Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version:16-08-2015
Ran by Hatim (2015-08-17 07:09:01)
Running from C:\Users\Hatim\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1961227778-3986054411-4220875295-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1961227778-3986054411-4220875295-503 - Limited - Disabled)
Guest (S-1-5-21-1961227778-3986054411-4220875295-501 - Limited - Disabled)
Hatim (S-1-5-21-1961227778-3986054411-4220875295-1001 - Administrator - Enabled) => C:\Users\Hatim
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
4shared Desktop (HKLM\...\4shared Desktop) (Version: 4.0.13.26830 - 4shared)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 8.0 - PainteR)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Antidote 8 (HKLM\...\{09AAAB09-6DBA-4DD9-9865-54597D3FBCA8}) (Version: 8.03.407 - Druide informatique inc.)
Artisteer 4 (HKLM\...\Artisteer 4) (Version: 4.0 - Extensoft)
bl (Version: 1.0.0 - Your Company Name) Hidden
BookWright version 1.0.81 (HKLM\...\{C17978EB-5A2C-40E3-B351-F03A27245BF9}_is1) (Version: 1.0.81 - Blurb, Inc.)
BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
D1600 (Version: 140.0.851.000 - Hewlett-Packard) Hidden
DJ_SF_06_D1600_SW_Min (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
EndNote X7 (HKLM\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.0.1.7212 - Thomson Reuters)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.6.124.715 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 (HKLM\...\{96178C0A-BAF9-4E49-A2A5-CDE76722105B}) (Version: 14.0 - HP)
HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 (HKLM\...\{CB7915E9-C217-4AB3-8A8B-DB2D08F17614}) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6268.0 - IDT)
Internet Haut Débit Mobile (HKLM\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )
Internet Mobile (HKLM\...\Internet Mobile) (Version: 21.005.15.05.162 - Huawei Technologies Co.,Ltd)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.0.5 - )
Le Grand Robert de la langue française (HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\Le Grand Robert) (Version: - )
LeConjugueur (HKLM\...\LeConjugueur) (Version: - )
LG Connection Manager (Version: 1.16.10.709 - LGE) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Meditel Internet (HKLM\...\MeditelInternet) (Version: 4.0.3.2 - Meditel Internet)
Mendeley Desktop 1.10.1 (HKLM\...\Mendeley Desktop) (Version: 1.10.1 - Mendeley Ltd.)
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visio Professionnel 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.10.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
My Connection (HKLM\...\IAM Aegean My Connection_is1) (Version: - IAM)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 4.80 - FinePrint Software, LLC)
ph (Version: 1.0.0 - Your Company Name) Hidden
Puran File Recovery 1.2 (HKLM\...\Puran File Recovery_is1) (Version: - Puran Software)
ResearchSoft Direct Export Helper (HKLM\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Secure Download Manager (HKLM\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version: - Microsoft)
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Solid Converter PDF (HKLM\...\{56BFAA6E-2BCC-4AED-9233-84731E66B205}) (Version: 6.0.669.0 - SolidDocuments)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM\...\{90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{AE1BB975-11D1-49A0-82E8-1D26DD62AFE7}) (Version: - Microsoft)
Visual CertExam Suite 1.5 (HKLM\...\{E0649555-ACA7-4E2D-9490-0AEB158693EF}) (Version: 1.5.410 - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Web Connection (HKLM\...\IAM_Web Flame Web Connection_is1) (Version: - IAM)
WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-21 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Hatim\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{3C70D620-5735-4E90-922E-50E66CC3FC65}\localserver32 -> C:\Program Files\Mendeley Desktop\MendeleyWordPlugin.exe ()
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5563940A-C75D-4BD7-9727-05C6F8B3C97F}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\MoteurIntegration.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5563940B-2B33-4F1B-91FD-E33E13474297}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\MoteurIntegration.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5999E1EE-711E-48D2-9884-851A709F543D}\localserver32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Hatim\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\AgentAntidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\Antidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}\localserver32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\Antidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-04-24 04:48 - 2015-04-24 04:48 - 00000204 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01A61E11-7FBB-4C57-8674-567AD63B9783} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Battery Saver Deferred Install => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {06EDBE3F-EA74-45A5-9F91-CF2D06323780} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {0820F3D2-E359-40BA-852B-D3AD430475B0} - System32\Tasks\{278AFA89-A591-42DE-89CF-B46C44AF3A38} => pcalua.exe -a C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppinst4.exe -c /uninstall
