Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01
Ran by jonathan at 2015-07-19 20:36:51
Running from C:\Users\jonathan\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-2959799842-2766905096-1466013307-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2959799842-2766905096-1466013307-1002 - Limited - Enabled)
Invité (S-1-5-21-2959799842-2766905096-1466013307-501 - Limited - Disabled)
jonathan (S-1-5-21-2959799842-2766905096-1466013307-1001 - Administrator - Enabled) => C:\Users\jonathan
UpdatusUser (S-1-5-21-2959799842-2766905096-1466013307-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Akamai NetSession Interface (HKU\S-1-5-21-2959799842-2766905096-1466013307-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0056 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Caesar 3 (HKLM-x32\...\Caesar 3) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Mises à jour NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (HKLM\...\Microsoft .NET Framework 4 Client Profile FRA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
NVIDIA Pilote graphique 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
Panneau de configuration NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Utilitaires Sierra (HKLM-x32\...\Utilitaires Sierra) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
06-07-2015 17:16:26 DirectX est installé
06-07-2015 17:40:39 Removed Aeria Ignite
07-07-2015 10:15:36 Windows Update
12-07-2015 19:00:49 Sauvegarde Windows
14-07-2015 10:47:01 Windows Update
16-07-2015 07:53:11 Windows Update
17-07-2015 08:49:07 Windows Update
19-07-2015 19:00:51 Sauvegarde Windows
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 __RSH C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {26A9B8C0-584C-4897-824B-DCC8E2C77DAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-29] (Google Inc.)
Task: {291A7327-27F5-409B-AB72-E049349230DB} - System32\Tasks\{E6E39E55-1112-42E7-AF12-5D0319526FC3} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.6.0.103&LastError=404
Task: {2CC71CE2-BD56-4B8F-8807-3E1FC48A631D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-29] (Avast Software s.r.o.)
Task: {5CE3F9AE-0CB9-4085-A0D8-A7106E43CD86} - System32\Tasks\{69390F2E-BC70-4B8E-802B-C86B52D1E3B7} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.6.0.103&LastError=404
Task: {773C3764-6026-43BB-B7E5-EC7F54F3F90B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-29] (Google Inc.)
Task: {D1FB0174-975F-4E83-95F2-429F34DA0DF3} - System32\Tasks\{C468D473-57AA-46EB-A4D6-4DEAC9131E49} => pcalua.exe -a C:\Users\jonathan\Downloads\Risk_1.3\Install.exe -d C:\Users\jonathan\Downloads\Risk_1.3
Task: {E3C11F1A-50ED-40D5-B977-FD87185EDCC5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {F4BB6504-3DAA-4168-BE5C-B7134DC257B3} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2959799842-2766905096-1466013307-1001
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-06-29 16:51 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-10 17:40 - 2011-04-10 17:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-06-01 19:28 - 2015-06-01 19:28 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2015-06-29 13:06 - 2015-06-29 13:06 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-29 13:06 - 2015-06-29 13:06 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-18 12:57 - 2015-07-18 12:57 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15071803\algo.dll
2015-07-19 15:25 - 2015-07-19 15:25 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15071900\algo.dll
2015-06-29 13:06 - 2015-06-29 13:06 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-14 22:45 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 22:45 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
2015-07-14 22:45 - 2015-07-13 23:55 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2959799842-2766905096-1466013307-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2959799842-2766905096-1466013307-1001\...\aeriagames.com -> hxxp://aeriagames.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2959799842-2766905096-1466013307-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 109.88.203.3 - 62.197.111.140
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\jonathan\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FDF5358F-5ADF-4218-B679-2B4CF05D32C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{71B68CAE-EE2D-4422-A899-0CCFAC50F4E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AE5BEFE7-B2C4-4BDC-92A7-0D3ACE52D141}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{42B2E6FC-9458-475E-8BC3-02256B8DE911}C:\users\jonathan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jonathan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3A4A4650-92E6-4CA9-8998-234516A27936}C:\users\jonathan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jonathan\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{5292D24C-E9B9-4DF9-BA4C-C3A86ABA1444}C:\users\jonathan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jonathan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B97DFB9F-B7A0-4E87-9FF5-6C02B06F7821}C:\users\jonathan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jonathan\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4F8BB880-6DB0-46D8-8BE7-CCFC9FB928A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Contrôleur de bus USB
Description: Contrôleur de bus USB
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/19/2015 11:32:24 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 04:36:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 03:11:47 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 02:15:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/18/2015 01:53:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante nvtray.exe, version : 7.17.13.2702, horodatage : 0x521fc6cc
Nom du module défaillant : NvUpdt.dll_unloaded, version : 0.0.0.0, horodatage : 0x521fbdff
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000007feede67422
ID du processus défaillant : 0x568
Heure de début de l’application défaillante : 0xnvtray.exe0
Chemin d’accès de l’application défaillante : nvtray.exe1
Chemin d’accès du module défaillant: nvtray.exe2
ID de rapport : nvtray.exe3
Error: (07/18/2015 12:41:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2015 09:53:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/17/2015 08:45:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/17/2015 06:02:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2015 08:53:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/19/2015 06:56:00 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI : le BIOS ACPI essaie d’écrire sur une région d’opération PCI non autorisée (0x4). Contactez le fabricant de votre ordinateur pour une assistance technique.
Error: (07/19/2015 06:56:00 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI : le BIOS ACPI essaie d’écrire sur une région d’opération PCI non autorisée (0x4). Contactez le fabricant de votre ordinateur pour une assistance technique.
Error: (07/18/2015 01:53:46 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI : le BIOS ACPI essaie d’écrire sur une région d’opération PCI non autorisée (0x4). Contactez le fabricant de votre ordinateur pour une assistance technique.
Error: (07/18/2015 01:53:46 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI : le BIOS ACPI essaie d’écrire sur une région d’opération PCI non autorisée (0x4). Contactez le fabricant de votre ordinateur pour une assistance technique.
Error: (07/18/2015 12:40:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Windows Installer n’a pas pu démarrer en raison de l’erreur :
%%1053
Error: (07/18/2015 12:40:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Windows Installer.
Error: (07/18/2015 12:12:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Windows Installer s’est terminé de façon inattendue pour la 3ème fois.
Error: (07/18/2015 12:07:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Installer s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 300000 millisecondes : Redémarrer le service.
Error: (07/18/2015 12:05:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Installer s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.
Error: (07/17/2015 06:30:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Programme d’installation pour les modules Windows s’est terminé de façon inattendue pour la 4ème fois.
Microsoft Office:
=========================
Error: (07/19/2015 11:32:24 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 04:36:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 03:11:47 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 02:15:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/18/2015 01:53:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvtray.exe7.17.13.2702521fc6ccNvUpdt.dll_unloaded0.0.0.0521fbdffc0000005000007feede6742256801d0c0e1cc25a0d3C:\Program Files\NVIDIA Corporation\Display\nvtray.exeNvUpdt.dlla8d871d8-2d43-11e5-8fe6-485b39e79275
Error: (07/18/2015 12:41:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2015 09:53:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/17/2015 08:45:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/17/2015 06:02:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2015 08:53:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 43%
Total physical RAM: 3884.48 MB
Available physical RAM: 2191.53 MB
Total Virtual: 7767.16 MB
Available Virtual: 5557.23 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:334.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Disque D) (Fixed) (Total:465.76 GB) (Free:313.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 70863547)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4A1B0B8E)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of log ============================
Ran by jonathan at 2015-07-19 20:36:51
Running from C:\Users\jonathan\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-2959799842-2766905096-1466013307-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2959799842-2766905096-1466013307-1002 - Limited - Enabled)
Invité (S-1-5-21-2959799842-2766905096-1466013307-501 - Limited - Disabled)
jonathan (S-1-5-21-2959799842-2766905096-1466013307-1001 - Administrator - Enabled) => C:\Users\jonathan
UpdatusUser (S-1-5-21-2959799842-2766905096-1466013307-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Akamai NetSession Interface (HKU\S-1-5-21-2959799842-2766905096-1466013307-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0056 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Caesar 3 (HKLM-x32\...\Caesar 3) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Mises à jour NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (HKLM\...\Microsoft .NET Framework 4 Client Profile FRA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
NVIDIA Pilote graphique 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
Panneau de configuration NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Utilitaires Sierra (HKLM-x32\...\Utilitaires Sierra) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
06-07-2015 17:16:26 DirectX est installé
06-07-2015 17:40:39 Removed Aeria Ignite
07-07-2015 10:15:36 Windows Update
12-07-2015 19:00:49 Sauvegarde Windows
14-07-2015 10:47:01 Windows Update
16-07-2015 07:53:11 Windows Update
17-07-2015 08:49:07 Windows Update
19-07-2015 19:00:51 Sauvegarde Windows
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 __RSH C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {26A9B8C0-584C-4897-824B-DCC8E2C77DAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-29] (Google Inc.)
Task: {291A7327-27F5-409B-AB72-E049349230DB} - System32\Tasks\{E6E39E55-1112-42E7-AF12-5D0319526FC3} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.6.0.103&LastError=404
Task: {2CC71CE2-BD56-4B8F-8807-3E1FC48A631D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-29] (Avast Software s.r.o.)
Task: {5CE3F9AE-0CB9-4085-A0D8-A7106E43CD86} - System32\Tasks\{69390F2E-BC70-4B8E-802B-C86B52D1E3B7} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.6.0.103&LastError=404
Task: {773C3764-6026-43BB-B7E5-EC7F54F3F90B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-29] (Google Inc.)
Task: {D1FB0174-975F-4E83-95F2-429F34DA0DF3} - System32\Tasks\{C468D473-57AA-46EB-A4D6-4DEAC9131E49} => pcalua.exe -a C:\Users\jonathan\Downloads\Risk_1.3\Install.exe -d C:\Users\jonathan\Downloads\Risk_1.3
Task: {E3C11F1A-50ED-40D5-B977-FD87185EDCC5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {F4BB6504-3DAA-4168-BE5C-B7134DC257B3} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2959799842-2766905096-1466013307-1001
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-06-29 16:51 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-10 17:40 - 2011-04-10 17:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-06-01 19:28 - 2015-06-01 19:28 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2015-06-29 13:06 - 2015-06-29 13:06 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-29 13:06 - 2015-06-29 13:06 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-18 12:57 - 2015-07-18 12:57 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15071803\algo.dll
2015-07-19 15:25 - 2015-07-19 15:25 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15071900\algo.dll
2015-06-29 13:06 - 2015-06-29 13:06 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-14 22:45 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 22:45 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
2015-07-14 22:45 - 2015-07-13 23:55 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2959799842-2766905096-1466013307-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2959799842-2766905096-1466013307-1001\...\aeriagames.com -> hxxp://aeriagames.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2959799842-2766905096-1466013307-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 109.88.203.3 - 62.197.111.140
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\jonathan\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FDF5358F-5ADF-4218-B679-2B4CF05D32C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{71B68CAE-EE2D-4422-A899-0CCFAC50F4E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AE5BEFE7-B2C4-4BDC-92A7-0D3ACE52D141}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{42B2E6FC-9458-475E-8BC3-02256B8DE911}C:\users\jonathan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jonathan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3A4A4650-92E6-4CA9-8998-234516A27936}C:\users\jonathan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jonathan\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{5292D24C-E9B9-4DF9-BA4C-C3A86ABA1444}C:\users\jonathan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jonathan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B97DFB9F-B7A0-4E87-9FF5-6C02B06F7821}C:\users\jonathan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jonathan\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4F8BB880-6DB0-46D8-8BE7-CCFC9FB928A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Contrôleur de bus USB
Description: Contrôleur de bus USB
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/19/2015 11:32:24 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 04:36:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 03:11:47 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 02:15:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/18/2015 01:53:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante nvtray.exe, version : 7.17.13.2702, horodatage : 0x521fc6cc
Nom du module défaillant : NvUpdt.dll_unloaded, version : 0.0.0.0, horodatage : 0x521fbdff
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000007feede67422
ID du processus défaillant : 0x568
Heure de début de l’application défaillante : 0xnvtray.exe0
Chemin d’accès de l’application défaillante : nvtray.exe1
Chemin d’accès du module défaillant: nvtray.exe2
ID de rapport : nvtray.exe3
Error: (07/18/2015 12:41:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2015 09:53:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/17/2015 08:45:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/17/2015 06:02:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2015 08:53:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/19/2015 06:56:00 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI : le BIOS ACPI essaie d’écrire sur une région d’opération PCI non autorisée (0x4). Contactez le fabricant de votre ordinateur pour une assistance technique.
Error: (07/19/2015 06:56:00 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI : le BIOS ACPI essaie d’écrire sur une région d’opération PCI non autorisée (0x4). Contactez le fabricant de votre ordinateur pour une assistance technique.
Error: (07/18/2015 01:53:46 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI : le BIOS ACPI essaie d’écrire sur une région d’opération PCI non autorisée (0x4). Contactez le fabricant de votre ordinateur pour une assistance technique.
Error: (07/18/2015 01:53:46 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI : le BIOS ACPI essaie d’écrire sur une région d’opération PCI non autorisée (0x4). Contactez le fabricant de votre ordinateur pour une assistance technique.
Error: (07/18/2015 12:40:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Windows Installer n’a pas pu démarrer en raison de l’erreur :
%%1053
Error: (07/18/2015 12:40:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Windows Installer.
Error: (07/18/2015 12:12:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Windows Installer s’est terminé de façon inattendue pour la 3ème fois.
Error: (07/18/2015 12:07:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Installer s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 300000 millisecondes : Redémarrer le service.
Error: (07/18/2015 12:05:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Installer s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.
Error: (07/17/2015 06:30:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Programme d’installation pour les modules Windows s’est terminé de façon inattendue pour la 4ème fois.
Microsoft Office:
=========================
Error: (07/19/2015 11:32:24 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 04:36:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 03:11:47 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2015 02:15:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/18/2015 01:53:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvtray.exe7.17.13.2702521fc6ccNvUpdt.dll_unloaded0.0.0.0521fbdffc0000005000007feede6742256801d0c0e1cc25a0d3C:\Program Files\NVIDIA Corporation\Display\nvtray.exeNvUpdt.dlla8d871d8-2d43-11e5-8fe6-485b39e79275
Error: (07/18/2015 12:41:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2015 09:53:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/17/2015 08:45:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/17/2015 06:02:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2015 08:53:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 43%
Total physical RAM: 3884.48 MB
Available physical RAM: 2191.53 MB
Total Virtual: 7767.16 MB
Available Virtual: 5557.23 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:334.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Disque D) (Fixed) (Total:465.76 GB) (Free:313.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 70863547)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4A1B0B8E)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of log ============================