cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2015
Ran by user at 2015-04-26 11:09:14
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-8605231-3056671493-1948616188-500 - Administrator - Enabled) => C:\Users\Administrateur
HomeGroupUser$ (S-1-5-21-8605231-3056671493-1948616188-1002 - Limited - Enabled)
Invité (S-1-5-21-8605231-3056671493-1948616188-501 - Limited - Disabled)
user (S-1-5-21-8605231-3056671493-1948616188-1001 - Administrator - Enabled) => C:\Users\user

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.34 alpha (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
ADS (HKLM\...\ADS_is1) (Version: 1.0.5.0 - Juan M. Aguirregabiria)
bestadblocker (HKLM\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
DirectTribble (HKLM\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{bff42538}) (Version: - DirectTribble) <==== ATTENTION
EZDownloader (HKLM\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader) <==== ATTENTION
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
InCtrl5 (HKLM\...\InCtrl5) (Version: - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 fr) (HKLM\...\Mozilla Firefox 37.0.2 (x86 fr)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
My theme for Google (HKLM\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
MyPC Backup (HKLM\...\OLBPre) (Version: - MyPC Backup) <==== ATTENTION
Notepad++ (HKLM\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
Oracle VM VirtualBox Guest Additions 4.3.20 (HKLM\...\Oracle VM VirtualBox Guest Additions) (Version: 4.3.20.0 - Oracle Corporation)
SalePlus (HKLM\...\{B696F285-F54E-2524-58B1-E06A70ABE6BE}) (Version: - ) <==== ATTENTION
Shadow Defender (HKLM\...\{93A07A0D-454E-43d1-86A9-5DE9C5F4411A}) (Version: 1.4.0.578 - ShadowDefender.com)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
Vbsedit (HKLM\...\Vbsedit) (Version: 6.7.4.0 - Adersoft)
Windows Resource Kit Tools - SubInAcl.exe (HKLM\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
ZebHelpProcess 2015 (HKLM\...\ZebHelpProcess_is1) (Version: 2015 - Nicolas Coolman)
ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-8605231-3056671493-1948616188-1001_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\user\AppData\Local\Temp\8A50\temp\9000.exe ()

==================== Restore Points =========================

15-04-2015 11:33:47 Windows Update
16-04-2015 11:56:21 coucou
20-04-2015 14:20:06 test
23-04-2015 09:41:39 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E2F1FC3-688F-4347-A4A8-8F0A2263F58A} - System32\Tasks\Bidaily Synchronize Task => C:\ProgramData\{1468d0ac-ba95-09df-1468-8d0acba942b2}\Acronis True Image 2015 v18.0.5539 Bootable Media iSO Activator.exe [2014-04-26] ()
Task: {14FBBC49-ED4D-4A67-B0B8-6537B5F6E783} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-02] (Google Inc.)
Task: {2F916328-7D34-4C63-A4E1-1516A6C2510A} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3CCF3737-0AB6-4CD4-8817-00B93C3F570D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {4D31ED9E-BBF5-4BD4-9D23-4DCA9558D336} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {53FBA74A-184D-4BAC-8698-53D1004CDE2B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {C677D4D0-402B-4EC4-992D-6AC05EAC5965} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {D7CF244D-C745-4E0F-ADB7-D16A627ACC91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-02] (Google Inc.)
Task: {DF104394-686B-4FB1-B98A-E2DE5E0E5ED7} - System32\Tasks\LaunchPreSignup => C:\Program Files\OLBPre\OLBPre.exe [2015-04-25] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Bidaily Synchronize Task.job => C:\ProgramData\{1468d0ac-ba95-09df-1468-8d0acba942b2}\Acronis True Image 2015 v18.0.5539 Bootable Media iSO Activator.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-12-02 11:06 - 2013-10-23 16:23 - 00089136 _____ () C:\Windows\System32\cpwmon2k.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2015-04-26 10:54 - 2015-04-26 10:54 - 01592832 _____ () c:\Program Files\UpgradeLeader\UpgradeLeader.dll
2015-04-25 04:58 - 2015-04-25 04:58 - 01283584 _____ () C:\Program Files\OLBPre\OLBPre.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{0CBD4F48-3751-475D-BE88-4F271385B672} => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{0CBD4F48-3751-475D-BE88-4F271385B672} => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-8605231-3056671493-1948616188-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/26/2015 10:56:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante D400.exe, version : 0.0.0.0, horodatage : 0x50e24e72
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0087006b
ID du processus défaillant : 0xf90
Heure de début de l’application défaillante : 0xD400.exe0
Chemin d’accès de l’application défaillante : D400.exe1
Chemin d’accès du module défaillant: D400.exe2
ID de rapport : D400.exe3

Error: (04/26/2015 10:54:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante plugin-container.exe, version : 37.0.2.5583, horodatage : 0x552ef76c
Nom du module défaillant : mozalloc.dll, version : 37.0.2.5583, horodatage : 0x552ee9ae
Code d’exception : 0x80000003
Décalage d’erreur : 0x00001aa1
ID du processus défaillant : 0xf78
Heure de début de l’application défaillante : 0xplugin-container.exe0
Chemin d’accès de l’application défaillante : plugin-container.exe1
Chemin d’accès du module défaillant: plugin-container.exe2
ID de rapport : plugin-container.exe3

Error: (04/26/2015 08:33:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 08:29:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2015 09:34:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2015 04:39:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2015 09:39:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2015 09:46:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbamscheduler.exe, version : 3.1.2.0, horodatage : 0x5450097e
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00400000
ID du processus défaillant : 0x618
Heure de début de l’application défaillante : 0xmbamscheduler.exe0
Chemin d’accès de l’application défaillante : mbamscheduler.exe1
Chemin d’accès du module défaillant: mbamscheduler.exe2
ID de rapport : mbamscheduler.exe3

Error: (04/20/2015 08:39:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 08:43:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/26/2015 08:33:59 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Le service Heimdal Service est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement.

Error: (04/26/2015 08:33:38 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Le service Heimdal Service est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement.

Error: (04/23/2015 04:38:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service VirtualBox Guest Additions Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (04/23/2015 09:54:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service VirtualBox Guest Additions Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (04/18/2015 03:08:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service MBAMScheduler s’est terminé de façon inattendue pour la 1ème fois.

Error: (04/18/2015 02:45:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service VirtualBox Guest Additions Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (03/27/2015 07:59:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.

Error: (03/27/2015 07:59:36 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Le service Windows Search s’est arrêté avec l’erreur service particulière %%-1073473535.

Error: (03/11/2015 09:09:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 17:56:01 le ‎11/‎03/‎2015 n’était pas prévu.

Error: (03/11/2015 09:44:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Windows Search n’a pas pu démarrer en raison de l’erreur :
%%1053


Microsoft Office Sessions:
=========================
Error: (04/26/2015 10:56:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: D400.exe0.0.0.050e24e72unknown0.0.0.000000000c00000050087006bf9001d07ffed4b66121C:\Users\user\AppData\Local\Temp\D400.exeunknown1275ef41-ebf2-11e4-b26b-0800278e09aa

Error: (04/26/2015 10:54:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1f7801d07ffea32bb871C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dlle82e1ca1-ebf1-11e4-b26b-0800278e09aa

Error: (04/26/2015 08:33:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 08:29:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2015 09:34:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2015 04:39:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2015 09:39:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2015 09:46:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamscheduler.exe3.1.2.05450097eunknown0.0.0.000000000c00000050040000061801d07b348c921772C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exeunknown4ffa6a7f-e731-11e4-b3c9-0800278e09aa

Error: (04/20/2015 08:39:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 08:43:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
Percentage of memory in use: 59%
Total physical RAM: 1535.55 MB
Available physical RAM: 620.27 MB
Total Pagefile: 3071.11 MB
Available Pagefile: 1894.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1866.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:49.9 GB) (Free:33.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 50 GB) (Disk ID: 90263CFD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité