Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Margarett at 2015-07-02 15:14:59
Running from C:\Users\Margarett\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-2740653702-3496526119-1965157059-500 - Administrator - Disabled)
Invité (S-1-5-21-2740653702-3496526119-1965157059-501 - Limited - Disabled)
Margarett (S-1-5-21-2740653702-3496526119-1965157059-1002 - Administrator - Enabled) => C:\Users\Margarett
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
123 Free Solitaire v9.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{AB1FC306-0E04-81D5-F105-C929F912CF20}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bubble Dock (HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\...\Bubble Dock) (Version: - Nosibay)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\...\HPConnectedMusic) (Version: 1.1 (build 59) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{B41C6B3F-F752-46EA-BC46-F26D3AD147B8}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{F35EE4BC-95E1-4417-BA36-7C32FF24A59A}) (Version: 1.0.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lights off! (HKLM-x32\...\Lights off!) (Version: 1.36.01.22 - BApps) <==== ATTENTION
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Nom de votre société)
PhotoFiltre 7 (HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\...\PhotoFiltre 7) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{7B83C685-3EA9-544F-9580-368394C67C3A}) (Version: 11.0.737.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.23.0 - Mediatek)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6870 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 - Realtek Semiconductor Corp.)
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
11-06-2015 21:15:37 Windows Update
27-06-2015 16:11:22 Programme d’installation pour les modules Windows
01-07-2015 15:35:48 Removed Boxore Client
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F7034A4-90A6-489A-88E1-8822A7137EE7} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-1-6 => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-1-6.exe <==== ATTENTION
Task: {10CC0D3E-14AB-4A7B-9AC2-2A88047CF0C4} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2013-01-17] (CyberLink)
Task: {330AA24F-26BC-4F10-9E17-1B7860348681} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {36DC4648-AC3A-4710-AB9A-C96173E8F3A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-11] (Microsoft Corporation)
Task: {38CA76CC-6202-4A46-B81A-F770DB4480C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {42184C06-B9F5-434E-9DF6-91B781005833} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-5_user => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-5.exe <==== ATTENTION
Task: {49422DF9-D6BD-4594-9C78-BABB822145BE} - System32\Tasks\HPCeeScheduleForMargarett => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {536CB90C-5192-4C89-9EA6-02A44C077595} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {5801B9DC-35D0-4CB0-81D7-B7E53C142F43} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {6964BF5D-F7C8-49F7-B1A1-83C793928359} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)
Task: {875D4C6D-7312-4A26-A10B-B70522BDDCEA} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {8B29D8F8-0057-4809-9C91-85ADEFD2D71F} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-5 => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-5.exe <==== ATTENTION
Task: {96F53DA7-6D78-44E4-8E12-383483B6F92E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9F6CF048-DA8F-474D-942B-DB265066357F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
Task: {AD7809DA-1877-4CA1-B177-113BC42015E8} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe <==== ATTENTION
Task: {AE5047AB-1894-4E49-B0FB-66D935AF4C4B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {B1491835-5DF2-4EF1-A9DB-014A609B4499} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BC0CB2D4-5CFD-401C-A390-2ACD505138EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
Task: {CC9EA2D8-9291-4FB9-ADC1-598051462F3F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CDDE29F2-3FC1-4894-9CCB-270EE80B3B75} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-11 => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-11.exe <==== ATTENTION
Task: {D1DFB100-A8FC-43F4-87AA-E5BEB200D32F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {DBC0E0E5-6E72-4894-B804-75BEE18CE400} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {F3257550-123B-4A82-AD26-93B377A9DB7A} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-1-7 => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-1-7.exe <==== ATTENTION
