Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-07-2015
Ran by secretariatIDF (2015-07-30 08:37:33)
Running from C:\Users\secretariatIDF\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-1119990523-736087694-3604660907-500 - Administrator - Disabled)
Invité (S-1-5-21-1119990523-736087694-3604660907-501 - Limited - Disabled)
secretariatIDF (S-1-5-21-1119990523-736087694-3604660907-1000 - Administrator - Enabled) => C:\Users\secretariatIDF
UpdatusUser (S-1-5-21-1119990523-736087694-3604660907-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Access - Aide (HKLM\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 2.00 - Lenovo)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Assistant de connexion Windows Live (HKLM\...\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}) (Version: 5.000.818.5 - Microsoft Corporation)
Autodesk DWG TrueView 2016 - Français (French) (HKLM\...\DWG TrueView 2016 - Français (French)) (Version: 20.1.49.0 - Autodesk)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
Burn.Now 4.5 (Version: 4.5.0 - Corel Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 (HKLM\...\{90120000-00B2-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Corel Burn.Now Lenovo Edition (HKLM\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Create Recovery Media (HKLM\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
Designer d´étiquettes 2.0 (HKLM\...\ST6UNST #1) (Version: - )
Direct DiscRecorder (Version: 1.00.0000 - Corel Corporation) Hidden
DWG TrueView 2016 - Français (French) (Version: 20.1.49.0 - Autodesk) Hidden
Free Convert FLAC To MP3 (remove only) (HKLM\...\Free Convert FLAC To MP3) (Version: - )
GIMP 2.6.12-2 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-1119990523-736087694-3604660907-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Lenovo SHAREit (HKLM\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.05 - Lenovo)
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0037 - Lenovo)
Lenovo Welcome (HKLM\...\Lenovo Welcome_is1) (Version: - Lenovo)
Message Center Plus (HKLM\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Famille et Petite Entreprise 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mises à jour NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Mouse Suite (HKLM\...\MouseSuite98) (Version: - )
Mozilla Firefox 39.0 (x86 fr) (HKLM\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Pilote 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Pilote graphique 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
Outil de téléchargement Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Package de pilotes Windows - Intel Corporation (igfx) Display (12/18/2009 8.15.10.2025) (HKLM\...\6173494C218777FC84EA543F98F626E4FCB9E58E) (Version: 12/18/2009 8.15.10.2025 - Intel Corporation)
Package de pilotes Windows - Realtek (RTL8167) Net (11/27/2009 7.011.1127.2009) (HKLM\...\FB627E47ED3DD713F9902C51061322270ACB1600) (Version: 11/27/2009 7.011.1127.2009 - Realtek)
Package de pilotes Windows - Realtek Semiconductor Corp. HD Audio Driver (01/12/2010 6.0.1.6024) (HKLM\...\07B93EDB9CC6BC0276487EBB7D01015438101AF0) (Version: 01/12/2010 6.0.1.6024 - Realtek Semiconductor Corp.)
Package de pilotes Windows - Realtek Semiconductor Corp. HD Audio Driver (01/12/2010 6.0.1.6024) (HKLM\...\39C7474DA0199DEC9927E4094B3485A8A22A5C64) (Version: 01/12/2010 6.0.1.6024 - Realtek Semiconductor Corp.)
Panneau de configuration NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Photocite Collection 5.0 (HKLM\...\Photocite Collection 5.0) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG)
Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}_is1) (Version: 3.40.0001 - Lenovo Group Limited)
Rapport (Version: 3.5.1412.176 - Trusteer) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6024 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0165 - )
Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
ThinkVantage Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 1.02.0015 - Lenovo Group Limited)
Trusteer Sécurité des points d'accès (HKLM\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer)
Unity Web Player (HKU\S-1-5-21-1119990523-736087694-3604660907-1000\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live FolderShare (HKLM\...\{76810709-A7D3-468D-9167-A1780C1E766C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xerox Device Agent (HKLM\...\{110c4be3-8e19-4adc-9050-2e1904888326}) (Version: 5.1.79 - Xerox Corporation)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{00b7e0ab-817a-44ad-a04b-d1148d524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - French\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - French\fr-FR\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\secretariatIDF\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Chrome\Application\44.0.2403.125\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{7c6e29bc-8b8b-4c3d-859e-af6cd158be0f}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c0-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c1-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c2-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c3-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c4-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c5-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c8-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c9-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969ca-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969d6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2187EC29-332A-4AB7-B591-194F15D3CE0E} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {24F4B505-8288-4C05-809A-D51058AD7BD6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {35606283-09AF-4679-8E86-BB19B91AF2DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-09] (Google Inc.)
Task: {518D72E8-9399-4981-98CA-2CA24F59B60B} - System32\Tasks\{C2F44A1D-4179-4D61-BDA1-76C178080202} => C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
Task: {55E05080-BD41-4969-A420-585CC821B706} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-17] (AVAST Software)
Task: {5A99D373-EE51-4F2C-8A8B-D2E1A73AF058} - System32\Tasks\{1B2F2DD8-B21C-4F6C-A8B8-2264965581C2} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {71CF18DA-72F5-4A84-BD5A-61D261AC4DB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-09] (Google Inc.)
Task: {71E432F2-9A79-47E5-B0D7-764D669B4071} - System32\Tasks\Message Center plus => C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {7A1D78E5-3AB3-4CE5-9812-C03DB7C499D2} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {8D10557C-D98D-451F-B209-1A4667F8B75C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1119990523-736087694-3604660907-1000UA => C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-14] (Google Inc.)
Task: {AAD88798-1B0C-4A8A-AFCB-55D0FCE73FD9} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {B3036502-1C95-4BBF-9436-C517C82CC752} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {B421CD39-02D4-4034-9294-22ABDDB605E6} - System32\Tasks\Programme de mise à jour en ligne de Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {B5B53D3D-4FED-45BE-80C4-8B3369FC95B3} - System32\Tasks\realtekHDAudio => c:\program files\realtek\audio\hda\rthdvcpl.exe [2010-01-12] (Realtek Semiconductor)
Task: {B8A26AB1-2EE6-4117-97B6-2A98D6D1D961} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {B8D877D5-AD65-4AC1-B64F-2FB1BB67A243} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2015-05-15] ()
Task: {BB10B88E-B190-4247-8EE3-8A670FA8ABDE} - System32\Tasks\{A59629D5-EDDA-4B36-9252-383FC42BCE22} => pcalua.exe -a C:\Users\secretariatIDF\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {BE84B6D6-CC9E-4C3C-B8BF-8A3FB97E3C22} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: {D44F8085-13CA-4681-9A18-8ACB2B5C8ECD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D58C0112-EA14-4151-9DDA-5BF49A16D773} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {EB957241-02E8-407D-ACEE-976D49D92BAB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1119990523-736087694-3604660907-1000Core => C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-14] (Google Inc.)
Task: {EBEEB6E7-996E-4A1E-9778-59C6FC86F6C3} - System32\Tasks\{5F8B289C-ECEC-4904-9C62-DCF051F9990C} => pcalua.exe -a "C:\Program Files\ZHPFix\ZHPhep.exe" -d "C:\Program Files\ZHPFix"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1119990523-736087694-3604660907-1000Core.job => C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1119990523-736087694-3604660907-1000UA.job => C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-01-23 15:52 - 2013-01-18 16:20 - 00079648 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-07-17 11:24 - 2015-07-17 11:24 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-17 11:24 - 2015-07-17 11:24 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-29 09:49 - 2015-07-29 09:49 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072900\algo.dll
2013-03-08 11:42 - 2012-10-04 19:50 - 00088688 ____N () C:\Windows\System32\cpwmon2k.dll
2014-08-08 08:56 - 2015-03-13 13:54 - 00042240 _____ () C:\Program Files\Lenovo\PowerMgr\FR\PWMRT32V.DLL
2013-01-24 08:52 - 2003-11-06 16:51 - 00020480 ____N () C:\Windows\System32\FSRremoS.EXE
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
2014-10-20 08:33 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
2010-05-04 11:47 - 2010-05-04 11:47 - 00125952 ____N () C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
2015-02-11 05:04 - 2015-02-11 05:04 - 06262784 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.CWWLib.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 01331200 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\CWWLibDb.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00073728 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.DotNetServiced.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00081920 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\XrxScheduler.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00348160 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Data.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00053248 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Microsoft.ApplicationBlocks.Data.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00454656 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Services.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00774144 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Entities.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 06787072 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Data.SqlClient.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 07446528 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Data.SqlCeClient.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00034304 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.Discovery.DeviceStatus.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00028672 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.SchedulerDB.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00012800 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.Discovery.ModelCapabilities.dll
2015-07-17 11:25 - 2015-07-17 11:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-07-15 10:24 - 2015-07-15 10:24 - 17448624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1119990523-736087694-3604660907-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\secretariatIDF\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{93E41672-7CB8-4BD5-A370-DBBE26674786}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{03770AE8-28D7-4B0D-ADBF-32334B41B552}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{8DBBF8B1-9E69-4D40-A437-36A4CA4672AD}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{FCF489C7-6F5C-49DC-98E0-3A882AF1E8AD}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{FB178E87-8DB9-4D98-B91D-3C2737A9833C}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2A70345F-10C1-4137-8516-5943ADCF9BFE}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{ED0EA2D2-1C82-441B-9D2C-506804F7A8FE}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{9B567EC3-03AA-4D66-B760-7EBB9112DCC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CA97BA37-FA53-4B21-BD6F-5F7CB62B2CB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D85DEBA3-430F-42DA-81BB-88B1EF8355DB}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{E962E0B1-745F-44E8-9645-CCA9958B964C}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{33BAB167-97EC-4C60-BD1D-945C76A6C0B7}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{35B54F00-5E0B-4F93-9312-5EE4D1C52A58}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{5A3CF1DC-7B3F-41DE-B688-71A295D6C9FF}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{01F1107B-871D-4329-8BA9-7C726E4B2790}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{2F5DA39A-D195-490D-BCBF-A9B4317E6740}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{BC7DB954-D07F-4A46-9B23-9DEB2F2FC735}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{DA6A1AA1-0B3D-4104-8DB1-D9D8B6E1CA94}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8F693038-767A-4386-B4F1-6C8778DAB656}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{2B7976B9-1395-4C2B-AACD-847AB8E250D7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{4BFB14FE-EE11-47C1-BCAB-CC8C9CD396F8}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{0678DBD1-B3A5-4560-9685-F83FE4FA99E1}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{F0767E85-8863-482E-9827-6E9C76B6365C}] => (Allow) C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{9B6680FE-8186-47AD-8506-27CEE375AC2D}] => (Allow) C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{D33FA205-56CD-4F03-A075-0D2BCAEBFE44}] => (Allow) LPort=1542
FirewallRules: [{F25AFB6D-3C57-4E57-A459-F16719AF7C7F}] => (Allow) LPort=1542
FirewallRules: [{994D0ED8-65BD-4BA0-A6A6-5D4CB036F93B}] => (Allow) LPort=53
FirewallRules: [{67AC1EF1-B897-4379-A0C1-C0A8FBD1FB75}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{826E0DD6-0100-43A6-9DB8-255435D60B7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CDF30D6-D000-494A-97E1-22F4BE2604F5}] => (Allow) C:\Users\secretariatIDF\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{9C8A79AD-1402-4DD7-ADF6-2D4294C51668}] => (Allow) C:\Program Files\Lenovo\System Update\uncserver.exe
FirewallRules: [{D55A302A-D815-4AE2-93BE-9F9693405C14}] => (Allow) C:\Program Files\Lenovo\System Update\uncserver.exe
FirewallRules: [{716B22C4-373F-410B-AFB5-6C5360BBACD8}] => (Allow) C:\Windows\Explorer.EXE
FirewallRules: [{86472DFA-BF5F-4537-9168-F075D2C5BA99}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{8530CCA8-CA23-40E2-974E-9F82873F3AB5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/30/2015 04:22:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation ; Description = Point de contrôle planifié ; Erreur = 0x80070422).
Error: (07/30/2015 03:00:19 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\svchost.exe -k netsvcs ; Description = Windows Update ; Erreur = 0x80070422).
Error: (07/30/2015 12:00:01 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation ; Description = Point de contrôle planifié ; Erreur = 0x80070422).
Error: (07/29/2015 07:14:56 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation ; Description = Point de contrôle planifié ; Erreur = 0x80070422).
Error: (07/29/2015 01:52:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme SCANPST.EXE version 14.0.4760.1000 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : 11e8
Heure de début : 01d0c9ef040a3f68
Heure de fin : 7
Chemin d’accès de l’application : C:\Program Files\Microsoft Office\Office14\SCANPST.EXE
ID de rapport : 8e5b244e-35e7-11e5-b3eb-1078d27ee272
Error: (07/29/2015 01:08:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme SCANPST.EXE version 14.0.4760.1000 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : 12e0
Heure de début : 01d0c9e01850e432
Heure de fin : 3
Chemin d’accès de l’application : C:\Program Files\Microsoft Office\Office14\SCANPST.EXE
ID de rapport : 8c58c2cf-35e0-11e5-b3eb-1078d27ee272
Error: (07/29/2015 11:05:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante svchost.exe_DiagTrack, version : 6.1.7600.16385, horodatage : 0x4a5bc100
Nom du module défaillant : ntdll.dll, version : 6.1.7601.18869, horodatage : 0x55636303
Code d’exception : 0xc000000d
Décalage d’erreur : 0x00098001
ID du processus défaillant : 0x790
Heure de début de l’application défaillante : 0xsvchost.exe_DiagTrack0
Chemin d’accès de l’application défaillante : svchost.exe_DiagTrack1
Chemin d’accès du module défaillant: svchost.exe_DiagTrack2
ID de rapport : svchost.exe_DiagTrack3
Error: (07/29/2015 11:02:05 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /repair SINGLEIMAGE /config C:\Users\SECRET~1\AppData\Local\Temp\repair_config.xml ; Description = Configured Microsoft Office Famille et Petite Entreprise 2010 ; Erreur = 0x80070422).
Error: (07/29/2015 10:51:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: SECRETARIAT)
Description: Impossible de fermer l’application ou le service « Microsoft Windows Search Protocol Host ».
Error: (07/29/2015 10:45:58 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\ProgramData\Microsoft\OEMOffice14\Office14\Setup.exe /config C:\Users\SECRET~1\AppData\Local\Temp\config.xml ; Description = Installed Microsoft Office Famille et Petite Entreprise 2010 ; Erreur = 0x80070422).
System errors:
=============
Error: (07/30/2015 03:37:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur :
%%1069
Error: (07/30/2015 03:37:44 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante :
%%1330
Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).
Error: (07/30/2015 03:35:40 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Xerox Device Agent Service est en attente de démarrage.
Error: (07/30/2015 03:33:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service S n’a pas pu démarrer en raison de l’erreur :
%%2
Error: (07/29/2015 06:41:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur :
%%1069
Error: (07/29/2015 06:41:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante :
%%1330
Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).
Error: (07/29/2015 06:37:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service S n’a pas pu démarrer en raison de l’erreur :
%%2
Error: (07/29/2015 11:10:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur :
%%1069
Error: (07/29/2015 11:10:42 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante :
%%1330
Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).
Error: (07/29/2015 11:08:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Xerox Device Agent Service est en attente de démarrage.
Microsoft Office:
=========================
Error: (07/16/2015 11:28:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 7923 seconds with 660 seconds of active time. This session ended with a crash.
Error: (06/25/2015 08:45:14 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 381 seconds with 120 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:26:10 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 83 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:23:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:23:07 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 130 seconds with 60 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:20:50 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 85 seconds with 60 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:19:14 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6833 seconds with 600 seconds of active time. This session ended with a crash.
Error: (03/02/2015 10:43:26 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 788 seconds with 420 seconds of active time. This session ended with a crash.
Error: (10/03/2014 11:14:53 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 812 seconds with 420 seconds of active time. This session ended with a crash.
Error: (07/29/2014 08:44:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 707 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 66%
Total physical RAM: 3071.24 MB
Available physical RAM: 1031.4 MB
Total Virtual: 6140.8 MB
Available Virtual: 3821.61 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:287.15 GB) (Free:174.03 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:4.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: F7F2C0E9)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=287.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1360 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 4
==================== End of log ============================
Ran by secretariatIDF (2015-07-30 08:37:33)
Running from C:\Users\secretariatIDF\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-1119990523-736087694-3604660907-500 - Administrator - Disabled)
Invité (S-1-5-21-1119990523-736087694-3604660907-501 - Limited - Disabled)
secretariatIDF (S-1-5-21-1119990523-736087694-3604660907-1000 - Administrator - Enabled) => C:\Users\secretariatIDF
UpdatusUser (S-1-5-21-1119990523-736087694-3604660907-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Access - Aide (HKLM\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 2.00 - Lenovo)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Assistant de connexion Windows Live (HKLM\...\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}) (Version: 5.000.818.5 - Microsoft Corporation)
Autodesk DWG TrueView 2016 - Français (French) (HKLM\...\DWG TrueView 2016 - Français (French)) (Version: 20.1.49.0 - Autodesk)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
Burn.Now 4.5 (Version: 4.5.0 - Corel Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 (HKLM\...\{90120000-00B2-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Corel Burn.Now Lenovo Edition (HKLM\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Create Recovery Media (HKLM\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
Designer d´étiquettes 2.0 (HKLM\...\ST6UNST #1) (Version: - )
Direct DiscRecorder (Version: 1.00.0000 - Corel Corporation) Hidden
DWG TrueView 2016 - Français (French) (Version: 20.1.49.0 - Autodesk) Hidden
Free Convert FLAC To MP3 (remove only) (HKLM\...\Free Convert FLAC To MP3) (Version: - )
GIMP 2.6.12-2 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-1119990523-736087694-3604660907-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Lenovo SHAREit (HKLM\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.05 - Lenovo)
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0037 - Lenovo)
Lenovo Welcome (HKLM\...\Lenovo Welcome_is1) (Version: - Lenovo)
Message Center Plus (HKLM\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Famille et Petite Entreprise 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mises à jour NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Mouse Suite (HKLM\...\MouseSuite98) (Version: - )
Mozilla Firefox 39.0 (x86 fr) (HKLM\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Pilote 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Pilote graphique 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
Outil de téléchargement Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Package de pilotes Windows - Intel Corporation (igfx) Display (12/18/2009 8.15.10.2025) (HKLM\...\6173494C218777FC84EA543F98F626E4FCB9E58E) (Version: 12/18/2009 8.15.10.2025 - Intel Corporation)
Package de pilotes Windows - Realtek (RTL8167) Net (11/27/2009 7.011.1127.2009) (HKLM\...\FB627E47ED3DD713F9902C51061322270ACB1600) (Version: 11/27/2009 7.011.1127.2009 - Realtek)
Package de pilotes Windows - Realtek Semiconductor Corp. HD Audio Driver (01/12/2010 6.0.1.6024) (HKLM\...\07B93EDB9CC6BC0276487EBB7D01015438101AF0) (Version: 01/12/2010 6.0.1.6024 - Realtek Semiconductor Corp.)
Package de pilotes Windows - Realtek Semiconductor Corp. HD Audio Driver (01/12/2010 6.0.1.6024) (HKLM\...\39C7474DA0199DEC9927E4094B3485A8A22A5C64) (Version: 01/12/2010 6.0.1.6024 - Realtek Semiconductor Corp.)
Panneau de configuration NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Photocite Collection 5.0 (HKLM\...\Photocite Collection 5.0) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG)
Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}_is1) (Version: 3.40.0001 - Lenovo Group Limited)
Rapport (Version: 3.5.1412.176 - Trusteer) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6024 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0165 - )
Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
ThinkVantage Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 1.02.0015 - Lenovo Group Limited)
Trusteer Sécurité des points d'accès (HKLM\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer)
Unity Web Player (HKU\S-1-5-21-1119990523-736087694-3604660907-1000\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live FolderShare (HKLM\...\{76810709-A7D3-468D-9167-A1780C1E766C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xerox Device Agent (HKLM\...\{110c4be3-8e19-4adc-9050-2e1904888326}) (Version: 5.1.79 - Xerox Corporation)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{00b7e0ab-817a-44ad-a04b-d1148d524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - French\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - French\fr-FR\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\secretariatIDF\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Chrome\Application\44.0.2403.125\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{7c6e29bc-8b8b-4c3d-859e-af6cd158be0f}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c0-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c1-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c2-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c3-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c4-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c5-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c8-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969c9-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969ca-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{88d969d6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1119990523-736087694-3604660907-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\secretariatIDF\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2187EC29-332A-4AB7-B591-194F15D3CE0E} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {24F4B505-8288-4C05-809A-D51058AD7BD6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {35606283-09AF-4679-8E86-BB19B91AF2DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-09] (Google Inc.)
Task: {518D72E8-9399-4981-98CA-2CA24F59B60B} - System32\Tasks\{C2F44A1D-4179-4D61-BDA1-76C178080202} => C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
Task: {55E05080-BD41-4969-A420-585CC821B706} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-17] (AVAST Software)
Task: {5A99D373-EE51-4F2C-8A8B-D2E1A73AF058} - System32\Tasks\{1B2F2DD8-B21C-4F6C-A8B8-2264965581C2} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {71CF18DA-72F5-4A84-BD5A-61D261AC4DB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-09] (Google Inc.)
Task: {71E432F2-9A79-47E5-B0D7-764D669B4071} - System32\Tasks\Message Center plus => C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {7A1D78E5-3AB3-4CE5-9812-C03DB7C499D2} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {8D10557C-D98D-451F-B209-1A4667F8B75C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1119990523-736087694-3604660907-1000UA => C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-14] (Google Inc.)
Task: {AAD88798-1B0C-4A8A-AFCB-55D0FCE73FD9} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {B3036502-1C95-4BBF-9436-C517C82CC752} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {B421CD39-02D4-4034-9294-22ABDDB605E6} - System32\Tasks\Programme de mise à jour en ligne de Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {B5B53D3D-4FED-45BE-80C4-8B3369FC95B3} - System32\Tasks\realtekHDAudio => c:\program files\realtek\audio\hda\rthdvcpl.exe [2010-01-12] (Realtek Semiconductor)
Task: {B8A26AB1-2EE6-4117-97B6-2A98D6D1D961} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {B8D877D5-AD65-4AC1-B64F-2FB1BB67A243} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2015-05-15] ()
Task: {BB10B88E-B190-4247-8EE3-8A670FA8ABDE} - System32\Tasks\{A59629D5-EDDA-4B36-9252-383FC42BCE22} => pcalua.exe -a C:\Users\secretariatIDF\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {BE84B6D6-CC9E-4C3C-B8BF-8A3FB97E3C22} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: {D44F8085-13CA-4681-9A18-8ACB2B5C8ECD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D58C0112-EA14-4151-9DDA-5BF49A16D773} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {EB957241-02E8-407D-ACEE-976D49D92BAB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1119990523-736087694-3604660907-1000Core => C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-14] (Google Inc.)
Task: {EBEEB6E7-996E-4A1E-9778-59C6FC86F6C3} - System32\Tasks\{5F8B289C-ECEC-4904-9C62-DCF051F9990C} => pcalua.exe -a "C:\Program Files\ZHPFix\ZHPhep.exe" -d "C:\Program Files\ZHPFix"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1119990523-736087694-3604660907-1000Core.job => C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1119990523-736087694-3604660907-1000UA.job => C:\Users\secretariatIDF\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-01-23 15:52 - 2013-01-18 16:20 - 00079648 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-07-17 11:24 - 2015-07-17 11:24 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-17 11:24 - 2015-07-17 11:24 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-29 09:49 - 2015-07-29 09:49 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072900\algo.dll
2013-03-08 11:42 - 2012-10-04 19:50 - 00088688 ____N () C:\Windows\System32\cpwmon2k.dll
2014-08-08 08:56 - 2015-03-13 13:54 - 00042240 _____ () C:\Program Files\Lenovo\PowerMgr\FR\PWMRT32V.DLL
2013-01-24 08:52 - 2003-11-06 16:51 - 00020480 ____N () C:\Windows\System32\FSRremoS.EXE
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
2014-10-20 08:33 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
2010-05-04 11:47 - 2010-05-04 11:47 - 00125952 ____N () C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
2015-02-11 05:04 - 2015-02-11 05:04 - 06262784 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.CWWLib.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 01331200 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\CWWLibDb.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00073728 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.DotNetServiced.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00081920 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\XrxScheduler.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00348160 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Data.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00053248 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Microsoft.ApplicationBlocks.Data.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00454656 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Services.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00774144 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Entities.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 06787072 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Data.SqlClient.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 07446528 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.DiscoveryDb.Data.SqlCeClient.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00034304 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.Discovery.DeviceStatus.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00028672 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.SchedulerDB.dll
2015-02-11 05:04 - 2015-02-11 05:04 - 00012800 _____ () C:\Program Files\Xerox XDA PE Company\XDA Lite Production\bin\Xerox.CWW.Discovery.ModelCapabilities.dll
2015-07-17 11:25 - 2015-07-17 11:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-07-15 10:24 - 2015-07-15 10:24 - 17448624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1119990523-736087694-3604660907-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\secretariatIDF\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{93E41672-7CB8-4BD5-A370-DBBE26674786}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{03770AE8-28D7-4B0D-ADBF-32334B41B552}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{8DBBF8B1-9E69-4D40-A437-36A4CA4672AD}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{FCF489C7-6F5C-49DC-98E0-3A882AF1E8AD}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{FB178E87-8DB9-4D98-B91D-3C2737A9833C}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2A70345F-10C1-4137-8516-5943ADCF9BFE}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{ED0EA2D2-1C82-441B-9D2C-506804F7A8FE}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{9B567EC3-03AA-4D66-B760-7EBB9112DCC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CA97BA37-FA53-4B21-BD6F-5F7CB62B2CB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D85DEBA3-430F-42DA-81BB-88B1EF8355DB}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{E962E0B1-745F-44E8-9645-CCA9958B964C}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{33BAB167-97EC-4C60-BD1D-945C76A6C0B7}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{35B54F00-5E0B-4F93-9312-5EE4D1C52A58}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{5A3CF1DC-7B3F-41DE-B688-71A295D6C9FF}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{01F1107B-871D-4329-8BA9-7C726E4B2790}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{2F5DA39A-D195-490D-BCBF-A9B4317E6740}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{BC7DB954-D07F-4A46-9B23-9DEB2F2FC735}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{DA6A1AA1-0B3D-4104-8DB1-D9D8B6E1CA94}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8F693038-767A-4386-B4F1-6C8778DAB656}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{2B7976B9-1395-4C2B-AACD-847AB8E250D7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{4BFB14FE-EE11-47C1-BCAB-CC8C9CD396F8}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{0678DBD1-B3A5-4560-9685-F83FE4FA99E1}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{F0767E85-8863-482E-9827-6E9C76B6365C}] => (Allow) C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{9B6680FE-8186-47AD-8506-27CEE375AC2D}] => (Allow) C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{D33FA205-56CD-4F03-A075-0D2BCAEBFE44}] => (Allow) LPort=1542
FirewallRules: [{F25AFB6D-3C57-4E57-A459-F16719AF7C7F}] => (Allow) LPort=1542
FirewallRules: [{994D0ED8-65BD-4BA0-A6A6-5D4CB036F93B}] => (Allow) LPort=53
FirewallRules: [{67AC1EF1-B897-4379-A0C1-C0A8FBD1FB75}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{826E0DD6-0100-43A6-9DB8-255435D60B7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CDF30D6-D000-494A-97E1-22F4BE2604F5}] => (Allow) C:\Users\secretariatIDF\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{9C8A79AD-1402-4DD7-ADF6-2D4294C51668}] => (Allow) C:\Program Files\Lenovo\System Update\uncserver.exe
FirewallRules: [{D55A302A-D815-4AE2-93BE-9F9693405C14}] => (Allow) C:\Program Files\Lenovo\System Update\uncserver.exe
FirewallRules: [{716B22C4-373F-410B-AFB5-6C5360BBACD8}] => (Allow) C:\Windows\Explorer.EXE
FirewallRules: [{86472DFA-BF5F-4537-9168-F075D2C5BA99}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{8530CCA8-CA23-40E2-974E-9F82873F3AB5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/30/2015 04:22:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation ; Description = Point de contrôle planifié ; Erreur = 0x80070422).
Error: (07/30/2015 03:00:19 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\svchost.exe -k netsvcs ; Description = Windows Update ; Erreur = 0x80070422).
Error: (07/30/2015 12:00:01 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation ; Description = Point de contrôle planifié ; Erreur = 0x80070422).
Error: (07/29/2015 07:14:56 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation ; Description = Point de contrôle planifié ; Erreur = 0x80070422).
