Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2014 02 Ran by KillerVirus at 2014-02-28 18:22:04 Running from C:\Users\KillerVirus\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) FreeFixer (HKLM-x32\...\FreeFixer1.09) (Version: 1.09 - Kephyr) Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Oracle VM VirtualBox Guest Additions 4.3.6 (HKLM\...\Oracle VM VirtualBox Guest Additions) (Version: 4.3.6.0 - Oracle Corporation) Skype™ 6.7 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.) ==================== Restore Points ========================= 28-02-2014 16:47:52 Point de contrôle planifié ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= ==================== Loaded Modules (whitelisted) ============= 2014-02-28 18:13 - 2014-02-28 13:44 - 00134144 _____ () C:\Windows\sys.exe 2014-02-28 18:13 - 2014-02-28 13:54 - 00086016 _____ () C:\Users\KillerVirus\AppData\Local\Temp\SystemSecuirity.exe 2014-02-28 18:13 - 2014-02-28 18:13 - 00187904 _____ () C:\Users\KillerVirus\AppData\Local\OpenMin\miner\service.exe 2014-02-28 18:13 - 2014-02-28 18:13 - 00245795 _____ () C:\Users\KillerVirus\AppData\Local\OpenMin\miner\libcurl-4.dll 2014-02-28 18:13 - 2014-02-28 18:13 - 00100864 _____ () C:\Users\KillerVirus\AppData\Local\OpenMin\miner\zlib1.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/28/2014 06:14:30 PM) (Source: MsiInstaller) (User: KillerVirus-PC) Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL) Error: (02/28/2014 06:14:03 PM) (Source: Application Error) (User: ) Description: Nom de l’application défaillante service.exe, version : 1.0.0.0, horodatage : 0x530f9948 Nom du module défaillant : msvcrt.dll, version : 7.0.7601.17744, horodatage : 0x4eeaf722 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00009b60 ID du processus défaillant : 0x1034 Heure de début de l’application défaillante : 0xservice.exe0 Chemin d’accès de l’application défaillante : service.exe1 Chemin d’accès du module défaillant: service.exe2 ID de rapport : service.exe3 Error: (02/28/2014 06:14:03 PM) (Source: .NET Runtime) (User: ) Description: Application: service.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.AccessViolationException Stack: at System.Drawing.SafeNativeMethods+Gdip.GdipCreateFontFamilyFromName(System.String, System.Runtime.InteropServices.HandleRef, IntPtr ByRef) at System.Drawing.FontFamily.CreateFontFamily(System.String, System.Drawing.Text.FontCollection) at System.Drawing.FontFamily..ctor(System.String, Boolean) at System.Drawing.Font.Initialize(System.String, Single, System.Drawing.FontStyle, System.Drawing.GraphicsUnit, Byte, Boolean) at System.Drawing.Font..ctor(System.String, Single, System.Drawing.FontStyle, System.Drawing.GraphicsUnit, Byte) at XF.Form1.InitializeComponent() at XF.Form1..ctor() at XF.Program.Main() Error: (02/28/2014 06:13:58 PM) (Source: MsiInstaller) (User: KillerVirus-PC) Description: Impossible de démarrer une transaction Windows Installer {61FFA475-24D5-44FB-A51F-39B699E3D82C}. Une erreur 1618 s’est produite lors du démarrage de la transaction. Error: (02/28/2014 05:21:54 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 09:44:05 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 09:28:27 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 09:04:33 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 08:42:52 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 08:37:03 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (02/28/2014 05:47:49 PM) (Source: volsnap) (User: ) Description: Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur. Error: (02/28/2014 05:20:07 PM) (Source: EventLog) (User: ) Description: L’arrêt système précédant à 21:56:01 le ‎27/‎02/‎2014 n’était pas prévu. Error: (02/27/2014 08:44:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80242016 : Mise à jour pour la liste d'affichage de compatibilité avec Internet Explorer 8 pour Windows 7 pour systèmes x64 (KB2598845). Error: (02/27/2014 08:42:49 PM) (Source: Service Control Manager) (User: ) Description: Le service Programme d’installation pour les modules Windows s’est arrêté avec l’erreur : %%16405 Error: (02/27/2014 08:39:04 PM) (Source: Service Control Manager) (User: ) Description: Le service Windows Defender s’est arrêté avec l’erreur : %%32 Error: (02/27/2014 08:38:47 PM) (Source: Service Control Manager) (User: ) Description: Le service Service de cache de police Windows s’est arrêté avec l’erreur : %%32 Error: (02/27/2014 08:38:44 PM) (Source: Service Control Manager) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (02/27/2014 08:38:39 PM) (Source: Service Control Manager) (User: ) Description: Le service Spouleur d’impression s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error: (02/27/2014 05:53:39 PM) (Source: EventLog) (User: ) Description: L’arrêt système précédant à 20:50:18 le ‎26/‎02/‎2014 n’était pas prévu. Microsoft Office Sessions: ========================= Error: (02/28/2014 06:14:30 PM) (Source: MsiInstaller)(User: KillerVirus-PC) Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL) Error: (02/28/2014 06:14:03 PM) (Source: Application Error)(User: ) Description: service.exe1.0.0.0530f9948msvcrt.dll7.0.7601.177444eeaf722c000000500009b60103401cf34a8750440dfC:\Users\KILLER~1\AppData\Local\Temp\service.exeC:\Windows\syswow64\msvcrt.dllb861b551-a09b-11e3-bdd9-0800279c440e Error: (02/28/2014 06:14:03 PM) (Source: .NET Runtime)(User: ) Description: Application: service.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.AccessViolationException Stack: at System.Drawing.SafeNativeMethods+Gdip.GdipCreateFontFamilyFromName(System.String, System.Runtime.InteropServices.HandleRef, IntPtr ByRef) at System.Drawing.FontFamily.CreateFontFamily(System.String, System.Drawing.Text.FontCollection) at System.Drawing.FontFamily..ctor(System.String, Boolean) at System.Drawing.Font.Initialize(System.String, Single, System.Drawing.FontStyle, System.Drawing.GraphicsUnit, Byte, Boolean) at System.Drawing.Font..ctor(System.String, Single, System.Drawing.FontStyle, System.Drawing.GraphicsUnit, Byte) at XF.Form1.InitializeComponent() at XF.Form1..ctor() at XF.Program.Main() Error: (02/28/2014 06:13:58 PM) (Source: MsiInstaller)(User: KillerVirus-PC) Description: {61FFA475-24D5-44FB-A51F-39B699E3D82C}1618(NULL)(NULL)(NULL)(NULL) Error: (02/28/2014 05:21:54 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 09:44:05 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 09:28:27 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 09:04:33 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 08:42:52 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2014 08:37:03 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 32% Total physical RAM: 3077.55 MB Available physical RAM: 2080.86 MB Total Pagefile: 6153.29 MB Available Pagefile: 5163.84 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:24.9 GB) (Free:8.31 GB) NTFS Drive d: (VBOXADDITIONS_4.) (CDROM) (Total:0.06 GB) (Free:0 GB) CDFS Drive z: (VBOX_Partagé) (Network) (Total:400 GB) (Free:277.07 GB) VBoxSharedFolderFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 25 GB) (Disk ID: B7C2E0F0) Partition: GPT Partition Type. ==================== End Of Log ============================