Task: {08C614E7-0E9E-4385-80A1-B57D741C85F0} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\WINDOWS\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {08FA831B-4C44-48C2-A66A-0D0239F24C4E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0B8B8675-BE25-4D7D-AAA3-50B1FA47252D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {0C72B578-D676-414D-9F9C-FF0B216A314F} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {13550F2C-A475-475F-AE32-F8D7682F8C40} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {147FF7B2-79AF-482A-93D9-2A575057E4E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {1E59CAD0-D49B-4553-88DE-227F411F5D57} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\WINDOWS\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {201CF893-BC56-46DA-8598-6F75905C9028} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {20DB51B6-EF49-403A-BAD4-4D24B9BB5A9E} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-03-24] ()
Task: {210B29B6-A68A-4580-AC06-855728389B03} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {299D4132-0CD1-4331-9EF8-817A091B4DC8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2E55AA51-E9B8-40B5-9EA6-0A24D15DDE63} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {2F8B6434-E7FE-480E-A736-22FD6B77AEE8} - System32\Tasks\{7BDBD51B-FD86-469D-BE5A-9769CCBB9D55} => Chrome.exe http://ui.skype.com/ui/0/6.9.0.106/fr/abandoninstall?source=lightinstaller&page=tsInstall
Task: {382B44DA-CFC2-46C3-A347-0B2741A4EEB0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001Core => C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {3C480DB5-9C57-4D02-A3C4-6737DD9DD027} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\WINDOWS\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {3F628C45-4379-43B1-82E3-3D0AC5EF7C33} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {489A34B7-9791-432B-A762-FEE4D0E9562E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {49C6F58F-98A3-4416-98C4-24BD457AC122} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {4C61D4C0-ADF1-48A4-91D6-C64A8CE35E79} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\WINDOWS\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {4C7B56E3-0356-4A04-B96E-6F65F43BEE41} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {4CFE539E-2813-42D6-936B-A2D0E3BD20A2} - System32\Tasks\{2C446042-C276-454A-AD46-B52FBDFD5F44} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.7.0.102&LastError=2
Task: {4FE24D27-0EE9-48A4-92DE-0B59A885017A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001UA => C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {5939381C-0190-432E-832A-5C83F1C6673B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-14] (Adobe Systems Incorporated)
Task: {59E09A26-2322-447C-BBEB-180FC61478F8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5AF0CB6C-ABC7-431E-AF6A-97B10D8E1BA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {5CE5009F-1260-496A-AE13-40BEF27A8EFB} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {5CFC6547-F84F-4299-A6D9-75E2E9304389} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-10] (Microsoft Corporation)
Task: {6451D5E9-DC34-446B-AD5B-9D75EFC36B38} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\WINDOWS\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {65E8B085-1FAE-40EF-AEDE-E6E1E0A3B859} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6CC2569D-EFD0-42A4-A0C0-FE506F7AF0ED} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\WINDOWS\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {7135AB65-C102-40AF-8A95-750F84E26CA4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-10] (Microsoft Corporation)
Task: {774A65FA-58F3-4431-8C46-7078368F6A3E} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\WINDOWS\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {784017A0-41E3-423C-B4F3-CF8F69DF8C64} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {795A91A7-C3A0-47A8-8D87-7A3D00BEF8BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {797930BC-B506-4F11-9896-4C928674405C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {79D54361-7420-4F1B-B758-98E88380BBBB} - System32\Tasks\AdobeAAMUpdater-1.0-HatimPC-Hatim => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {7D275F92-280B-48FA-BA67-6084D5F373C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {7EBF3FF6-2F17-4FB5-8F4D-2C9D1C5547F9} - System32\Tasks\{1807C55B-EB22-4DE5-8EB3-0973D0A40E5C} => pcalua.exe -a "C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe" -c -datfile hpqhsc01.dat -forcereboot
Task: {8511523D-F416-4708-A601-BF25AB1F4464} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-11] (Microsoft Corporation)
Task: {88742C4E-AF27-4EC0-AA61-61526B2F4601} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {8BD8D26D-9B78-4CF6-9D46-9E9201ECED6B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-07-10] (Microsoft Corporation)
Task: {8C499162-CDC8-4756-954B-354F6E9E5C0B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {92444044-702A-48E5-BFF5-61E5539B0206} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001Core => C:\Users\Hatim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-10] (Facebook Inc.)
