cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by rania at 2015-05-07 10:41:18
Running from C:\Users\rania\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-3966994718-4263535385-2551788358-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3966994718-4263535385-2551788358-1003 - Limited - Enabled)
Invité (S-1-5-21-3966994718-4263535385-2551788358-501 - Limited - Disabled) => C:\Users\Invité
rania (S-1-5-21-3966994718-4263535385-2551788358-1001 - Administrator - Enabled) => C:\Users\rania

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.10) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5715 - Nom de votre société) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4608 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.3.3812 - Nom de votre société) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4628 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DummyInstaller (HKLM-x32\...\{E2210743-20C9-48E3-BA03-B1E39772E662}) (Version: 1.0.0 - Microsoft)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM-x32\...\{1A295C25-6E02-49FB-826B-F0D2C56FFA4E}) (Version: 7.1.4.1529 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google Earth (HKLM-x32\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{0002EA70-EEC3-4AFE-9F88-2D90FE66BCF6}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{3EDAF5B5-0CA9-4967-B103-FBFF1162C336}) (Version: 1.2.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{E8F2076D-1885-4A0F-83D8-77B1F9D384CE}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.27 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.27 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mises à jour NVIDIA 16.13.21 (Version: 16.13.21 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Pilote graphique 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.24 - NVIDIA Corporation)
Panneau de configuration NVIDIA 344.24 (Version: 344.24 - NVIDIA Corporation) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29080 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7335 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.20 - Synaptics Incorporated)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3966994718-4263535385-2551788358-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\rania\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points =========================

18-04-2015 08:23:37 Removed Google Earth
23-04-2015 19:25:36 Windows Update
26-04-2015 15:58:48 HPSF Applying updates
30-04-2015 22:02:49 Windows Update
06-05-2015 12:29:46 HPSF Applying updates

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2014-12-06 12:55 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0FA77067-E9A3-46D2-A6B8-48FC33812F70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1A86640A-9DCD-4BB3-BAA8-16752A253634} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {2A017BD3-F3C0-4819-A7DC-74575472CE2E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {2B1F8851-E90B-4801-BBE4-D055B3BA5383} - System32\Tasks\{A6199FED-1D49-48AA-909D-5DFFDF39A223} => Iexplore.exe http://ui.skype.com/ui/0/7.0.0.102/fr/abandoninstall?source=lightinstaller&page=tsMain
Task: {2CEE6C3C-D7DA-4821-A2DB-81C831485015} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {35D0D55D-F5A1-497B-AD8B-596C20F708F4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-24] (Microsoft Corporation)
Task: {4EFB79C6-5454-42AD-9CC1-D5628EB13DC2} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-09-27] (Hewlett-Packard)
Task: {6005F362-36A8-4C52-BCA4-6A6DF3F4D48B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {65CEEFAA-E8BE-4EBA-A2DE-F57F97714A55} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-10-28] (CyberLink Corp.)
Task: {6B7A5441-97CF-4ADA-A826-9F8F2F32633E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {7159D3E9-A090-43FC-8BFD-41DE4E47EE94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: {741D169C-7004-48B2-887D-EA2E9251CA7A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {7528FDC5-BD73-443D-8E29-B5EAEE226E12} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-09-27] (Hewlett-Packard)
Task: {96D8EF12-AB11-4991-8B18-BCEAA216E203} - System32\Tasks\HPCeeScheduleForrania => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {A9FE8857-A27A-4A9B-9738-9CE782D5BFFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {B69F3694-F138-4359-BEA3-A0F58450855A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {C4DA9C15-242F-4108-86D9-BAE6C80868AB} - System32\Tasks\{026FB1A1-8D7E-41D9-A6B6-113A74550C2C} => Chrome.exe http://ui.skype.com/ui/0/7.2.0.103/fr/abandoninstall?page=tsMain
Task: {CF5CFA07-487C-45C7-A45A-87EF02248090} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {DB46B63A-4295-46C7-841D-7C0DB004D9C1} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-09-27] (Hewlett-Packard)
Task: {E7CEF4EE-4714-464C-AB93-4482CDA5CB55} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {F4848FD1-62FF-487B-BC08-D92BD6DC92DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {FEE10882-C387-4E3F-A3E5-D453399A193E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: {FEF041A4-0B0B-4D3A-B5BE-DF50182D49D2} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForrania.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2014-09-27 14:40 - 2014-09-27 14:40 - 02150400 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-09-27 14:39 - 2014-09-27 14:39 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-09-27 14:39 - 2014-09-27 14:39 - 00035840 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-09-27 14:39 - 2014-09-27 14:39 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-09-27 14:48 - 2014-09-27 14:48 - 00420432 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-09-27 14:48 - 2014-09-27 14:48 - 00746064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-05-06 15:16 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-10-18 10:11 - 2014-09-27 05:19 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-27 14:42 - 2014-09-27 14:42 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-11-22 02:03 - 2014-11-22 02:03 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2014-09-03 12:03 - 2014-09-03 12:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-27 04:42 - 2014-03-27 04:42 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-03-27 04:42 - 2014-03-27 04:42 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-04-30 21:25 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 21:25 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-30 21:25 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\rania\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3966994718-4263535385-2551788358-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rania\Pictures\2015-04-05\014.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5B9C8F63-382F-4530-B469-8DF1C79A73BC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{473E7D04-42BB-4DDA-BD11-6B9A7FB6B142}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1FE4B91E-E34C-48CA-90D0-C22E80CC67BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE5F1126-6E91-442D-A79A-F06F54E75E6E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7C94857B-734F-47FA-91AA-4BBF0BF1BE20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D0F1E7D6-EC79-4118-B7B0-4A3A0377C12F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1F718C28-4389-4755-B1A7-82C155D8FB77}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{68ED8925-B26C-4C8F-9FAD-DD51DEFE5B66}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{13001B42-EC9C-440A-A155-4D95E37C2A3B}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{CCAF4B8D-E52D-4DB3-81FB-548579551169}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{BD9613AE-9A78-48FB-93EC-5A94BCE6576A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{F57E1B13-BE9F-4A5B-9D90-7B0D37E07BA2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{46D1874C-7450-404E-8728-F64BD723AC9E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{00A08CF0-E0AB-4575-9D50-0D4343E12EFF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{0E003977-A488-4DEF-B644-9F52BA839D9A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{291F7526-3905-43DF-8054-FC12B98C5854}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{3F28523D-C02C-489E-AD0E-6D66BBE63AE3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{C0BEFD59-0B1E-4026-95BB-CD6CB8FA22AF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{7F0D0BBE-5B7C-4AFA-A0A8-BD46183E4E4C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{F1C5BEB4-7F4B-4E3C-8D9C-29C0A59183B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A55698A4-78FC-4FD6-9410-A590D31C1F19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E714399C-A153-41C1-86A2-FB4918297727}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44F4DF7F-CFCB-423C-A991-AA354FAA9BEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{390B8C9A-2A77-43CA-9B9F-4817D9037093}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A1D033A2-BC34-4F20-8700-F5C129BCBC4B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{C3A40587-A604-4327-9D92-8887195D5659}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/06/2015 09:11:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: Échec de l’activation de l’application FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (05/06/2015 09:11:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante PhotosApp.exe, version : 6.3.9600.17418, horodatage : 0x5458237f
Nom du module défaillant : ntdll.dll, version : 6.3.9600.17736, horodatage : 0x550f4336
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000094ea5
ID du processus défaillant : 0x1034
Heure de début de l’application défaillante : 0xPhotosApp.exe0
Chemin d’accès de l’application défaillante : PhotosApp.exe1
Chemin d’accès du module défaillant: PhotosApp.exe2
ID de rapport : PhotosApp.exe3
Nom complet du package défaillant : PhotosApp.exe4
ID de l’application relative au package défaillant : PhotosApp.exe5

Error: (05/06/2015 09:10:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: Échec de l’activation de l’application FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (05/06/2015 09:10:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante PhotosApp.exe, version : 6.3.9600.17418, horodatage : 0x5458237f
Nom du module défaillant : ntdll.dll, version : 6.3.9600.17736, horodatage : 0x550f4336
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000094ea0
ID du processus défaillant : 0x1e84
Heure de début de l’application défaillante : 0xPhotosApp.exe0
Chemin d’accès de l’application défaillante : PhotosApp.exe1
Chemin d’accès du module défaillant: PhotosApp.exe2
ID de rapport : PhotosApp.exe3
Nom complet du package défaillant : PhotosApp.exe4
ID de l’application relative au package défaillant : PhotosApp.exe5

Error: (05/06/2015 09:09:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: Échec de l’activation de l’application FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (05/06/2015 09:09:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante PhotosApp.exe, version : 6.3.9600.17418, horodatage : 0x5458237f
Nom du module défaillant : ntdll.dll, version : 6.3.9600.17736, horodatage : 0x550f4336
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000094ea0
ID du processus défaillant : 0x2d4
Heure de début de l’application défaillante : 0xPhotosApp.exe0
Chemin d’accès de l’application défaillante : PhotosApp.exe1
Chemin d’accès du module défaillant: PhotosApp.exe2
ID de rapport : PhotosApp.exe3
Nom complet du package défaillant : PhotosApp.exe4
ID de l’application relative au package défaillant : PhotosApp.exe5

Error: (05/06/2015 09:08:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: Échec de l’activation de l’application FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (05/06/2015 09:08:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante PhotosApp.exe, version : 6.3.9600.17418, horodatage : 0x5458237f
Nom du module défaillant : ntdll.dll, version : 6.3.9600.17736, horodatage : 0x550f4336
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000094ea0
ID du processus défaillant : 0x1568
Heure de début de l’application défaillante : 0xPhotosApp.exe0
Chemin d’accès de l’application défaillante : PhotosApp.exe1
Chemin d’accès du module défaillant: PhotosApp.exe2
ID de rapport : PhotosApp.exe3
Nom complet du package défaillant : PhotosApp.exe4
ID de l’application relative au package défaillant : PhotosApp.exe5

Error: (05/06/2015 09:08:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: Échec de l’activation de l’application FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (05/06/2015 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante PhotosApp.exe, version : 6.3.9600.17418, horodatage : 0x5458237f
Nom du module défaillant : ntdll.dll, version : 6.3.9600.17736, horodatage : 0x550f4336
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000094ea5
ID du processus défaillant : 0x1fb0
Heure de début de l’application défaillante : 0xPhotosApp.exe0
Chemin d’accès de l’application défaillante : PhotosApp.exe1
Chemin d’accès du module défaillant: PhotosApp.exe2
ID de rapport : PhotosApp.exe3
Nom complet du package défaillant : PhotosApp.exe4
ID de l’application relative au package défaillant : PhotosApp.exe5


System errors:
=============
Error: (05/06/2015 03:11:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Cyberlink RichVideo64 Service(CRVS) s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/06/2015 00:25:27 PM) (Source: DCOM) (EventID: 10010) (User: adel)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/06/2015 00:13:35 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 40. L’état d’erreur de Windows SChannel est 252.

Error: (05/06/2015 00:13:35 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 40. L’état d’erreur de Windows SChannel est 252.

Error: (05/06/2015 11:32:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Super Optimizer.

Error: (05/06/2015 11:31:53 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 11:30:45 le ‎06/‎05/‎2015 n’était pas prévu.

Error: (05/06/2015 11:29:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Client de stratégie de groupe n’a pas pu démarrer en raison de l’erreur :
%%1053

Error: (05/06/2015 11:29:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Client de stratégie de groupe n’a pas pu démarrer en raison de l’erreur :
%%1053

Error: (05/06/2015 11:29:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Client de stratégie de groupe n’a pas pu démarrer en raison de l’erreur :
%%1053

Error: (05/06/2015 11:27:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Client de stratégie de groupe n’a pas pu démarrer en raison de l’erreur :
%%1053


Microsoft Office Sessions:
=========================
Error: (05/06/2015 09:11:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager-2147023170

Error: (05/06/2015 09:11:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PhotosApp.exe6.3.9600.174185458237fntdll.dll6.3.9600.17736550f4336c00000050000000000094ea5103401d08830671b16b5C:\Windows\FileManager\PhotosApp.exeC:\Windows\SYSTEM32\ntdll.dlla4df7a32-f423-11e4-8294-3863bb819a43FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager

Error: (05/06/2015 09:10:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager-2147023170

Error: (05/06/2015 09:10:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PhotosApp.exe6.3.9600.174185458237fntdll.dll6.3.9600.17736550f4336c00000050000000000094ea01e8401d088302d26a1c2C:\Windows\FileManager\PhotosApp.exeC:\Windows\SYSTEM32\ntdll.dll9fa28b76-f423-11e4-8294-3863bb819a43FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager

Error: (05/06/2015 09:09:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager-2147023170

Error: (05/06/2015 09:09:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PhotosApp.exe6.3.9600.174185458237fntdll.dll6.3.9600.17736550f4336c00000050000000000094ea02d401d088302942078aC:\Windows\FileManager\PhotosApp.exeC:\Windows\SYSTEM32\ntdll.dll670b2fb3-f423-11e4-8294-3863bb819a43FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager

Error: (05/06/2015 09:08:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager-2147023170

Error: (05/06/2015 09:08:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PhotosApp.exe6.3.9600.174185458237fntdll.dll6.3.9600.17736550f4336c00000050000000000094ea0156801d0883019c9062bC:\Windows\FileManager\PhotosApp.exeC:\Windows\SYSTEM32\ntdll.dll578d69fa-f423-11e4-8294-3863bb819a43FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager

Error: (05/06/2015 09:08:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: adel)
Description: FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager-2147023170

Error: (05/06/2015 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PhotosApp.exe6.3.9600.174185458237fntdll.dll6.3.9600.17736550f4336c00000050000000000094ea51fb001d088300d6cce07C:\Windows\FileManager\PhotosApp.exeC:\Windows\SYSTEM32\ntdll.dll4b3393ad-f423-11e4-8294-3863bb819a43FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager


CodeIntegrity Errors:
===================================
Date: 2015-05-05 10:15:15.070
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-30 22:07:08.197
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 14:21:21.290
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-17 23:48:30.621
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-04 12:20:47.413
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-23 07:51:41.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-18 19:25:01.569
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-09 11:26:39.831
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-27 19:47:55.853
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-18 16:41:44.361
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 61%
Total physical RAM: 4027.84 MB
Available physical RAM: 1560.23 MB
Total Pagefile: 4731.84 MB
Available Pagefile: 1668.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:697.62 GB) (Free:643.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2939C4ED)

Partition: GPT Partition Type.

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité