cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-05-2015 01
Ran by didOune at 2015-05-25 22:37:59
Running from C:\Users\didOune\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-3217390923-4130254451-690228699-500 - Administrator - Disabled)
didOune (S-1-5-21-3217390923-4130254451-690228699-1000 - Administrator - Enabled) => C:\Users\didOune
Invité (S-1-5-21-3217390923-4130254451-690228699-501 - Limited - Enabled) => C:\Users\Invité
UpdatusUser (S-1-5-21-3217390923-4130254451-690228699-1001 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Arcade Deluxe (HKLM\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.0.5817 - CyberLink Corp.)
Acer Arcade Deluxe (Version: 2.0.5817 - CyberLink Corp.) Hidden
Acer Crystal Eye Webcam 2.0.9.1 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 2.0.9.1 - SuYin)
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.00.3001 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.00.3001 - Acer Incorporated)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)
Acer Product Registration (HKLM\...\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}) (Version: 3.1.0.0 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.01.1205 - Acer Incorporated)
Acer System Information (HKLM\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adobe Acrobat Reader DC - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.6.606 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Broadcom Gigabit Integrated Controller (HKLM\...\{9E325417-AE9C-4EE1-A158-13DF451A5987}) (Version: 11.44.03 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2013 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Glary Utilities 2.49.0.1600 (HKLM\...\Glary Utilities_is1) (Version: 2.49.0.1600 - Glarysoft Ltd)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Java(TM) 6 Update 33 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.19.04 - JMicron Technology Corp.)
Launch Manager (HKLM\...\LManager) (Version: 2.1.09.w7 - Acer Inc.)
LightScribe 1.4.142.1 (Version: 1.4.142.1 - http://www.lightscribe.com) Hidden
Logiciel d'archivage WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}) (Version: 08.05.0822 - Microsoft Corporation)
Mirar (HKLM\...\{E0DE6B5A-4D86-4391-82AB-1F79C8BCF75D}) (Version: - )
Module linguistique Microsoft .NET Framework 3.5 SP1- fra (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - fra) (Version: - Microsoft Corporation)
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (HKLM\...\Microsoft .NET Framework 4 Client Profile FRA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 fr) (HKLM\...\Mozilla Firefox 38.0.1 (x86 fr)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.36.0 - EgisTec)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.606 - NewTech Infosystems)
NTI Backup Now Standard (Version: 5.1.2.606 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6329 - NewTech Infosystems)
NTI Media Maker 8 (Version: 8.0.2.6329 - NewTech Infosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Pilote graphique 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
Panneau de configuration NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.3.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.3.0 - SmartSound Software Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.0.4.0 - Synaptics)
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3217390923-4130254451-690228699-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)

==================== Restore Points =========================

17-04-2015 23:14:31 Sauvegarde Windows
26-04-2015 17:05:15 Opération de restauration
26-04-2015 17:21:22 Sauvegarde Windows
26-04-2015 19:26:05 Sauvegarde Windows
26-04-2015 19:35:57 Sauvegarde Windows
26-04-2015 20:20:39 Removed Bonjour
26-04-2015 20:47:38 Supprimé eSobi v2
26-04-2015 20:49:18 Removed GeekBuddy.
26-04-2015 20:52:26 Removed Microsoft Office Home and Student 2007
26-04-2015 20:54:06 Supprimé Microsoft Office Live Add-in 1.4
26-04-2015 20:54:57 Removed Microsoft Office Professional Plus 2007
26-04-2015 21:21:35 Removed Iminent
26-04-2015 21:22:14 Removed iTunes
26-04-2015 21:33:42 Supprimé Windows Live FolderShare
26-04-2015 21:34:15 Removed Sawbuck
26-04-2015 21:34:38 Removed PlayStation(R)Network Downloader.
26-04-2015 21:35:00 Removed PlayStation(R)Store.
26-04-2015 21:39:46 Removed Skype™ 6.3
26-04-2015 21:57:40 Removed Apple Application Support
26-04-2015 21:58:42 Removed Apple Mobile Device Support
03-05-2015 14:44:18 Installed Acer System Information
03-05-2015 15:10:20 Windows Update
03-05-2015 16:51:08 Windows Update
03-05-2015 17:38:56 Windows Update
03-05-2015 17:49:09 Windows Update
03-05-2015 18:09:02 Windows Live Essentials
03-05-2015 18:09:52 WLSetup
03-05-2015 18:23:06 Installed Microsoft Fix it 50123
03-05-2015 19:00:19 Sauvegarde Windows
03-05-2015 19:06:54 Programme d’installation pour les modules Windows
03-05-2015 19:32:37 Windows Update
03-05-2015 20:19:56 Windows Update
24-05-2015 05:42:56 Sauvegarde Windows
24-05-2015 20:48:36 Sauvegarde Windows
25-05-2015 17:37:30 Windows Live Essentials
25-05-2015 17:37:57 WLSetup
25-05-2015 17:44:19 Removed Media Go
25-05-2015 17:45:37 Removed Apple Software Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09E204D8-C057-4A56-BCF2-7593262D33B6} - System32\Tasks\{FCDC63B5-0D88-49DC-B372-4D3C8A8A2C0F} => pcalua.exe -a C:\Users\didOune\Downloads\LimeWire.exe -d C:\Users\didOune
Task: {40C3AE08-2440-4ED2-8149-AD710EB341D8} - System32\Tasks\{6D178D8C-74AA-476F-B4D7-5B3C6494EFCC} => C:\Users\didOune\Downloads\ChromeSetup.exe
Task: {4AFD6153-1FD6-460D-A16E-9E917F9C7BB5} - System32\Tasks\Acer\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2008-12-09] ()
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {581FFC48-371D-46B6-AE0F-535C3BDD33DF} - System32\Tasks\{013A5BFF-3F81-4B31-88D2-DA99E779283C} => C:\Users\didOune\Downloads\ChromeSetup.exe
Task: {5DDF2500-D211-4C3F-B100-A55B122B59CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {776A5A89-102B-449E-9463-434EB930A87F} - System32\Tasks\PersonalAV => C:\Program Files\PersonalAV\PersonalAV.exe
Task: {83264A8D-C73C-4673-A74A-5A66B4DCB137} - System32\Tasks\{D4FC3C15-2485-49F5-9EC3-47ED4094304E} => Chrome.exe
Task: {90B3B0DB-8FE7-45B1-9540-920626E4EC2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-03] (Adobe Systems Incorporated)
Task: {961EFE33-CC9B-47BB-A9FA-F86621DFC9D2} - System32\Tasks\GlaryInitialize => C:\Program Files\Glary Utilities\initialize.exe [2012-09-11] (Glarysoft Ltd)
Task: {9B7EFDDD-3897-4A62-B3F6-92BDBF2D78C2} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task No Task File <==== ATTENTION
Task: {9DF8350D-26BE-4769-9916-F1F8AD496F89} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-26] (Avast Software s.r.o.)
Task: {AF0215CA-1156-40A3-AB93-ADE7F98C26BC} - System32\Tasks\{110C9290-134E-4FC6-A6B0-119DAF8313C2} => C:\Users\didOune\Downloads\ChromeSetup.exe
Task: {AF164A65-F6B0-4EF7-BF7D-9B5F664B404B} - \RegistryBooster No Task File <==== ATTENTION
Task: {B9BEE219-C29E-4310-819C-147A5A0E045E} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag
Task: {BE05B4B0-BC65-4FCC-981F-EA15CA1979BC} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F564B50B-B206-4067-9965-2C5132D90721} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {FF4B5C6D-868F-4A2E-8346-9A26513EB20C} - \Norton Security Scan for didOune No Task File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\PersonalAV.job => C:\Program Files\PersonalAV\PersonalAV.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-03 17:56 - 2013-08-30 01:08 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-04-26 20:17 - 2015-04-26 20:17 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-26 20:17 - 2015-04-26 20:17 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-25 16:22 - 2015-05-25 16:22 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052500\algo.dll
2007-06-24 20:09 - 2007-06-24 20:09 - 01024000 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2007-06-24 20:09 - 2007-06-24 20:09 - 00098304 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2007-06-24 20:09 - 2007-06-24 20:09 - 00061440 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2009-01-15 08:37 - 2008-10-04 05:09 - 00069632 _____ () C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
2008-12-12 13:47 - 2007-12-06 17:15 - 00110592 _____ () C:\Acer\Mobility Center\MobilityService.exe
2008-12-12 13:47 - 2007-11-27 16:08 - 00032768 _____ () C:\Acer\Mobility Center\MobilityInterface.dll
2008-04-25 22:36 - 2008-04-25 22:36 - 00131072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2010-03-20 15:36 - 2009-04-17 19:01 - 00247152 _____ () C:\Program Files\Cyberlink\Shared files\RichVideo.exe
2009-12-25 05:49 - 2009-12-12 16:12 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2008-04-25 22:36 - 2008-04-25 22:36 - 00028672 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
2008-04-28 10:49 - 2008-04-28 10:49 - 00003072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
2008-10-08 22:49 - 2008-10-08 22:49 - 00835584 _____ () C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
2008-10-08 22:49 - 2008-10-08 22:49 - 00007680 _____ () C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
2008-12-12 13:18 - 2010-07-03 00:33 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
2015-04-26 20:17 - 2015-04-26 20:17 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-08 21:53 - 2015-04-08 21:53 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3217390923-4130254451-690228699-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\didOune\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 109.0.66.10 - 109.0.66.20

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: LManager => C:\Program Files\Launch Manager\LManager.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: PlayMovie => "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3E85D06F-5A00-47E6-B9A5-DF144BE5F59A}] => (Allow) C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
FirewallRules: [{6E3E1F9C-2D3D-4AE4-ACEE-4EF5DBB975F8}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
FirewallRules: [{C4906365-D510-4006-904F-DC31DF72D425}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe
FirewallRules: [{93EE0661-7F2E-4507-B5B3-72E589355BE9}] => (Allow) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
FirewallRules: [{6F1B00C1-2605-4D41-9B7E-8DD0286FED9D}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{4A175C4B-550A-4FC0-BAA8-BFD5033FE870}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{F451370C-53A6-41F8-88DF-D783CBB6163C}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{18AE9B7C-07EF-4B6A-BDBB-6FCF3517E47E}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{8A8FC1BE-97D8-4CAB-8EA5-13AAD65F7650}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{3C578C1E-330E-4E66-A910-FC95BEBC8991}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{2CA6CDB9-798B-4AA1-8B39-08B4A54CA9D4}] => (Allow) svchost.exe
FirewallRules: [{33D60459-C177-4684-BEB7-39403A8587CD}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{64971CCA-19F3-4A21-8247-07DBABBAD485}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F7581C0A-840D-4942-8ECB-2DFF3AE9A6C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{247DC96F-BF21-4750-87A8-94B426E9F3BA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Carte réseau sans fil 802.11n #2
Description: Carte réseau sans fil 802.11n
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Foxconn
Service: netr28
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2015 09:48:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 05:56:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme ZHPDiag.exe version 2015.5.17.49 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus : 470

Heure de début : 01d09702ec31d550

Heure de fin : 10

Chemin d’accès de l’application : C:\Program Files\ZHPDiag\ZHPDiag.exe

ID de rapport :

Error: (05/25/2015 05:37:30 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé.
.
Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.


Opération :
Données du rédacteur en cours de collecte

Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d’instance du rédacteur: {02da4253-d521-476a-badd-5cb149402ea9}

Error: (05/25/2015 04:29:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 04:10:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 04:06:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (05/25/2015 04:05:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (05/25/2015 04:03:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 ».
Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (05/25/2015 04:03:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 ».
Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (05/25/2015 04:03:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 ».
Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.


System errors:
=============
Error: (05/25/2015 04:27:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service de la passerelle de la couche Application s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.

Error: (05/25/2015 04:26:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Live ID Sign-in Assistant s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (05/25/2015 04:26:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Cyberlink RichVideo Service(CRVS) s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/25/2015 04:26:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Sony Ericsson OMSI download service s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/25/2015 04:26:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service NTI Backup Now 5 Scheduler Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/25/2015 04:26:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service NTI Backup Now 5 Backup Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/25/2015 04:26:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service MyWinLocker Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/25/2015 04:26:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service MobilityService s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/25/2015 04:26:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service MBAMService s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/25/2015 04:26:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service MBAMScheduler s’est terminé de façon inattendue pour la 1ème fois.


Microsoft Office:
=========================
Error: (05/25/2015 09:48:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 05:56:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ZHPDiag.exe2015.5.17.4947001d09702ec31d55010C:\Program Files\ZHPDiag\ZHPDiag.exe

Error: (05/25/2015 05:37:30 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Accès refusé.


Opération :
Données du rédacteur en cours de collecte

Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d’instance du rédacteur: {02da4253-d521-476a-badd-5cb149402ea9}

Error: (05/25/2015 04:29:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 04:10:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 04:06:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\sony ericsson\sony ericsson pc companion\drivers\DPInst64.exe

Error: (05/25/2015 04:05:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\sony ericsson\sony ericsson pc suite\drivers\DPInst64.exe

Error: (05/25/2015 04:03:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\EgisTec\MyWinLocker 3\x64\mwlDaemon.exe

Error: (05/25/2015 04:03:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\EgisTec\MyWinLocker 3\x64\mwlCCPSD.exe

Error: (05/25/2015 04:03:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\EgisTec\MyWinLocker 3\x64\mwlRF.exe


CodeIntegrity Errors:
===================================
Date: 2012-10-19 19:26:56.778
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Program Files\Acer\Acer ePower Management\SysHook.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2012-10-19 19:26:56.598
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Program Files\Acer\Acer ePower Management\SysHook.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2010-03-19 23:49:37.462
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2010-03-19 23:49:37.341
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2010-03-19 23:49:37.223
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2010-03-19 23:49:37.105
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2010-03-19 23:49:36.967
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2010-03-19 23:49:26.419
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\aswSP.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2010-03-19 23:49:26.301
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\aswSP.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

Date: 2010-03-19 23:49:26.182
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\aswSP.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 38%
Total physical RAM: 2814.42 MB
Available physical RAM: 1731.12 MB
Total Pagefile: 5628.84 MB
Available Pagefile: 4397.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1910.38 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:143.43 GB) (Free:44.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:144.04 GB) (Free:135.26 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 3C832A16)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=143.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité