Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015 Ran by fabrice at 2015-06-01 00:26:08 Running from C:\Users\fabrice\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-3371329971-4072045630-1851483191-500 - Administrator - Disabled) fabrice (S-1-5-21-3371329971-4072045630-1851483191-1001 - Administrator - Enabled) => C:\Users\fabrice HomeGroupUser$ (S-1-5-21-3371329971-4072045630-1851483191-1003 - Limited - Enabled) Invité (S-1-5-21-3371329971-4072045630-1851483191-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3009 - Acer Incorporated) abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.08.2003.3 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated) Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3008 - Acer Incorporated) Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated) Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.06.2004 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated) Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated) Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated) Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated) Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2011.1 - Acer Incorporated) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.07.2004.0 - Acer Incorporated) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden BitTorrent (HKU\S-1-5-21-3371329971-4072045630-1851483191-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform) CVitae 5 (HKLM-x32\...\{5988C473-7D71-4B59-857B-8DA5C701FBFF}) (Version: 1.0.15 - Semantis) CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.) Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation) Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.) Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.) Glary Utilities Pro 2.41.0.1358 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.41.0.1358 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden Host App Service (HKU\S-1-5-21-3371329971-4072045630-1851483191-1001\...\Pokki) (Version: 0.269.7.611 - Pokki) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation) Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 15.0.4719.1002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3371329971-4072045630-1851483191-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21257 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7300 - Realtek Semiconductor Corp.) Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer) The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3371329971-4072045630-1851483191-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-3371329971-4072045630-1851483191-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\fabrice\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 13-05-2015 10:10:30 Windows Update 18-05-2015 18:26:53 avast! antivirus system restore point 21-05-2015 21:36:09 Installé CVitae 5 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07DFDF14-BA80-4174-BF18-76DE72D18C86} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-18] (Avast Software s.r.o.) Task: {0BFC0D29-2083-4F58-8E36-FE36DF8F0C09} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated) Task: {1726B7F9-92FB-4BC2-AE24-202C002F779F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-20] (Microsoft Corporation) Task: {1DD619FE-F8C3-4EDB-A9BB-F41A9E4108D5} - System32\Tasks\YKJTHV => C:\Users\fabrice\AppData\Roaming\YKJTHV.exe <==== ATTENTION Task: {24F4880F-D562-4E89-9F66-CC0CEEB421B6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate) Task: {2EC4C1A0-5F1C-45B8-9582-248D14461671} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18] (Google Inc.) Task: {39E39A31-9849-40AA-A0CB-7ACB24364965} - System32\Tasks\{B72A7A72-125F-4C0A-BDFE-477F68AF0E66} => pcalua.exe -a C:\Users\fabrice\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs Task: {39F504B9-7A92-4E01-A954-4F6CD40B1A35} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated) Task: {4856C5F7-DF26-4211-9D29-55B4C2791A06} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd) Task: {53B9250D-4447-41EB-9641-63A380FFD009} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation) Task: {587BACBE-0E87-4409-A374-FA54EC4A65DD} - \ee91d97f-6a26-4b00-ba53-0b31aee206b5-5 No Task File <==== ATTENTION Task: {630FEE60-6058-4CC0-BF2D-3EB7F0A4B950} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate) Task: {6C32E763-E9B4-494B-AA81-E1E4EA863A6D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {6C6C3050-2846-418D-B912-083C76DF499A} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: ) Task: {A6E10883-F4A2-4825-8369-F262C7A8E81A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] () Task: {A92E9CAE-3B0D-49AE-81A4-DFB77D11CD37} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18] (Google Inc.) Task: {AEA041B0-352F-41C2-B818-49627EDDBB6A} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-05-06] (Acer) Task: {AEDA4E9D-AF95-41C4-9573-CCCCCC0A0128} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {AF3E95BD-AC3A-44E3-AA75-E01466893649} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-20] (Microsoft Corporation) Task: {B5C03BD9-CE36-423F-AF59-5CB4E1201E9B} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate) Task: {BDA44D90-3192-4EF2-8396-BF5C55B3C3C4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation) Task: {BEBF53A4-B42F-40FD-94CC-775B2F1EC91B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] () Task: {C6469DC5-BC3D-4367-9255-2413E1B623C3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {CA65B110-E98D-4490-9A25-2356FCEEF437} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated) Task: {CBF959E3-A169-4977-8F2D-7E08D6985B79} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2011-12-27] (Glarysoft Ltd) Task: {DBD90F8F-9B4C-4BA8-BF90-C7DD5E8E9C98} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation) Task: {F0BF90A2-F09B-4881-AD1E-8D190D2B4A9E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for OM-fabrice OM => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-10] (Microsoft Corporation) Task: {F558DBB0-E41F-4590-ACDD-4774B3EE8FB6} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3371329971-4072045630-1851483191-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\YKJTHV.job => C:\Users\fabrice\AppData\Roaming\YKJTHV.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2015-05-09 17:56 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-08-29 14:43 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2014-03-13 01:00 - 2014-03-13 01:00 - 00055528 _____ () C:\Program Files\Acer\User Experience Improvement Program\Framework\AcrHttp.dll 2014-08-29 14:47 - 2014-07-01 23:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2014-02-25 23:14 - 2014-02-25 23:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2014-02-25 23:11 - 2014-02-25 23:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2014-02-25 23:17 - 2014-02-25 23:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2015-05-08 20:50 - 2015-05-08 20:50 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2015-05-09 18:58 - 2015-05-09 18:58 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll 2015-05-18 18:37 - 2015-05-18 18:37 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-18 18:37 - 2015-05-18 18:37 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-05-20 22:01 - 2015-05-20 22:01 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15052000\algo.dll 2015-05-30 22:32 - 2015-05-30 22:32 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15053001\algo.dll 2015-05-31 22:22 - 2015-05-31 22:22 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15053101\algo.dll 2014-12-06 21:04 - 2013-12-10 01:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-05-12 14:08 - 2015-05-12 14:08 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2015-05-06 10:08 - 2015-05-06 10:08 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2014-07-01 10:57 - 2014-07-01 10:57 - 00279296 _____ () C:\Program Files (x86)\Acer\AcerCloud Docs\libcurl.dll 2015-05-08 10:41 - 2015-05-08 10:41 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2015-05-08 10:41 - 2015-05-08 10:41 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2015-05-08 10:41 - 2015-05-08 10:41 - 00641792 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2015-05-08 10:41 - 2015-05-08 10:41 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2015-05-18 18:37 - 2015-05-18 18:37 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-05-06 16:04 - 2015-05-06 16:04 - 00203008 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll 2015-05-06 16:04 - 2015-05-06 16:04 - 00119552 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll 2014-08-29 14:47 - 2014-07-01 23:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll 2015-05-26 15:05 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll 2015-05-26 15:05 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\fabrice\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3371329971-4072045630-1851483191-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fabrice\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.254 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3371329971-4072045630-1851483191-1001\...\StartupApproved\Run: => "Pokki" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{EF166C6C-4DF4-408A-99E8-D43862DF7787}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{7567631B-D0C1-43F3-97D7-63267B78BB8B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{6B0982E2-B7CF-4ABB-A6CB-B757A20780E3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{4703E519-AF36-40D1-8A21-032538E7F0BB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{DFE963E3-D114-48A6-84CE-D26E132A9399}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{F63B0517-E2DE-425B-AE55-EE4F78A4809B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{7545002E-41DD-4141-9441-FE145C4886B6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{8FFD7BBB-0009-47A2-97CF-748B6035F31B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{D75D7061-37C1-4A87-9B02-18050FC057B2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{0E61E42E-DB9A-4778-B9EC-9998B45F6775}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{DE40BE37-17DD-4F40-AB55-135B74179637}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{496F151D-0F9A-48BD-97C4-CB2AA3C6F84B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{0DA8CA1E-EC14-4EA1-AC7D-7DBF731B42ED}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{A94DE0B9-A78D-40A6-9574-512BD4875BD8}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{4E59A127-2414-44C3-AA37-E214E62A5682}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{4F319ECE-79AD-4637-8123-8AC838AA8239}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{7AA59E69-048F-4318-B471-EDBC81F6CB84}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{486B0B4C-2FA2-4199-8775-0BDAA6D831EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{35EAFC51-003C-465E-828D-71FC50EF3C2C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{48E4A1E6-3F5E-40B0-8512-13757F5FF6CF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{67D29876-142C-4DDC-BBDB-7E084B8698B4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{DDE51701-1013-4564-877A-91E076DC8C23}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{C8D83E42-4620-431D-B3F2-D255105E815B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{10D5126C-FB42-46C9-8065-210D9BCA5DB9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{CDDB3828-00AF-42A0-93E9-63CE002C9869}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{FC97F43B-7416-4C0E-A023-1E29C2E9D1C3}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{B34CFBC1-41EE-4D4D-BCD7-E5F75C90F0C6}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{2B6CA060-6722-4F5D-BB05-FA82AB0521B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{BCFAB7EC-FCEC-43B8-B0F8-8202CB9F4F86}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{B075BA4E-7DB3-4B71-96BA-E842CF922AC9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{8545DB7B-4CB9-4FD4-A510-92466FD96748}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{2A027C37-F33D-4C79-AB63-D20103708700}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{ED08BE36-5A72-431F-9AF2-728562B25DD7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{60C9F78F-A6C8-4352-9D69-D2DC0E7347F5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{EB6A0115-ACF5-4627-B259-1DD5D6D4B91A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{5F3E08D8-F11C-4E36-8173-AB6CE19182A6}] => (Allow) C:\Users\fabrice\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{F6160E15-6338-47BE-99C2-DBDD286C4B3C}] => (Allow) C:\Users\fabrice\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{70CFB86C-31A6-496B-B5DB-134FE3B7446D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A818940A-825B-44F1-936E-E4C19A0BCEFA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{65F74D69-B88F-4D55-A32F-8C8B7BBD3955}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FCD633CA-E2E0-49EC-B28A-313F838CCADB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6366AACB-562D-4900-9675-9D5F792B1F81}] => (Allow) C:\Users\fabrice\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{804B662B-2C05-41A3-AE26-987330581AB4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{9855FAA7-6634-4DAA-9E25-68B72AABA9D4}] => (Allow) C:\Users\fabrice\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{D98CCBE8-5991-490B-AE96-596BCCFF8B68}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{8D09EB10-5FCE-497B-A6CF-A489996D4313}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{4657B859-DD15-4DB0-A8D4-26165B604BD2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{8ACE5A04-23D7-4C7C-AC25-14ADF13AAAC9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{DD79C9F3-694F-45AC-8156-4EE1E35C00DE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{02E2EDFB-8552-435A-AAB3-0681287997E1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{0870C4C7-0AAC-4FD8-9AAF-109C5C5084D1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{1C895228-D891-4904-A401-6D6C547FBDCA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{B529A62F-FEAB-4C3D-AE0C-9C8FE09BCDF3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{E557F956-DD78-4FA2-9CC8-FAD029904F7F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{C1858F7A-3301-481A-BFED-33615EC04A37}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/31/2015 00:55:32 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -2143485936 Error: (05/31/2015 00:55:32 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {357776C3-674A-491E-AA6B-DEB6628065AB} Error: (05/31/2015 00:55:31 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {357776C3-674A-491E-AA6B-DEB6628065AB} Error: (05/30/2015 03:25:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/29/2015 11:11:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/29/2015 11:07:13 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: AUTORITE NT) Description: There was an error with the Windows Location Provider database Error: (05/29/2015 03:37:46 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {44C27557-FF23-4696-97D2-99F9E7AD2B06} Error: (05/29/2015 03:37:46 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {44C27557-FF23-4696-97D2-99F9E7AD2B06} Error: (05/29/2015 09:54:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/29/2015 09:49:35 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -2143485936 System errors: ============= Error: (05/31/2015 00:56:00 AM) (Source: DCOM) (EventID: 10010) (User: OM) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/31/2015 00:56:00 AM) (Source: DCOM) (EventID: 10010) (User: OM) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/27/2015 04:31:25 AM) (Source: DCOM) (EventID: 10010) (User: OM) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/27/2015 04:31:25 AM) (Source: DCOM) (EventID: 10010) (User: OM) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/23/2015 04:39:53 PM) (Source: disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk1\DR2 comporte un bloc défectueux. Error: (05/23/2015 04:36:20 PM) (Source: disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk1\DR2 comporte un bloc défectueux. Error: (05/23/2015 04:36:17 PM) (Source: disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk1\DR2 comporte un bloc défectueux. Error: (05/23/2015 04:36:15 PM) (Source: disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk1\DR2 comporte un bloc défectueux. Error: (05/23/2015 04:36:12 PM) (Source: disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk1\DR2 comporte un bloc défectueux. Error: (05/21/2015 11:00:46 PM) (Source: disk) (EventID: 11) (User: ) Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1. Microsoft Office: ========================= Error: (05/31/2015 00:55:32 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -2143485936 Error: (05/31/2015 00:55:32 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {357776C3-674A-491E-AA6B-DEB6628065AB} Error: (05/31/2015 00:55:31 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {357776C3-674A-491E-AA6B-DEB6628065AB} Error: (05/30/2015 03:25:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/29/2015 11:11:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/29/2015 11:07:13 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: AUTORITE NT) Description: -2147024883 Error: (05/29/2015 03:37:46 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {44C27557-FF23-4696-97D2-99F9E7AD2B06} Error: (05/29/2015 03:37:46 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {44C27557-FF23-4696-97D2-99F9E7AD2B06} Error: (05/29/2015 09:54:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/29/2015 09:49:35 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -2143485936 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz Percentage of memory in use: 46% Total physical RAM: 4019.27 MB Available physical RAM: 2142.67 MB Total Pagefile: 6468.59 MB Available Pagefile: 3898.5 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:449.47 GB) (Free:408.39 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: C0D09691) Partition: GPT Partition Type. ==================== End of log ============================