Task: {F7C3D554-56E3-483D-8555-AAE5FDF5675C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-1-6.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-1-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-1-7.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-1-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-11.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-5.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-5_user.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMargarett.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-01 15:21 - 2015-06-23 22:47 - 00348672 _____ () C:\WINDOWS\system32\Oexufafono64.dll
2013-04-16 23:51 - 2013-04-16 23:51 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-07-01 14:24 - 2015-07-01 14:24 - 00199168 _____ () C:\Users\Margarett\AppData\Roaming\33444335-1435753466-3631-424E-A45D3677113F\jnsoFCD.tmp
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2015-07-01 23:01 - 2015-07-01 23:01 - 00122368 _____ () C:\Users\Margarett\AppData\Roaming\33444335-1435753466-3631-424E-A45D3677113F\knsy15DF.tmp
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2013-02-27 17:55 - 2013-02-27 17:55 - 00381027 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2015-05-13 15:38 - 2015-05-13 15:38 - 00003584 _____ () C:\Users\Margarett\AppData\Roaming\Nosibay\Bubble Dock\WindowsHook.dll
2013-11-12 13:10 - 2013-08-05 10:51 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
2013-11-12 13:09 - 2013-08-05 12:36 - 01354504 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\FRA\P2GRC.dll
2013-11-12 13:09 - 2013-08-05 10:51 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
2013-01-31 17:04 - 2013-01-31 17:04 - 00080120 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2013-11-12 13:09 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Margarett\AppData\Roaming\Microsoft\Windows Photo Viewer\Papier peint de la Visionneuse de photos Windows.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "fst_fr_71"
HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\...\StartupApproved\Run: => "BrowserChoice"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4B7236B4-68A3-40BA-9F78-A98927FE1BAD}] => (Allow) LPort=1900
FirewallRules: [{C3E3CD8C-7A97-4C8C-8D88-0D17478EBC22}] => (Allow) LPort=2869
FirewallRules: [{3387E15B-778F-4CD3-B8E8-8C17C2232AB6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D8CAF216-B2E6-46DD-9812-6EB1708595D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D4CC9FA1-1D35-4147-A636-4D3114D3EE75}] => (Allow) C:\Users\Margarett\AppData\Local\Temp\7zS5D77.tmp\SymNRT.exe
FirewallRules: [{60537AF6-8B81-4CC4-8EA9-40A73B9D468A}] => (Allow) C:\Users\Margarett\AppData\Local\Temp\7zS5D77.tmp\SymNRT.exe
FirewallRules: [{8ED7CAB9-7A6D-4535-9E30-93A93B725F2C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{33F52FE4-5077-4939-9EEA-699159DE53B6}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{8C02C9E0-2C47-4BAF-92E6-1973523A132A}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{B251370C-863E-46E2-8A88-E22EE7C69DCD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C134AFC6-7101-4DC0-983C-5DA1F697FA62}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D8578DEE-843E-4EDC-83DB-BE03E7878B16}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D03C2802-AFF9-41E7-95EA-0E9D4EB1A927}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F2EE630E-2E19-4BF3-8059-22D7C6016500}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{48E21CA1-3372-4DB4-9435-ADCD478806FB}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{8AD978AA-AA13-4118-A0F0-864E8CF51811}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{1684B196-D225-4FB6-9B5C-DB2D47C7152E}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{80A6F20E-4879-412C-8D8D-BB08E333892F}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{8AE7D1AE-E44F-4919-A8FE-41108A860DF7}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{76BA8566-8994-4C24-A8A6-DD4881ADB1BA}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{322849EF-7949-4C54-9DCC-6A9B2AD0CE3C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15156
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15156
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/01/2015 03:40:30 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
Error: (07/01/2015 03:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme SuperOptimizer.exe version 0.0.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : 1864
Heure de début : 01d0b4017c9b8e97
Heure de fin : 2515
Chemin d’accès de l’application : C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe
ID de rapport : 4402ccc0-1ff6-11e5-bef0-0c84dc22a226
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service IHProtect Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service WindowsMangerProtect Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Infonaut 1.10.0.14 Client Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service SuperOptimizer Stats since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
System errors:
=============
Error: (07/02/2015 03:01:07 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.
Error: (07/02/2015 03:01:07 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.
Error: (07/02/2015 02:55:35 PM) (Source: DCOM) (EventID: 10010) (User: Margaret)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/02/2015 02:55:05 PM) (Source: DCOM) (EventID: 10010) (User: Margaret)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/01/2015 05:27:32 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: AUTORITE NT)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM
Error: (07/01/2015 05:20:56 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 40. L’état d’erreur de Windows SChannel est 252.
Error: (07/01/2015 03:48:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Superfetch s’est arrêté avec l’erreur :
%%1062
Error: (07/01/2015 03:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Kerning Down s’est terminé de façon inattendue pour la 1ème fois.
Error: (07/01/2015 03:43:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Encyclopaedia Enter s’est terminé de façon inattendue pour la 1ème fois.
Error: (07/01/2015 03:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service IHProtect Service n’a pas pu démarrer en raison de l’erreur :
%%3
Microsoft Office:
=========================
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15156
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15156
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/01/2015 03:40:30 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
Error: (07/01/2015 03:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SuperOptimizer.exe0.0.0.0186401d0b4017c9b8e972515C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe4402ccc0-1ff6-11e5-bef0-0c84dc22a226
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service IHProtect Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service WindowsMangerProtect Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Infonaut 1.10.0.14 Client Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service SuperOptimizer Stats since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
==================== Memory info ===========================
Processor: AMD A4-5000 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 43%
Total physical RAM: 3547.95 MB
Available physical RAM: 2014.59 MB
Total Pagefile: 4383.34 MB
Available Pagefile: 2176.66 MB
Total Virtual: 131072 MB
Available Virtual: 131071.76 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:675.65 GB) (Free:621.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.78 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: AB535687)
Partition: GPT Partition Type.
==================== End of log ============================
Ran by Margarett at 2015-07-02 15:14:59
Running from C:\Users\Margarett\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-2740653702-3496526119-1965157059-500 - Administrator - Disabled)
Invité (S-1-5-21-2740653702-3496526119-1965157059-501 - Limited - Disabled)
Margarett (S-1-5-21-2740653702-3496526119-1965157059-1002 - Administrator - Enabled) => C:\Users\Margarett
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
123 Free Solitaire v9.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{AB1FC306-0E04-81D5-F105-C929F912CF20}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bubble Dock (HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\...\Bubble Dock) (Version: - Nosibay)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\...\HPConnectedMusic) (Version: 1.1 (build 59) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{B41C6B3F-F752-46EA-BC46-F26D3AD147B8}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{F35EE4BC-95E1-4417-BA36-7C32FF24A59A}) (Version: 1.0.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lights off! (HKLM-x32\...\Lights off!) (Version: 1.36.01.22 - BApps) <==== ATTENTION
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Nom de votre société)
PhotoFiltre 7 (HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\...\PhotoFiltre 7) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{7B83C685-3EA9-544F-9580-368394C67C3A}) (Version: 11.0.737.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.23.0 - Mediatek)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6870 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 - Realtek Semiconductor Corp.)
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
11-06-2015 21:15:37 Windows Update
27-06-2015 16:11:22 Programme d’installation pour les modules Windows
01-07-2015 15:35:48 Removed Boxore Client
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F7034A4-90A6-489A-88E1-8822A7137EE7} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-1-6 => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-1-6.exe <==== ATTENTION
Task: {10CC0D3E-14AB-4A7B-9AC2-2A88047CF0C4} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2013-01-17] (CyberLink)
Task: {330AA24F-26BC-4F10-9E17-1B7860348681} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {36DC4648-AC3A-4710-AB9A-C96173E8F3A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-11] (Microsoft Corporation)
Task: {38CA76CC-6202-4A46-B81A-F770DB4480C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {42184C06-B9F5-434E-9DF6-91B781005833} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-5_user => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-5.exe <==== ATTENTION
Task: {49422DF9-D6BD-4594-9C78-BABB822145BE} - System32\Tasks\HPCeeScheduleForMargarett => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {536CB90C-5192-4C89-9EA6-02A44C077595} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {5801B9DC-35D0-4CB0-81D7-B7E53C142F43} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {6964BF5D-F7C8-49F7-B1A1-83C793928359} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)
Task: {875D4C6D-7312-4A26-A10B-B70522BDDCEA} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {8B29D8F8-0057-4809-9C91-85ADEFD2D71F} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-5 => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-5.exe <==== ATTENTION
Task: {96F53DA7-6D78-44E4-8E12-383483B6F92E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9F6CF048-DA8F-474D-942B-DB265066357F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
Task: {AD7809DA-1877-4CA1-B177-113BC42015E8} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe <==== ATTENTION
Task: {AE5047AB-1894-4E49-B0FB-66D935AF4C4B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {B1491835-5DF2-4EF1-A9DB-014A609B4499} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BC0CB2D4-5CFD-401C-A390-2ACD505138EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
Task: {CC9EA2D8-9291-4FB9-ADC1-598051462F3F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CDDE29F2-3FC1-4894-9CCB-270EE80B3B75} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-11 => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-11.exe <==== ATTENTION
Task: {D1DFB100-A8FC-43F4-87AA-E5BEB200D32F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {DBC0E0E5-6E72-4894-B804-75BEE18CE400} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {F3257550-123B-4A82-AD26-93B377A9DB7A} - System32\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-1-7 => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-1-7.exe <==== ATTENTION
Task: {F7C3D554-56E3-483D-8555-AAE5FDF5675C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-1-6.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-1-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-1-7.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-1-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-11.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-5.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\b9d4741e-de49-4497-92de-bda5c30cc8db-5_user.job => C:\Program Files (x86)\Lights off!\b9d4741e-de49-4497-92de-bda5c30cc8db-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMargarett.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-01 15:21 - 2015-06-23 22:47 - 00348672 _____ () C:\WINDOWS\system32\Oexufafono64.dll
2013-04-16 23:51 - 2013-04-16 23:51 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-07-01 14:24 - 2015-07-01 14:24 - 00199168 _____ () C:\Users\Margarett\AppData\Roaming\33444335-1435753466-3631-424E-A45D3677113F\jnsoFCD.tmp
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2015-07-01 23:01 - 2015-07-01 23:01 - 00122368 _____ () C:\Users\Margarett\AppData\Roaming\33444335-1435753466-3631-424E-A45D3677113F\knsy15DF.tmp
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2013-02-27 17:55 - 2013-02-27 17:55 - 00381027 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2015-05-13 15:38 - 2015-05-13 15:38 - 00003584 _____ () C:\Users\Margarett\AppData\Roaming\Nosibay\Bubble Dock\WindowsHook.dll
2013-11-12 13:10 - 2013-08-05 10:51 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
2013-11-12 13:09 - 2013-08-05 12:36 - 01354504 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\FRA\P2GRC.dll
2013-11-12 13:09 - 2013-08-05 10:51 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
2013-01-31 17:04 - 2013-01-31 17:04 - 00080120 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2013-11-12 13:09 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Margarett\AppData\Roaming\Microsoft\Windows Photo Viewer\Papier peint de la Visionneuse de photos Windows.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "fst_fr_71"
HKU\S-1-5-21-2740653702-3496526119-1965157059-1002\...\StartupApproved\Run: => "BrowserChoice"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4B7236B4-68A3-40BA-9F78-A98927FE1BAD}] => (Allow) LPort=1900
FirewallRules: [{C3E3CD8C-7A97-4C8C-8D88-0D17478EBC22}] => (Allow) LPort=2869
FirewallRules: [{3387E15B-778F-4CD3-B8E8-8C17C2232AB6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D8CAF216-B2E6-46DD-9812-6EB1708595D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D4CC9FA1-1D35-4147-A636-4D3114D3EE75}] => (Allow) C:\Users\Margarett\AppData\Local\Temp\7zS5D77.tmp\SymNRT.exe
FirewallRules: [{60537AF6-8B81-4CC4-8EA9-40A73B9D468A}] => (Allow) C:\Users\Margarett\AppData\Local\Temp\7zS5D77.tmp\SymNRT.exe
FirewallRules: [{8ED7CAB9-7A6D-4535-9E30-93A93B725F2C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{33F52FE4-5077-4939-9EEA-699159DE53B6}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{8C02C9E0-2C47-4BAF-92E6-1973523A132A}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{B251370C-863E-46E2-8A88-E22EE7C69DCD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C134AFC6-7101-4DC0-983C-5DA1F697FA62}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D8578DEE-843E-4EDC-83DB-BE03E7878B16}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D03C2802-AFF9-41E7-95EA-0E9D4EB1A927}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F2EE630E-2E19-4BF3-8059-22D7C6016500}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{48E21CA1-3372-4DB4-9435-ADCD478806FB}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{8AD978AA-AA13-4118-A0F0-864E8CF51811}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{1684B196-D225-4FB6-9B5C-DB2D47C7152E}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{80A6F20E-4879-412C-8D8D-BB08E333892F}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{8AE7D1AE-E44F-4919-A8FE-41108A860DF7}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{76BA8566-8994-4C24-A8A6-DD4881ADB1BA}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{322849EF-7949-4C54-9DCC-6A9B2AD0CE3C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15156
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15156
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/01/2015 03:40:30 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
Error: (07/01/2015 03:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme SuperOptimizer.exe version 0.0.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : 1864
Heure de début : 01d0b4017c9b8e97
Heure de fin : 2515
Chemin d’accès de l’application : C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe
ID de rapport : 4402ccc0-1ff6-11e5-bef0-0c84dc22a226
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service IHProtect Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service WindowsMangerProtect Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Infonaut 1.10.0.14 Client Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service SuperOptimizer Stats since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
System errors:
=============
Error: (07/02/2015 03:01:07 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.
Error: (07/02/2015 03:01:07 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.
Error: (07/02/2015 02:55:35 PM) (Source: DCOM) (EventID: 10010) (User: Margaret)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/02/2015 02:55:05 PM) (Source: DCOM) (EventID: 10010) (User: Margaret)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/01/2015 05:27:32 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: AUTORITE NT)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM
Error: (07/01/2015 05:20:56 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 40. L’état d’erreur de Windows SChannel est 252.
Error: (07/01/2015 03:48:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Superfetch s’est arrêté avec l’erreur :
%%1062
Error: (07/01/2015 03:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Kerning Down s’est terminé de façon inattendue pour la 1ème fois.
Error: (07/01/2015 03:43:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Encyclopaedia Enter s’est terminé de façon inattendue pour la 1ème fois.
Error: (07/01/2015 03:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service IHProtect Service n’a pas pu démarrer en raison de l’erreur :
%%3
Microsoft Office:
=========================
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15156
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15156
Error: (07/02/2015 02:33:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/01/2015 03:40:30 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
Error: (07/01/2015 03:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SuperOptimizer.exe0.0.0.0186401d0b4017c9b8e972515C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe4402ccc0-1ff6-11e5-bef0-0c84dc22a226
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service IHProtect Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service WindowsMangerProtect Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Infonaut 1.10.0.14 Client Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
Error: (07/01/2015 03:36:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service SuperOptimizer Stats since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
==================== Memory info ===========================
Processor: AMD A4-5000 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 43%
Total physical RAM: 3547.95 MB
Available physical RAM: 2014.59 MB
Total Pagefile: 4383.34 MB
Available Pagefile: 2176.66 MB
Total Virtual: 131072 MB
Available Virtual: 131071.76 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:675.65 GB) (Free:621.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.78 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: AB535687)
Partition: GPT Partition Type.
==================== End of log ============================