Error: (07/29/2015 01:52:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme SCANPST.EXE version 14.0.4760.1000 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : 11e8
Heure de début : 01d0c9ef040a3f68
Heure de fin : 7
Chemin d’accès de l’application : C:\Program Files\Microsoft Office\Office14\SCANPST.EXE
ID de rapport : 8e5b244e-35e7-11e5-b3eb-1078d27ee272
Error: (07/29/2015 01:08:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme SCANPST.EXE version 14.0.4760.1000 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : 12e0
Heure de début : 01d0c9e01850e432
Heure de fin : 3
Chemin d’accès de l’application : C:\Program Files\Microsoft Office\Office14\SCANPST.EXE
ID de rapport : 8c58c2cf-35e0-11e5-b3eb-1078d27ee272
Error: (07/29/2015 11:05:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante svchost.exe_DiagTrack, version : 6.1.7600.16385, horodatage : 0x4a5bc100
Nom du module défaillant : ntdll.dll, version : 6.1.7601.18869, horodatage : 0x55636303
Code d’exception : 0xc000000d
Décalage d’erreur : 0x00098001
ID du processus défaillant : 0x790
Heure de début de l’application défaillante : 0xsvchost.exe_DiagTrack0
Chemin d’accès de l’application défaillante : svchost.exe_DiagTrack1
Chemin d’accès du module défaillant: svchost.exe_DiagTrack2
ID de rapport : svchost.exe_DiagTrack3
Error: (07/29/2015 11:02:05 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /repair SINGLEIMAGE /config C:\Users\SECRET~1\AppData\Local\Temp\repair_config.xml ; Description = Configured Microsoft Office Famille et Petite Entreprise 2010 ; Erreur = 0x80070422).
Error: (07/29/2015 10:51:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: SECRETARIAT)
Description: Impossible de fermer l’application ou le service « Microsoft Windows Search Protocol Host ».
Error: (07/29/2015 10:45:58 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Échec de la création d’un point de restauration (Processus = C:\ProgramData\Microsoft\OEMOffice14\Office14\Setup.exe /config C:\Users\SECRET~1\AppData\Local\Temp\config.xml ; Description = Installed Microsoft Office Famille et Petite Entreprise 2010 ; Erreur = 0x80070422).
System errors:
=============
Error: (07/30/2015 03:37:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur :
%%1069
Error: (07/30/2015 03:37:44 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante :
%%1330
Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).
Error: (07/30/2015 03:35:40 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Xerox Device Agent Service est en attente de démarrage.
Error: (07/30/2015 03:33:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service S n’a pas pu démarrer en raison de l’erreur :
%%2
Error: (07/29/2015 06:41:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur :
%%1069
Error: (07/29/2015 06:41:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante :
%%1330
Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).
Error: (07/29/2015 06:37:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service S n’a pas pu démarrer en raison de l’erreur :
%%2
Error: (07/29/2015 11:10:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur :
%%1069
Error: (07/29/2015 11:10:42 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante :
%%1330
Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).
Error: (07/29/2015 11:08:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Xerox Device Agent Service est en attente de démarrage.
Microsoft Office:
=========================
Error: (07/16/2015 11:28:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 7923 seconds with 660 seconds of active time. This session ended with a crash.
Error: (06/25/2015 08:45:14 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 381 seconds with 120 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:26:10 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 83 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:23:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:23:07 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 130 seconds with 60 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:20:50 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 85 seconds with 60 seconds of active time. This session ended with a crash.
Error: (05/15/2015 10:19:14 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6833 seconds with 600 seconds of active time. This session ended with a crash.
Error: (03/02/2015 10:43:26 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 788 seconds with 420 seconds of active time. This session ended with a crash.
Error: (10/03/2014 11:14:53 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 812 seconds with 420 seconds of active time. This session ended with a crash.
Error: (07/29/2014 08:44:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 707 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 66%
Total physical RAM: 3071.24 MB
Available physical RAM: 1031.4 MB
Total Virtual: 6140.8 MB
Available Virtual: 3821.61 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:287.15 GB) (Free:174.03 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:4.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: F7F2C0E9)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=287.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1360 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 4
==================== End of log ============================