Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015 Ran by MPB at 2015-06-01 15:01:22 Running from C:\Users\MPB\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-3352013796-1883607798-2691066181-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-3352013796-1883607798-2691066181-1002 - Limited - Enabled) Invité (S-1-5-21-3352013796-1883607798-2691066181-501 - Limited - Disabled) MPB (S-1-5-21-3352013796-1883607798-2691066181-1000 - Administrator - Enabled) => C:\Users\MPB ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.5.7828 - CyberLink Corp.) Acer Arcade Deluxe (x32 Version: 4.5.7828 - CyberLink Corp.) Hidden Acer Arcade Movie (x32 Version: 9.0.6629 - CyberLink Corp.) Hidden Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated) Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated) Adobe Flash Player 10 Plugin 64-bit (HKLM\...\Adobe Flash Player Plugin 64) (Version: 10.3.162.28 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden AIDA64 Extreme v4.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.) Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version: - Oberon Media) Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media) Analyseur et SDK MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Any Video Converter 5.7.3 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) AOMEI Backupper Standard Edition 2.8 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software) Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation) Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media) Canon Inkjet Printer Driver Add-On Module V2.00 (HKLM\...\CANONIJINBOXADDON200) (Version: - ) Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version: - ) Canon MP460 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.09 - Piriform) Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media) DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software) eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM) Enregistrement utilisateur de Canon MP460 (HKLM-x32\...\Enregistrement utilisateur de Canon MP460) (Version: - ) eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.0.5 - SCS Software) Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media) Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Earth (HKLM-x32\...\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}) (Version: 4.1.7087.5048 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden HDClone 5.1.5 Free Edition (HKLM\...\Miray.HDClone.Free.5.1.5.1036-{371FF2ED-AE4C-4F66-A3F4-08AD1DF91986}) (Version: 5.1 - Miray Software AG) Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media) Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LibreOffice 4.2.5.2 (HKLM-x32\...\{8D8F47B2-0E03-4C50-9803-A01120878F96}) (Version: 4.2.5.2 - The Document Foundation) Ma-Config.com (64 bits) (HKLM\...\{E1322B8A-6F66-44ED-95D5-7FEBC50AC814}) (Version: 7.1.5.0 - Cybelsoft) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) MediaShow Espresso (x32 Version: 5.5.1713_26701 - CyberLink Corp.) Hidden Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works 7.0 (HKLM-x32\...\{64D114CE-4234-45C2-B60A-2B07D5A48F72}) (Version: 07.02.0000 - Microsoft Corporation) Mises à jour NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Mozilla Firefox 38.0.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 fr)) (Version: 38.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden Nero 9 Essentials (HKLM-x32\...\{109c3c61-a763-470f-abde-0d4a4f2c95d0}) (Version: - Nero AG) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA Logiciel système PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Pilote graphique 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) OpenOffice.org 3.3 (HKLM-x32\...\{7E0610A2-E336-40B3-B685-C4905E97EC9A}) (Version: 3.3.9567 - OpenOffice.org) Panneau de configuration NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version: - Oberon Media) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.) ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.) Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media) VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN) Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) ZHPDiag 2015 (HKLM-x32\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 21-05-2015 09:21:45 Point de contrôle planifié 22-05-2015 00:37:51 Windows Update 22-05-2015 23:57:31 Windows Update 23-05-2015 14:34:27 Windows Update 24-05-2015 01:00:11 Windows Update 24-05-2015 02:58:57 Windows Update 24-05-2015 12:33:53 Windows Update 24-05-2015 22:00:36 Windows Update 26-05-2015 01:00:16 Windows Update 26-05-2015 02:12:01 Windows Update 26-05-2015 13:45:42 Windows Update 26-05-2015 23:44:20 Windows Update 27-05-2015 17:19:36 Windows Update 27-05-2015 23:46:39 Windows Update 28-05-2015 15:30:19 Windows Update 28-05-2015 16:42:43 Installed Microsoft Fix it 50123 28-05-2015 16:44:34 Installed Microsoft Fix it 50123 28-05-2015 17:40:06 Windows Update 29-05-2015 01:22:26 Windows Update 30-05-2015 03:09:29 Windows Update 30-05-2015 08:44:17 Windows Update 30-05-2015 14:34:51 Windows Update 30-05-2015 14:51:39 avast! antivirus system restore point 30-05-2015 15:35:17 Windows Update 30-05-2015 15:44:37 Windows Update 30-05-2015 16:12:06 Windows Update 30-05-2015 16:14:29 Windows Update 30-05-2015 16:23:45 Windows Update 30-05-2015 16:31:53 Windows Update 30-05-2015 16:48:59 Windows Update 30-05-2015 16:52:02 Windows Update 30-05-2015 16:53:39 Windows Update 30-05-2015 16:59:45 Windows Update 30-05-2015 17:01:54 Windows Update 30-05-2015 17:21:21 Windows Update 30-05-2015 17:29:01 Windows Update 30-05-2015 17:42:07 Windows Update 30-05-2015 17:50:55 Windows Update 30-05-2015 18:07:39 Windows Update 30-05-2015 18:41:15 Windows Update 30-05-2015 23:11:22 Windows Update 01-06-2015 02:18:01 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {047A2B97-EE1B-4616-9D7D-9A90CB2B8F71} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-20] (Avast Software s.r.o.) Task: {1E046AA1-4E1D-41F5-B1C9-15E27CC26409} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {333CDCC6-7DE2-43B5-B492-7BB3FF306F8F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {406C88F1-C407-4C5A-AC5E-7AEB9EBFB79C} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-27] (Microsoft Corporation) Task: {491B2EF2-CA2A-44CD-B0BD-7FE227F8F825} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd) Task: {85394B2E-1822-42FC-9E16-205B6BB8105E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3352013796-1883607798-2691066181-1000 Task: {984474CF-EC53-4BE4-8D77-9A595BA83934} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {AEB84AD3-0D88-4847-B72B-1445F3A81999} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.) Task: {C81F34FB-AC13-4687-922F-9A665D45AE0E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {D0ABF199-28CE-4F94-8079-B1D67B18D4B4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {F05F1F94-A935-44ED-AE48-0C4A6EA98144} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-26] (Adobe Systems Incorporated) Task: {FC853A58-11BB-49F3-84C1-F896ECAD166A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2012-11-25 13:02 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2007-10-10 15:38 - 2010-05-13 07:23 - 00244904 _____ () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe 2010-08-04 14:40 - 2010-08-04 14:40 - 00611872 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe 2015-05-20 23:01 - 2015-05-20 23:01 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-20 23:01 - 2015-05-20 23:01 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-06-01 12:36 - 2015-06-01 12:36 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15060100\algo.dll 2015-05-20 17:26 - 2015-05-11 15:56 - 00286424 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00224984 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00290520 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00286424 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00966360 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00122584 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00278232 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00347864 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00069336 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00253656 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00155352 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00483032 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00175832 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00110296 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll 2015-05-20 17:26 - 2015-05-11 15:56 - 00691928 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll 2015-05-20 17:26 - 2015-05-11 15:55 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll 2015-05-20 17:26 - 2015-02-26 00:00 - 02403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll 2011-01-17 16:19 - 2011-09-02 23:38 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2010-08-04 11:47 - 2010-08-04 11:47 - 00144896 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll 2015-05-20 23:01 - 2015-05-20 23:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-05-19 02:42 - 2015-05-19 02:42 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\MPB\Desktop\à tranformer pour mp3.AVI:TOC.WMV ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3352013796-1883607798-2691066181-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MPB\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 212.27.40.240 - 212.27.40.241 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1B4B3BF7-1C52-42C3-87FA-624641631C29}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe FirewallRules: [{8C2F07CE-524C-4473-B1F9-08CB66047C40}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe FirewallRules: [{78F482B9-1969-4850-8112-917C3E4A9A08}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\CLMLSvc.exe FirewallRules: [{2AD21550-9A06-47E2-8621-5D463542A8DA}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe FirewallRules: [{F519814C-E772-4561-B597-96F114EBDB83}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{4F6ACE43-D1AD-420F-9667-0CFAEE90E708}] => (Allow) LPort=2869 FirewallRules: [{CE3A7ED2-4DA5-4EF1-8CDB-D3F15DA77187}] => (Allow) LPort=1900 FirewallRules: [{C37C557C-9D7D-4617-A700-0799C26F4CEB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{5C762744-4DB0-4648-8459-5385210DE179}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{78E83E0D-BB38-42A7-8EA2-79B3ADA35B3A}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe FirewallRules: [TCP Query User{9FBAB699-2AF4-4056-A23F-8BF5188B7892}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin FirewallRules: [UDP Query User{AE1345DE-61E2-4E66-B46C-097B850472B1}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin FirewallRules: [{FF6180A5-2F03-42C7-A59B-C5DBCA51AD92}] => (Allow) LPort=48113 FirewallRules: [{60D27030-51E2-4977-AC62-E95CDABF71A2}] => (Allow) LPort=48114 FirewallRules: [{D7798BE1-A7D4-4002-A8C1-3E6983ECDB8C}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{2F0E6F70-428A-4DFB-B4AD-66D61C070E4F}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{ADB65C0D-31FB-418B-B5A2-C5645AB78FC9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9EA508AC-42A0-4599-A628-C5A8CD867483}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{7A4D9E28-EAD8-480F-8B2C-10D6FE3E836E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{0B595272-F375-4C34-B669-D24DA74FA625}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{9D6F44DF-09AE-4908-8B44-64F3DF90C7E0}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{9FC328EE-DDA1-438C-9686-1A07B3F1C123}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{D41716A2-39CD-428E-A6F7-4DEAFCFD5C11}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Souris Microsoft PS/2 Description: Souris Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (06/01/2015 10:26:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante dismhost.exe, version : 6.1.7601.18489, horodatage : 0x53882a0d Nom du module défaillant : ntdll.dll, version : 6.1.7601.18839, horodatage : 0x553e8bfa Code d’exception : 0xc0000374 Décalage d’erreur : 0x00000000000bfc22 ID du processus défaillant : 0x10e0 Heure de début de l’application défaillante : 0xdismhost.exe0 Chemin d’accès de l’application défaillante : dismhost.exe1 Chemin d’accès du module défaillant: dismhost.exe2 ID de rapport : dismhost.exe3 Error: (05/31/2015 10:55:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante dismhost.exe, version : 6.1.7601.18489, horodatage : 0x53882a0d Nom du module défaillant : ntdll.dll, version : 6.1.7601.18839, horodatage : 0x553e8bfa Code d’exception : 0xc0000374 Décalage d’erreur : 0x00000000000bfc22 ID du processus défaillant : 0x1064 Heure de début de l’application défaillante : 0xdismhost.exe0 Chemin d’accès de l’application défaillante : dismhost.exe1 Chemin d’accès du module défaillant: dismhost.exe2 ID de rapport : dismhost.exe3 Error: (05/31/2015 00:08:01 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.WorkflowServices, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020 Error: (05/31/2015 00:06:16 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.MediaCenter.ITVVM, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020 Error: (05/31/2015 00:05:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: ehshell, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020 Error: (05/31/2015 09:27:55 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: PresentationFramework, Version=3.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020 Error: (05/26/2015 09:25:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante dismhost.exe, version : 6.1.7601.18489, horodatage : 0x53882a0d Nom du module défaillant : ntdll.dll, version : 6.1.7601.18798, horodatage : 0x5507b864 Code d’exception : 0xc0000374 Décalage d’erreur : 0x00000000000bf922 ID du processus défaillant : 0x17a8 Heure de début de l’application défaillante : 0xdismhost.exe0 Chemin d’accès de l’application défaillante : dismhost.exe1 Chemin d’accès du module défaillant: dismhost.exe2 ID de rapport : dismhost.exe3 Error: (05/26/2015 09:21:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante explorer.exe, version : 6.1.7601.17567, horodatage : 0x4d6727a7 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0018f6c6 ID du processus défaillant : 0x103c Heure de début de l’application défaillante : 0xexplorer.exe0 Chemin d’accès de l’application défaillante : explorer.exe1 Chemin d’accès du module défaillant: explorer.exe2 ID de rapport : explorer.exe3 Error: (05/25/2015 09:45:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante plugin-container.exe, version : 38.0.1.5611, horodatage : 0x55541a90 Nom du module défaillant : mozalloc.dll, version : 38.0.1.5611, horodatage : 0x55540a1e Code d’exception : 0x80000003 Décalage d’erreur : 0x00001aa1 ID du processus défaillant : 0x6d4 Heure de début de l’application défaillante : 0xplugin-container.exe0 Chemin d’accès de l’application défaillante : plugin-container.exe1 Chemin d’accès du module défaillant: plugin-container.exe2 ID de rapport : plugin-container.exe3 Error: (05/24/2015 07:05:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante nvtray.exe, version : 7.17.13.3523, horodatage : 0x5315c9f7 Nom du module défaillant : ntdll.dll, version : 6.1.7601.18798, horodatage : 0x5507b864 Code d’exception : 0xc0000374 Décalage d’erreur : 0x00000000000bf922 ID du processus défaillant : 0xff0 Heure de début de l’application défaillante : 0xnvtray.exe0 Chemin d’accès de l’application défaillante : nvtray.exe1 Chemin d’accès du module défaillant: nvtray.exe2 ID de rapport : nvtray.exe3 System errors: ============= Error: (06/01/2015 01:49:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : cdrom Error: (06/01/2015 08:42:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x800700b7 : Mise à jour pour Windows 7 pour ordinateurs à processeur x64 (KB3013531). Error: (06/01/2015 08:35:08 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : cdrom Error: (06/01/2015 02:18:59 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Le service Diagnostics Tracking Service ne s’est pas fermé correctement après avoir reçu une commande d’anticipation de fermeture. Error: (05/31/2015 09:30:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x800700b7 : Mise à jour pour Windows 7 pour ordinateurs à processeur x64 (KB3013531). Error: (05/31/2015 09:21:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service AvastVBox COM Service n’a pas pu démarrer en raison de l’erreur : %%1053 Error: (05/31/2015 09:21:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service AvastVBox COM Service. Error: (05/31/2015 09:21:06 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1053AvastVBoxSvc{F319F1B8-7587-4146-AF9C-0D6D77819BF1} Error: (05/31/2015 09:20:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : cdrom Error: (05/31/2015 09:16:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Windows Defender s’est arrêté avec l’erreur : %%-2147024882 Microsoft Office: ========================= Error: (06/01/2015 10:26:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: dismhost.exe6.1.7601.1848953882a0dntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc2210e001d09c42ed3e1482C:\Windows\TEMP\A218E17C-F1BD-4D58-86AD-9BE19341A32B\dismhost.exeC:\Windows\SYSTEM32\ntdll.dlld5015746-0837-11e5-80ab-f80f411e95b4 Error: (05/31/2015 10:55:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: dismhost.exe6.1.7601.1848953882a0dntdll.dll6.1.7601.18839553e8bfac000037400000000000bfc22106401d09be14e7eec4aC:\Windows\TEMP\DD9ACF49-9A96-47A5-BB12-651F6033BE98\dismhost.exeC:\Windows\SYSTEM32\ntdll.dll6323c4c5-07d7-11e5-8c90-f80f411e95b4 Error: (05/31/2015 00:08:01 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.WorkflowServices, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020 System.WorkflowServices, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil Error: (05/31/2015 00:06:16 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.MediaCenter.ITVVM, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020 Microsoft.MediaCenter.ITVVM, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 Error: (05/31/2015 00:05:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: ehshell, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020 ehshell, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil Error: (05/31/2015 09:27:55 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: PresentationFramework, Version=3.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020 PresentationFramework, Version=3.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil Error: (05/26/2015 09:25:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: dismhost.exe6.1.7601.1848953882a0dntdll.dll6.1.7601.187985507b864c000037400000000000bf92217a801d09781b5ac18e3C:\Windows\TEMP\0EEC91D5-B25D-4EAA-BFB3-5E1241926373\dismhost.exeC:\Windows\SYSTEM32\ntdll.dll51357e62-0378-11e5-a54f-f80f411e95b4 Error: (05/26/2015 09:21:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d6727a7unknown0.0.0.000000000c00000050018f6c6103c01d097848fcbca68C:\Windows\SysWOW64\explorer.exeunknownd5fa5053-0377-11e5-a54f-f80f411e95b4 Error: (05/25/2015 09:45:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa16d401d0971e20591658C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll97425976-0316-11e5-a43c-f80f411e95b4 Error: (05/24/2015 07:05:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: nvtray.exe7.17.13.35235315c9f7ntdll.dll6.1.7601.187985507b864c000037400000000000bf922ff001d09643c969f9baC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\SYSTEM32\ntdll.dll0a0407e0-0237-11e5-b20a-f80f411e95b4 ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU E6700 @ 3.20GHz Percentage of memory in use: 46% Total physical RAM: 4095.18 MB Available physical RAM: 2210.57 MB Total Pagefile: 8188.56 MB Available Pagefile: 6048.61 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:456.92 GB) (Free:347.32 GB) NTFS Drive d: (Data) (Fixed) (Total:456.92 GB) (Free:194.19 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9E8B7E1A) Partition 1: (Not Active) - (Size=17.6 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=456.9 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=456.9 GB) - (Type=07 NTFS) ==================== End of log ============================