (10/13/2013 09:58:27 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) Management and Security Application User Notification Service service hung on starting.

Error: (10/13/2013 09:56:19 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (10/13/2013 09:41:11 PM) (Source: Service Control Manager) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: 
%%1058

Error: (10/13/2013 06:41:30 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 18:40:32 on ‎13/‎10/‎2013 was unexpected.

Microsoft Office Sessions:
=========================
Error: (10/14/2013 05:06:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2013 11:58:17 AM) (Source: Application Error)(User: )
Description: SecurityScan_Release.exe3.0.285.64b1ae3c6SecurityScanner.DLL3.0.285.050477448c0000005000267191b4401cec8cc46164493C:\Users\Gaonac'h\AppData\Local\Adobe\AIH.ae7b54d5adb3866c8c8aaaf5fcc2e52bd4e513e3\SecurityScan_Release.exeC:\Program Files (x86)\McAfee Security Scan\3.0.285\SecurityScanner.DLL87793e46-34bf-11e3-bab5-dc0ea11e8cdd

Error: (10/14/2013 09:36:10 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Gaonac'h\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\FXANJFDP\esetsmartinstaller_enu.exe

Error: (10/14/2013 09:33:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/14/2013 08:51:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2013 10:34:57 PM) (Source: SideBySide)(User: )
Description: C:\Program Files\EgisTec IPS\KernelController.dllC:\Program Files\EgisTec IPS\KernelController.dll0

Error: (10/13/2013 10:33:12 PM) (Source: Desktop Window Manager)(User: )
Description: 0x80070008

Error: (10/13/2013 09:50:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2013 09:46:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2013 08:15:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

==================== Memory info ===========================

Percentage of memory in use: 94%
Total physical RAM: 2923.86 MB
Available physical RAM: 173.9 MB
Total Pagefile: 5845.9 MB
Available Pagefile: 1186.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:366.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AAC30E3E)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

==================== End Of Log ============================


----------



## breizhoubzh

Can the following help?









Process Name
PID
Operation
Path
Result
Detail
explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ Thread Exit
SUCCESS
Thread ID: 3424, User Time: 0.0000000, Kernel Time: 0.0000000
explorer.exe
5904​ RegQueryKey
HKCU
SUCCESS
Query: HandleTags, HandleTags: 0x0
explorer.exe
5904​ RegCreateKey
HKCU\System\CurrentControlSet\Control\Network\ShowWirelessConnectingOnStart
SUCCESS
Desired Access: Create Sub Key
explorer.exe
5904​ RegCloseKey
HKCU\System\CurrentControlSet\Control\Network\ShowWirelessConnectingOnStart
SUCCESS

explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ CreateFile
C:\Program Files\HP\HP PHOTOSMART 5510 SERIES\BIN\ScanToPCActivationUI.dll
SUCCESS
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
explorer.exe
5904​ QueryBasicInformationFile
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS
CreationTime: 25/05/2011 18:35:34, LastAccessTime: 27/02/2012 20:51:41, LastWriteTime: 25/05/2011 18:35:34, ChangeTime: 30/09/2012 19:32:08, FileAttributes: A
explorer.exe
5904​ CloseFile
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS

explorer.exe
5904​ CreateFile
C:\Program Files\HP\HP PHOTOSMART 5510 SERIES\BIN\ScanToPCActivationUI.dll
SUCCESS
Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
explorer.exe
5904​ FileSystemControl
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS
Control: FSCTL_READ_FILE_USN_DATA
explorer.exe
5904​ CreateFileMapping
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
FILE LOCKED WITH ONLY READERS
SyncType: SyncTypeCreateSection, PageProtection: 
explorer.exe
5904​ QueryStandardInformationFile
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS
AllocationSize: 3,100,672, EndOfFile: 3,098,472, NumberOfLinks: 1, DeletePending: False, Directory: False
explorer.exe
5904​ CreateFileMapping
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS
SyncType: SyncTypeOther
explorer.exe
5904​ CloseFile
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS

explorer.exe
5904​ CreateFile
C:\Program Files\HP\HP PHOTOSMART 5510 SERIES\BIN\ScanToPCActivationUI.dll
SUCCESS
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
explorer.exe
5904​ QueryBasicInformationFile
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS
CreationTime: 25/05/2011 18:35:34, LastAccessTime: 27/02/2012 20:51:41, LastWriteTime: 25/05/2011 18:35:34, ChangeTime: 30/09/2012 19:32:08, FileAttributes: A
explorer.exe
5904​ CloseFile
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS

explorer.exe
5904​ CreateFile
C:\Program Files\HP\HP PHOTOSMART 5510 SERIES\BIN\ScanToPCActivationUI.dll
SUCCESS
Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
explorer.exe
5904​ FileSystemControl
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS
Control: FSCTL_READ_FILE_USN_DATA
explorer.exe
5904​ CreateFileMapping
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
FILE LOCKED WITH ONLY READERS
SyncType: SyncTypeCreateSection, PageProtection: 
explorer.exe
5904​ QueryStandardInformationFile
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS
AllocationSize: 3,100,672, EndOfFile: 3,098,472, NumberOfLinks: 1, DeletePending: False, Directory: False
explorer.exe
5904​ CreateFileMapping
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS
SyncType: SyncTypeOther
explorer.exe
5904​ CloseFile
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationUI.dll
SUCCESS

explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ RegOpenKey
HKLM\Software\Microsoft\Windows\Tablet PC\
SUCCESS
Desired Access: Read
explorer.exe
5904​ RegQueryValue
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC\IsTabletPC
SUCCESS
Type: REG_DWORD, Length: 4, Data: 0
explorer.exe
5904​ RegCloseKey
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC
SUCCESS

explorer.exe
5904​ RegOpenKey
HKLM\Software\Microsoft\Windows\Tablet PC\
SUCCESS
Desired Access: Read
explorer.exe
5904​ RegQueryValue
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC\IsTabletPC
SUCCESS
Type: REG_DWORD, Length: 4, Data: 0
explorer.exe
5904​ RegCloseKey
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC
SUCCESS

explorer.exe
5904​ RegOpenKey
HKLM\Software\Microsoft\Windows\Tablet PC\
SUCCESS
Desired Access: Read
explorer.exe
5904​ RegQueryValue
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC\IsTabletPC
SUCCESS
Type: REG_DWORD, Length: 4, Data: 0
explorer.exe
5904​ RegCloseKey
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC
SUCCESS

explorer.exe
5904​ RegOpenKey
HKLM\Software\Microsoft\Windows\Tablet PC\
SUCCESS
Desired Access: Read
explorer.exe
5904​ RegQueryValue
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC\IsTabletPC
SUCCESS
Type: REG_DWORD, Length: 4, Data: 0
explorer.exe
5904​ RegCloseKey
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC
SUCCESS

explorer.exe
5904​ RegOpenKey
HKLM\Software\Microsoft\Windows\Tablet PC\
SUCCESS
Desired Access: Read
explorer.exe
5904​ RegQueryValue
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC\IsTabletPC
SUCCESS
Type: REG_DWORD, Length: 4, Data: 0
explorer.exe
5904​ RegCloseKey
HKLM\SOFTWARE\Microsoft\Windows\Tablet PC
SUCCESS

explorer.exe
5904​ CloseFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\WINDOWS\EXPLORER\THUMBCACHE_IDX.DB
SUCCESS

explorer.exe
5904​ CloseFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\WINDOWS\Explorer\THUMBCACHE_32.DB
SUCCESS

explorer.exe
5904​ CloseFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\WINDOWS\EXPLORER\THUMBCACHE_96.DB
SUCCESS

explorer.exe
5904​ CloseFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\WINDOWS\EXPLORER\THUMBCACHE_256.DB
SUCCESS

explorer.exe
5904​ CloseFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\WINDOWS\EXPLORER\THUMBCACHE_1024.DB
SUCCESS

explorer.exe
5904​ CloseFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\WINDOWS\EXPLORER\THUMBCACHE_SR.DB
SUCCESS

explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ Thread Exit
SUCCESS
Thread ID: 4524, User Time: 0.0000000, Kernel Time: 0.0000000
explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ Thread Exit
SUCCESS
Thread ID: 924, User Time: 0.0000000, Kernel Time: 0.0000000
explorer.exe
5904​ Thread Exit
SUCCESS
Thread ID: 3684, User Time: 0.0000000, Kernel Time: 0.0312002
explorer.exe
5904​ RegQueryKey
HKCU
SUCCESS
Query: HandleTags, HandleTags: 0x0
explorer.exe
5904​ RegCreateKey
HKCU\System\CurrentControlSet\Control\Network\ShowWirelessConnectingOnStart
SUCCESS
Desired Access: Create Sub Key
explorer.exe
5904​ RegCloseKey
HKCU\System\CurrentControlSet\Control\Network\ShowWirelessConnectingOnStart
SUCCESS

explorer.exe
5904​ CreateFile
C:\USERS\Gaonac'h\AppData\LOCAL\MICROSOFT\OFFICE\Groove\User\GFSConfig.xml
NAME NOT FOUND
Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
explorer.exe
5904​ Thread Exit
SUCCESS
Thread ID: 5500, User Time: 0.0312002, Kernel Time: 0.0624004
explorer.exe
5904​ Thread Exit
SUCCESS
Thread ID: 3376, User Time: 0.0000000, Kernel Time: 0.1248008


----------



## Mark1956

The log above is of no use to me. The FRST log isn't showing anything specific, but it does show a BSOD took place very recently, seeing the minidump file may give some clues.

A couple of other things in the logs, have you remove a Registry Optimizer, there are still tasks set for Winzip Registry Optimizer, these kind of tools can damage a system and should never be used.

Do you use Norton online back up?

Have you ever had a different Anti Virus installed and if so when you removed it did you use the manufacturer's clean up tool after uninstalling it?

=====================================================

Please follow this small guide to attach your minidump files so they can be analysed.

First locate your minidump files, open *Windows Explorer* and click on the *C:* drive in the left pane, in the right pane look down the list of folders and double click on *Windows* to view its contents._ *NOTE:* If your operating system is installed under a different drive letter then look there._ Scroll down the contents of the *Windows* folder and look for a folder called *minidump* and double click on it. You should now see the *minidump* files which will have a *.dmp* extension.

Zip up at least 6 of the most recent files into *one* zip folder (if there are less then just zip up what you have).

*NOTE:* To zip up the files in Windows (all versions). Right click the file, click on* Send To*, and then click
*Compressed (zipped) Folder*. That will create a zip folder containing a copy of the file, you should see it appear.

If there is more than one *.dmp* file click on the first one, hold down the shift key and then click on the last one. That should highlight all the files. Then right click in the highlighted area, click on *Send To*, and then click *Compressed (zipped) Folder*.




Below the *Message Box* click on *Go Advanced*. Then scroll down until you see a button, *Manage Attachments*. Click on that and a new window opens.
Click on the *Browse* button, find the zip folder you made earlier and click on it so it becomes highlighted and click on *Open.*
Now click on the *Upload* button. Wait for the Upload to complete, it will appear just below the *Browse* box.
When done, click on the *Close this window* button at the top of the page.
Enter your message-text in the message box, then click on *Submit Message/Reply.*


----------



## breizhoubzh

Thanks for you investigation.

Firstly:
Do you use Norton online back up?
Response: No I do not use it. Do you want me to uninstall it?

Secondly:
Have you ever had a different Anti Virus installed and if so when you removed it did you use the manufacturer's clean up tool after uninstalling it
Response: Yes I used to have Avira, but I uninstalled it by using the configuration panel, then " Uninstall program"

Thirdly:
I found one dmp file. I zipped it.


----------



## Mark1956

Nothing specific pointed at in the Crash Dump, the most probably cause of this crash is defective RAM, but there could be other reasons.

You did not answer my question about a Registry Optimizer.

If you no longer use Norton Back up then uninstall it.

Please run this tool to clean out the remnants of Avira: Go here:Avira Registry Cleaner and download the registry cleaner, then run it to remove all the Avira registry entries.

Please run these checks and post the results.

*Disk Check*


Click on *Start* then type *cmd* in the search box. A menu will pop up with *cmd* at the top, *right click* on it and select *Run as Administrator*. Another box will open, at the prompt type *chkdsk /r* and hit *Enter*._ *Note:* you must include a space between the *k* and the */*_
You will then see the following message:
*chkdsk* cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts?* (Y/N)*
Type *Y* for yes, and hit *Enter*. Then reboot the computer.
*chkdsk* will start when Windows begins loading again. Let all 5 phases run and don't use or turn off the computer. (_The *chkdsk* process may take an hour or more to finish, if it appears to freeze this is normal so *do not* interrupt it. On drives above 500GB it can take several hours._)
When the Disk Check is done, it will finish loading Windows.

When back at the desktop, follow this to find the log.


Press the *Windows + R* keys to open the *Run* box, type *eventvwr.msc*, and hit the Enter key on your keyboard.
If prompted by the *User Account Control*, click on *Yes* (Windows 7/8) or *Continue* (Vista).
In the left pane of *Event Viewer*, double click on *Windows Logs* to expand it, then left click once on *Application* then right click on *Application* and select *Find*.
Type *wininit* into the *Find *box and click on *Find Next*.
When the search completes you should see the log displayed in the central pane, close the *Find* window.
In the right hand pane click on *Copy* and select *Copy details as text*.
Come back to this thread and right click in the message box and select *Paste*, the log should appear.
Add any other information asked for and submit the post.

*System File Checker*


Click on *Start* and type *cmd* in the search box. Right click on *cmd* in the popup menu and select *Run as Administrator*.
Another box will open, at the Command Prompt, type *sfc /scannow* and press Enter. (Note the gap between the c and the /)
Let the check run to completion. *DO NOT* reboot the PC or close the *cmd* window.
Copy & Paste the following command at the Command Prompt and press Enter:

* findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt*


This will place a file on your desktop called *sfcdetails.txt* which contains the results of the scan.
Copy and Paste the contents of the file into your next post.


----------



## breizhoubzh

I cannot delete the following keys:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\avast! Antivirus
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\avast! Antivirus
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\avast! Antivirus

Will do the disk checks now.


----------



## Mark1956

Ok, I'm turning in now as it is 2am here. Those reg keys are related to Avast which you are currently using, so you should not remove them.


----------



## breizhoubzh

Here is the disk checks:

Log Name: Application
Source: Microsoft-Windows-Wininit
Date: 16/10/2013 23:35:41
Event ID: 1001
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: Gaonach-PC
Description:

Checking file system on C:
The type of the file system is NTFS.
Volume label is Acer.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
193024 file records processed.

File verification completed.
553 large file records processed.

0 bad file records processed.

0 EA records processed.

44 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 5)...
254742 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 5)...
193024 file SDs/SIDs processed.

Cleaning up 575 unused index entries from index $SII of file 0x9.
Cleaning up 575 unused index entries from index $SDH of file 0x9.
Cleaning up 575 unused security descriptors.
CHKDSK is compacting the security descriptor stream
30860 data files processed.

CHKDSK is verifying Usn Journal...
34888056 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
193008 files processed.

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
97470207 free clusters processed.

Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

472553471 KB total disk space.
82277896 KB in 129147 files.
86212 KB in 30863 indexes.
0 KB in bad sectors.
308535 KB in use by the system.
65536 KB occupied by the log file.
389880828 KB available on disk.

4096 bytes in each allocation unit.
118138367 total allocation units on disk.
97470207 allocation units available on disk.

Internal Info:
00 f2 02 00 13 71 02 00 93 6d 04 00 00 00 00 00 .....q...m......
01 6c 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 .l..,...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

Windows has finished checking your disk.
Please wait while your computer restarts.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-10-16T22:35:41.000000000Z" />
<EventRecordID>56713</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>Gaonach-PC</Computer>
<Security />
</System>
<EventData>

Checking file system on C:
The type of the file system is NTFS.
Volume label is Acer.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
193024 file records processed.

File verification completed.
553 large file records processed.

0 bad file records processed.

0 EA records processed.

44 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 5)...
254742 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 5)...
193024 file SDs/SIDs processed.

Cleaning up 575 unused index entries from index $SII of file 0x9.
Cleaning up 575 unused index entries from index $SDH of file 0x9.
Cleaning up 575 unused security descriptors.
CHKDSK is compacting the security descriptor stream
30860 data files processed.

CHKDSK is verifying Usn Journal...
34888056 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
193008 files processed.

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
97470207 free clusters processed.

Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

472553471 KB total disk space.
82277896 KB in 129147 files.
86212 KB in 30863 indexes.
0 KB in bad sectors.
308535 KB in use by the system.
65536 KB occupied by the log file.
389880828 KB available on disk.

4096 bytes in each allocation unit.
118138367 total allocation units on disk.
97470207 allocation units available on disk.

Internal Info:
00 f2 02 00 13 71 02 00 93 6d 04 00 00 00 00 00 .....q...m......
01 6c 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 .l..,...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

Windows has finished checking your disk.
Please wait while your computer restarts.

</EventData>
</Event>


----------



## breizhoubzh

and the system checks: 2013-10-17 17:04:04, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:04, Info CSI 0000000a [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:07, Info CSI 0000000c [SR] Verify complete 2013-10-17 17:04:07, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:07, Info CSI 0000000e [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:09, Info CSI 00000010 [SR] Verify complete 2013-10-17 17:04:10, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:10, Info CSI 00000012 [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:12, Info CSI 00000014 [SR] Verify complete 2013-10-17 17:04:12, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:12, Info CSI 00000016 [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:14, Info CSI 00000018 [SR] Verify complete 2013-10-17 17:04:14, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:14, Info CSI 0000001a [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:16, Info CSI 0000001c [SR] Verify complete 2013-10-17 17:04:17, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:17, Info CSI 0000001e [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:19, Info CSI 00000020 [SR] Verify complete 2013-10-17 17:04:19, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:19, Info CSI 00000022 [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:23, Info CSI 00000024 [SR] Verify complete 2013-10-17 17:04:23, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:23, Info CSI 00000026 [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:26, Info CSI 00000028 [SR] Verify complete 2013-10-17 17:04:26, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:26, Info CSI 0000002a [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:28, Info CSI 0000002c [SR] Verify complete 2013-10-17 17:04:29, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:29, Info CSI 0000002e [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:31, Info CSI 00000030 [SR] Verify complete 2013-10-17 17:04:31, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:31, Info CSI 00000032 [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:34, Info CSI 00000034 [SR] Verify complete 2013-10-17 17:04:34, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:34, Info CSI 00000036 [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:37, Info CSI 00000038 [SR] Verify complete 2013-10-17 17:04:37, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:37, Info CSI 0000003a [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:40, Info CSI 0000003c [SR] Verify complete 2013-10-17 17:04:40, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:40, Info CSI 0000003e [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:43, Info CSI 00000040 [SR] Verify complete 2013-10-17 17:04:44, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:44, Info CSI 00000042 [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:50, Info CSI 00000045 [SR] Verify complete 2013-10-17 17:04:50, Info CSI 00000046 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:50, Info CSI 00000047 [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:53, Info CSI 0000004c [SR] Verify complete 2013-10-17 17:04:54, Info CSI 0000004d [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:54, Info CSI 0000004e [SR] Beginning Verify and Repair transaction 2013-10-17 17:04:57, Info CSI 00000051 [SR] Verify complete 2013-10-17 17:04:57, Info CSI 00000052 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:04:57, Info CSI 00000053 [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:02, Info CSI 00000055 [SR] Verify complete 2013-10-17 17:05:02, Info CSI 00000056 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:02, Info CSI 00000057 [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:08, Info CSI 00000079 [SR] Verify complete 2013-10-17 17:05:09, Info CSI 0000007a [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:09, Info CSI 0000007b [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:13, Info CSI 00000080 [SR] Verify complete 2013-10-17 17:05:13, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:13, Info CSI 00000082 [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:18, Info CSI 00000084 [SR] Verify complete 2013-10-17 17:05:18, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:18, Info CSI 00000086 [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:24, Info CSI 00000088 [SR] Verify complete 2013-10-17 17:05:24, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:24, Info CSI 0000008a [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:28, Info CSI 0000008c [SR] Verify complete 2013-10-17 17:05:29, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:29, Info CSI 0000008e [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:34, Info CSI 00000090 [SR] Verify complete 2013-10-17 17:05:34, Info CSI 00000091 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:34, Info CSI 00000092 [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:39, Info CSI 00000094 [SR] Verify complete 2013-10-17 17:05:39, Info CSI 00000095 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:39, Info CSI 00000096 [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:50, Info CSI 000000b9 [SR] Verify complete 2013-10-17 17:05:50, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:50, Info CSI 000000bb [SR] Beginning Verify and Repair transaction 2013-10-17 17:05:57, Info CSI 000000bd [SR] Verify complete 2013-10-17 17:05:58, Info CSI 000000be [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:05:58, Info CSI 000000bf [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:12, Info CSI 000000c1 [SR] Verify complete 2013-10-17 17:06:12, Info CSI 000000c2 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:12, Info CSI 000000c3 [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:15, Info CSI 000000c7 [SR] Verify complete 2013-10-17 17:06:16, Info CSI 000000c8 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:16, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:17, Info CSI 000000cb [SR] Verify complete 2013-10-17 17:06:18, Info CSI 000000cc [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:18, Info CSI 000000cd [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:20, Info CSI 000000cf [SR] Verify complete 2013-10-17 17:06:20, Info CSI 000000d0 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:20, Info CSI 000000d1 [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:27, Info CSI 000000e4 [SR] Verify complete 2013-10-17 17:06:27, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:27, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:29, Info CSI 000000e8 [SR] Verify complete 2013-10-17 17:06:30, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:30, Info CSI 000000ea [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:30, Info CSI 000000ec [SR] Verify complete 2013-10-17 17:06:30, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:30, Info CSI 000000ee [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:33, Info CSI 000000f0 [SR] Verify complete 2013-10-17 17:06:33, Info CSI 000000f1 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:33, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:37, Info CSI 000000f4 [SR] Verify complete 2013-10-17 17:06:38, Info CSI 000000f5 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:38, Info CSI 000000f6 [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:48, Info CSI 000000fa [SR] Verify complete 2013-10-17 17:06:48, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:48, Info CSI 000000fc [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:51, Info CSI 000000fe [SR] Verify complete 2013-10-17 17:06:52, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:52, Info CSI 00000100 [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:53, Info CSI 00000102 [SR] Verify complete 2013-10-17 17:06:53, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:53, Info CSI 00000104 [SR] Beginning Verify and Repair transaction 2013-10-17 17:06:59, Info CSI 00000106 [SR] Verify complete 2013-10-17 17:06:59, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:06:59, Info CSI 00000108 [SR] Beginning Verify and Repair transaction 2013-10-17 17:07:03, Info CSI 0000010a [SR] Verify complete 2013-10-17 17:07:03, Info CSI 0000010b [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:07:03, Info CSI 0000010c [SR] Beginning Verify and Repair transaction 2013-10-17 17:07:09, Info CSI 0000010e [SR] Verify complete 2013-10-17 17:07:09, Info CSI 0000010f [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:07:09, Info CSI 00000110 [SR] Beginning Verify and Repair transaction 2013-10-17 17:07:19, Info CSI 00000113 [SR] Verify complete 2013-10-17 17:07:19, Info CSI 00000114 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:07:19, Info CSI 00000115 [SR] Beginning Verify and Repair transaction 2013-10-17 17:07:25, Info CSI 0000012c [SR] Verify complete 2013-10-17 17:07:25, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:07:25, Info CSI 0000012e [SR] Beginning Verify and Repair transaction 2013-10-17 17:07:30, Info CSI 00000130 [SR] Verify complete 2013-10-17 17:07:30, Info CSI 00000131 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:07:30, Info  CSI 00000132 [SR] Beginning Verify and Repair transaction 2013-10-17 17:07:45, Info CSI 00000134 [SR] Verify complete 2013-10-17 17:07:45, Info CSI 00000135 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:07:45, Info CSI 00000136 [SR] Beginning Verify and Repair transaction 2013-10-17 17:07:56, Info CSI 00000139 [SR] Verify complete 2013-10-17 17:07:56, Info CSI 0000013a [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:07:56, Info CSI 0000013b [SR] Beginning Verify and Repair transaction 2013-10-17 17:08:03, Info CSI 0000013d [SR] Verify complete 2013-10-17 17:08:03, Info CSI 0000013e [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:08:03, Info CSI 0000013f [SR] Beginning Verify and Repair transaction 2013-10-17 17:08:08, Info CSI 00000141 [SR] Verify complete 2013-10-17 17:08:08, Info CSI 00000142 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:08:08, Info CSI 00000143 [SR] Beginning Verify and Repair transaction 2013-10-17 17:08:13, Info CSI 00000145 [SR] Verify complete 2013-10-17 17:08:13, Info CSI 00000146 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:08:13, Info CSI 00000147 [SR] Beginning Verify and Repair transaction 2013-10-17 17:08:17, Info CSI 0000014b [SR] Verify complete 2013-10-17 17:08:17, Info CSI 0000014c [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:08:17, Info CSI 0000014d [SR] Beginning Verify and Repair transaction 2013-10-17 17:08:23, Info CSI 0000014f [SR] Verify complete 2013-10-17 17:08:24, Info CSI 00000150 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:08:24, Info CSI 00000151 [SR] Beginning Verify and Repair transaction 2013-10-17 17:08:37, Info CSI 00000153 [SR] Verify complete 2013-10-17 17:08:37, Info CSI 00000154 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:08:37, Info CSI 00000155 [SR] Beginning Verify and Repair transaction 2013-10-17 17:08:43, Info CSI 00000158 [SR] Verify complete 2013-10-17 17:08:43, Info CSI 00000159 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:08:43, Info CSI 0000015a [SR] Beginning Verify and Repair transaction 2013-10-17 17:08:49, Info CSI 0000015d [SR] Verify complete 2013-10-17 17:08:49, Info CSI 0000015e [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:08:49, Info CSI 0000015f [SR] Beginning Verify and Repair transaction 2013-10-17 17:08:55, Info CSI 00000161 [SR] Verify complete 2013-10-17 17:08:55, Info CSI 00000162 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:08:55, Info CSI 00000163 [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:04, Info CSI 00000166 [SR] Verify complete 2013-10-17 17:09:04, Info CSI 00000167 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:04, Info CSI 00000168 [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:08, Info CSI 0000016a [SR] Verify complete 2013-10-17 17:09:08, Info CSI 0000016b [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:08, Info CSI 0000016c [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:13, Info CSI 0000016e [SR] Verify complete 2013-10-17 17:09:14, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:14, Info CSI 00000170 [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:18, Info CSI 00000173 [SR] Verify complete 2013-10-17 17:09:19, Info CSI 00000174 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:19, Info CSI 00000175 [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:25, Info CSI 00000177 [SR] Verify complete 2013-10-17 17:09:25, Info CSI 00000178 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:25, Info CSI 00000179 [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:28, Info CSI 0000017b [SR] Verify complete 2013-10-17 17:09:29, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:29, Info CSI 0000017d [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:34, Info CSI 00000180 [SR] Verify complete 2013-10-17 17:09:34, Info CSI 00000181 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:34, Info CSI 00000182 [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:40, Info CSI 00000185 [SR] Verify complete 2013-10-17 17:09:40, Info CSI 00000186 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:40, Info CSI 00000187 [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:45, Info CSI 0000018a [SR] Verify complete 2013-10-17 17:09:45, Info CSI 0000018b [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:45, Info CSI 0000018c [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:51, Info CSI 0000018e [SR] Verify complete 2013-10-17 17:09:52, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:52, Info CSI 00000190 [SR] Beginning Verify and Repair transaction 2013-10-17 17:09:57, Info CSI 00000193 [SR] Verify complete 2013-10-17 17:09:57, Info CSI 00000194 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:09:57, Info CSI 00000195 [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:01, Info CSI 00000197 [SR] Verify complete 2013-10-17 17:10:01, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:01, Info CSI 00000199 [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:04, Info CSI 0000019b [SR] Verify complete 2013-10-17 17:10:04, Info CSI 0000019c [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:04, Info CSI 0000019d [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:08, Info CSI 0000019f [SR] Verify complete 2013-10-17 17:10:08, Info CSI 000001a0 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:08, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:13, Info CSI 000001a3 [SR] Verify complete 2013-10-17 17:10:13, Info CSI 000001a4 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:13, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:18, Info CSI 000001a7 [SR] Verify complete 2013-10-17 17:10:18, Info CSI 000001a8 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:18, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:21, Info CSI 000001ab [SR] Verify complete 2013-10-17 17:10:22, Info CSI 000001ac [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:22, Info CSI 000001ad [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:27, Info CSI 000001af [SR] Verify complete 2013-10-17 17:10:27, Info CSI 000001b0 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:27, Info CSI 000001b1 [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:40, Info CSI 000001b3 [SR] Verify complete 2013-10-17 17:10:40, Info CSI 000001b4 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:40, Info CSI 000001b5 [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:51, Info CSI 000001b7 [SR] Verify complete 2013-10-17 17:10:51, Info CSI 000001b8 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:51, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:56, Info CSI 000001bb [SR] Verify complete 2013-10-17 17:10:56, Info CSI 000001bc [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:56, Info CSI 000001bd [SR] Beginning Verify and Repair transaction 2013-10-17 17:10:59, Info CSI 000001bf [SR] Verify complete 2013-10-17 17:10:59, Info CSI 000001c0 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:10:59, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:02, Info CSI 000001c3 [SR] Verify complete 2013-10-17 17:11:02, Info CSI 000001c4 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:02, Info CSI 000001c5 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:06, Info CSI 000001c7 [SR] Verify complete 2013-10-17 17:11:06, Info CSI 000001c8 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:06, Info CSI 000001c9 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:10, Info CSI 000001cb [SR] Verify complete 2013-10-17 17:11:10, Info CSI 000001cc [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:10, Info CSI 000001cd [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:12, Info CSI 000001cf [SR] Verify complete 2013-10-17 17:11:12, Info CSI 000001d0 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:12, Info CSI 000001d1 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:14, Info CSI 000001d3 [SR] Verify complete 2013-10-17 17:11:14, Info CSI 000001d4 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:14, Info CSI 000001d5 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:20, Info CSI 000001dd [SR] Verify complete 2013-10-17 17:11:21, Info CSI 000001de [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:21, Info CSI 000001df [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:29, Info CSI 000001e1 [SR] Verify complete 2013-10-17 17:11:30, Info CSI 000001e2 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:30, Info CSI 000001e3 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:32, Info CSI 000001e5 [SR] Verify complete 2013-10-17 17:11:33, Info CSI 000001e6 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:33, Info CSI 000001e7 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:36, Info CSI 000001e9 [SR] Verify complete 2013-10-17 17:11:37, Info CSI 000001ea [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:37, Info CSI 000001eb [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:42, Info CSI 000001ee [SR] Verify complete 2013-10-17 17:11:43, Info CSI 000001ef [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:43, Info CSI 000001f0 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:47, Info CSI 000001f2 [SR] Verify complete 2013-10-17 17:11:48, Info CSI 000001f3 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:48, Info CSI 000001f4 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:49, Info CSI 000001f6 [SR] Verify complete 2013-10-17 17:11:49, Info CSI 000001f7 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:49, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction 2013-10-17 17:11:54, Info CSI 000001fa [SR] Verify complete 2013-10-17 17:11:54, Info CSI 000001fb [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:11:54, Info CSI 000001fc [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:04, Info CSI 00000201 [SR] Verify complete 2013-10-17 17:12:05, Info CSI 00000202 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:05, Info CSI 00000203 [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:11, Info CSI 00000208 [SR] Verify complete 2013-10-17 17:12:11, Info CSI 00000209 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:11, Info CSI 0000020a [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:18, Info CSI 0000020d [SR] Verify complete 2013-10-17 17:12:18, Info CSI 0000020e [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:18, Info CSI 0000020f [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:24, Info CSI 0000021a [SR] Verify complete 2013-10-17 17:12:24, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:24, Info CSI 0000021c [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:30, Info CSI 00000222 [SR] Verify complete 2013-10-17 17:12:30, Info CSI 00000223 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:30, Info CSI 00000224 [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:34, Info CSI 00000226 [SR] Verify complete 2013-10-17 17:12:34, Info CSI 00000227 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:34, Info CSI 00000228 [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:37, Info CSI 0000022c [SR] Verify complete 2013-10-17 17:12:37, Info CSI 0000022d [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:37, Info CSI 0000022e [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:41, Info CSI 00000238 [SR] Verify complete 2013-10-17 17:12:41, Info CSI 00000239 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:41, Info CSI 0000023a [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:46, Info CSI 00000257 [SR] Verify complete 2013-10-17 17:12:46, Info CSI 00000258 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:46, Info CSI 00000259 [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:50, Info CSI 0000025b [SR] Verify complete 2013-10-17 17:12:51, Info CSI 0000025c [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:51, Info CSI 0000025d [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:55, Info CSI 0000025f [SR] Verify complete 2013-10-17 17:12:56, Info CSI 00000260 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:56, Info CSI 00000261 [SR] Beginning Verify and Repair transaction 2013-10-17 17:12:58, Info CSI 00000263 [SR] Verify complete 2013-10-17 17:12:59, Info CSI 00000264 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:12:59, Info CSI 00000265 [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:02, Info CSI 00000273 [SR] Verify complete 2013-10-17 17:13:02, Info CSI 00000274 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:02, Info CSI 00000275 [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:11, Info CSI 00000277 [SR] Verify complete 2013-10-17 17:13:11, Info CSI 00000278 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:11, Info CSI 00000279 [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:16, Info CSI 00000287 [SR] Verify complete 2013-10-17 17:13:16, Info CSI 00000288 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:16, Info CSI 00000289 [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:18, Info CSI 0000028b [SR] Verify complete 2013-10-17 17:13:18, Info CSI 0000028c [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:18, Info CSI 0000028d [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:24, Info CSI 00000290 [SR] Verify complete 2013-10-17 17:13:24, Info CSI 00000291 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:24, Info CSI 00000292 [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:26, Info CSI 00000294 [SR] Verify complete 2013-10-17 17:13:26, Info CSI 00000295 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:26, Info CSI 00000296 [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:27, Info CSI 00000298 [SR] Verify complete 2013-10-17 17:13:28, Info CSI 00000299 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:28, Info CSI 0000029a [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:34, Info CSI 0000029c [SR] Verify complete 2013-10-17 17:13:34, Info CSI 0000029d [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:34, Info CSI 0000029e [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:38, Info CSI 000002a0 [SR] Verify complete 2013-10-17 17:13:38, Info CSI 000002a1 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:38, Info CSI 000002a2 [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:44, Info CSI 000002bc [SR] Verify complete 2013-10-17 17:13:45, Info CSI 000002bd [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:45, Info CSI 000002be [SR] Beginning Verify and Repair transaction 2013-10-17 17:13:49, Info CSI 000002c0 [SR] Verify complete 2013-10-17 17:13:49, Info CSI 000002c1 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:13:49, Info CSI 000002c2 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:01, Info CSI 000002c4 [SR] Verify complete 2013-10-17 17:14:01, Info  CSI 000002c5 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:01, Info CSI 000002c6 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:04, Info CSI 000002c8 [SR] Verify complete 2013-10-17 17:14:05, Info CSI 000002c9 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:05, Info CSI 000002ca [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:07, Info CSI 000002ce [SR] Verify complete 2013-10-17 17:14:07, Info CSI 000002cf [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:07, Info CSI 000002d0 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:10, Info CSI 000002d2 [SR] Verify complete 2013-10-17 17:14:11, Info CSI 000002d3 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:11, Info CSI 000002d4 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:15, Info CSI 000002d6 [SR] Verify complete 2013-10-17 17:14:15, Info CSI 000002d7 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:15, Info CSI 000002d8 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:18, Info CSI 000002da [SR] Verify complete 2013-10-17 17:14:18, Info CSI 000002db [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:18, Info CSI 000002dc [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:22, Info CSI 000002df [SR] Verify complete 2013-10-17 17:14:22, Info CSI 000002e0 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:22, Info CSI 000002e1 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:25, Info CSI 000002e3 [SR] Verify complete 2013-10-17 17:14:25, Info CSI 000002e4 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:25, Info CSI 000002e5 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:29, Info CSI 000002e7 [SR] Verify complete 2013-10-17 17:14:29, Info CSI 000002e8 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:29, Info CSI 000002e9 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:32, Info CSI 000002eb [SR] Verify complete 2013-10-17 17:14:33, Info CSI 000002ec [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:33, Info CSI 000002ed [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:38, Info CSI 000002f0 [SR] Verify complete 2013-10-17 17:14:39, Info CSI 000002f1 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:39, Info CSI 000002f2 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:42, Info CSI 000002f4 [SR] Verify complete 2013-10-17 17:14:42, Info CSI 000002f5 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:42, Info CSI 000002f6 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:46, Info CSI 000002f8 [SR] Verify complete 2013-10-17 17:14:47, Info CSI 000002f9 [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:47, Info CSI 000002fa [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:50, Info CSI 000002fc [SR] Verify complete 2013-10-17 17:14:51, Info CSI 000002fd [SR] Verifying 100 (0x0000000000000064) components 2013-10-17 17:14:51, Info CSI 000002fe [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:55, Info CSI 00000300 [SR] Verify complete 2013-10-17 17:14:55, Info CSI 00000301 [SR] Verifying 8 components 2013-10-17 17:14:55, Info CSI 00000302 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:55, Info CSI 00000304 [SR] Verify complete 2013-10-17 17:14:55, Info CSI 00000305 [SR] Repairing 0 components 2013-10-17 17:14:55, Info CSI 00000306 [SR] Beginning Verify and Repair transaction 2013-10-17 17:14:55, Info CSI 00000308 [SR] Repair complete


----------



## breizhoubzh

How could I remove the tasks set for Winzip Registry Optimizer?


----------



## blues_harp28

CHKDSK 'Repair complete'
While waiting for Mark to return.
Run a Mem Test.
http://www.memtest.org/

Download the ISO file from one of the links above to your desktop.
Then burn the ISO to a Cd.
Start the Pc using the Cd and run the memory test overnight or for at least 8 passes.

It is best to run a full scan on individual Ram sticks if you can.
Or run the test but if any errors are shown - then remove all sticks of Ram and test each Ram stick one at a time.

How to Test your RAM
http://www.bleepingcomputer.com/forums/topic207910.html


----------



## breizhoubzh

Sorry, how do I run the memtest?
I cannot see the link in the website.


----------



## blues_harp28

You can run an internal MemTest in Windows.
But it is best to use an external MemTest.

Click the Windows 7 Start button.
Type memory
Click on Windows Memory Diagnostic
When the Windows Memory Diagnostic screen loads.

Click Restart now and check for problems
You computer will restart
The memory diagnostic will run and may take some time
Windows will restart and report any errors to you.
======

http://www.memtest.org/download/5.01/memtest86+-5.01.iso.zip

How to Burn an ISO Image to a Disc
http://www.howtogeek.com/howto/14183/beginner-geek-how-to-burn-an-iso-image-to-a-disc/


----------



## breizhoubzh

No errors detected using Windows Memory Diagnostic


----------



## blues_harp28

Windows Memory Diagnostic - is Windows checking Windows.
Run the external MemTest.


----------



## Mark1956

Follow this guide to use Memtest 86+. The System File Checker and the disc check appear to be ok.

Download Memtest86+ from here
If you wish to run the test from a USB flash drive use this link Auto installer for USB key
When the download is complete right click the file and select Extract Here and burn the image to a CD.

In windows 7 right click the extracted file, select *Open With*, then select *Windows Disc Image Burning Tool* then follow the prompts.
For all other versions of windows (if you do not have an ISO burner) download this free software. ImgBurn 
Install the program (make sure you uncheck any boxes to stop any bundled software from installing) and start the application. Select the top left hand option to *Write image file to disk* and then on the next window click on the small yellow folder icon and browse to the ISO file you have downloaded. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.

Testing


Boot the PC into the Bios setup and set the CD/DVD drive to 1st in the boot sequence.
Insert the disk in the drive then reboot and the disc will load into dos.
Leave the test to run through* at least 8 passes* or until it is showing some errors.
If errors show in the test, stop the test and remove all but one of your RAM sticks then start the test again. Repeat the test on each stick until you find the one that is faulty.

*NOTE:* This is a long slow test and for convenience should ideally be run overnight.

The memtest will not be 100% accurate but should easily detect any major faults.


----------



## breizhoubzh

Hi,

Thanks for the time you spent on my problem!
I'm happy to tell you that my issue has now been fixed!
I found that there was a .wav file on my desktop that caused the problem. Apparently explorer looped on this file, I don't know why.
I could not delete the file from the desktop and I had to restart Windows on safe mode.

The file has now been delete and it is working again

Thanks very much for your help!


----------



## Mark1956

You're most welcome and well done for figuring out the cause.


----------