Task: {99CE4190-659E-4715-9630-A2713EF5E512} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {A499EB02-E4EB-40A9-9D59-6E250F07C9C1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AE745E26-495D-43A1-9EC6-FB9A3E000456} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AFED54EE-EDE7-4FC1-87E9-7CF32E762537} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B2AFD82E-BDE6-42CE-A68C-A659D5391671} - System32\Tasks\{68D332EA-FFDD-49D2-8ECF-CBB46A2324EB} => pcalua.exe -a "C:\Program Files\Internet Mobile+\uninst.exe"
Task: {B8C17161-1BAA-4324-9E99-9F6ABC62CBD3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C7F8DC2D-9D31-4DFE-A34C-1A5E18943525} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\WINDOWS\system32\ClipUp.exe [2015-07-10] (Microsoft Corporation)
Task: {C90E5FD9-228D-4A6C-A897-42583B5668B2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C98D8259-7584-4043-9025-5FC9582EAB98} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D7B09F2A-6B62-41E8-8DEE-34674BD70BFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DD87F70B-C8AE-4ECD-9AFC-288536510545} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\WINDOWS\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {E15FBDFF-1BF9-4030-B889-95528FFFDB78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E3FBBA84-1DB8-48C0-9156-90AB8123E65E} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {F31D7EF8-31AF-4E29-B9A4-6152E173C5CA} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {FB6B539D-57C2-4E39-98FD-C9D2BF921B63} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\WINDOWS\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001Core.job => C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001UA.job => C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001Core.job => C:\Users\Hatim\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WebReg HP Deskjet F300 series.job => C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-10 09:24 - 2015-07-10 09:24 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2013-04-11 16:02 - 2009-10-23 20:20 - 00027456 _____ () C:\WINDOWS\System32\solidlocalmon.dll
2014-11-27 22:59 - 2004-10-06 02:31 - 00050364 _____ () C:\WINDOWS\System32\zarpdfmon.dll
2014-11-27 22:59 - 2005-05-24 15:28 - 00045056 _____ () C:\WINDOWS\System32\ZARPDF.dll
2014-01-18 22:39 - 2013-04-15 11:49 - 00059904 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\HP1006PP.dll
2013-11-05 19:54 - 2013-11-05 19:54 - 00230240 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2015-04-01 19:22 - 2012-03-14 12:05 - 00053312 _____ () C:\Program Files\My Connection\BackgroundService\ServiceManager.exe
2015-06-09 01:02 - 2014-05-22 17:53 - 00346680 _____ () C:\Program Files\MeditelInternet\MeditelInternet_Service.exe
2015-04-02 15:55 - 2013-06-18 11:28 - 00058192 _____ () C:\Program Files\Web Connection\IAM\BackgroundService\ServiceManager.exe
2013-04-27 14:27 - 2014-08-25 00:14 - 00246112 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\ouc.exe
2013-04-27 14:27 - 2013-04-27 14:26 - 00011362 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\mingwm10.dll
2013-04-27 14:27 - 2013-04-27 14:26 - 00043008 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\libgcc_s_dw2-1.dll
2013-04-27 14:27 - 2013-09-16 23:22 - 02415104 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtCore4.dll
2013-04-27 14:27 - 2013-09-16 23:22 - 01148416 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtNetwork4.dll
2013-04-27 14:27 - 2013-09-16 23:22 - 00384512 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QueryStrategy.dll
2013-04-27 14:27 - 2013-09-16 23:22 - 00398336 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtXml4.dll
2015-07-10 09:24 - 2015-07-10 09:24 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-10 09:24 - 2015-07-10 09:24 - 01768544 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-10 09:24 - 2015-07-10 09:24 - 01768544 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-08-23 00:30 - 2001-08-10 14:23 - 00388608 _____ () C:\Program Files\TEXTware\QUICKfind\PlugIns\IEHelp.dll
2013-04-11 15:16 - 2009-12-12 14:12 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-11-17 00:39 - 2014-11-11 16:35 - 00181144 _____ () C:\Program Files\4shared Desktop\CMenu.dll
2015-07-10 09:24 - 2015-07-10 09:24 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 04321792 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-11-15 21:44 - 2009-08-11 17:24 - 00123392 _____ () C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe
2015-04-01 19:22 - 2012-09-26 19:36 - 00126056 _____ () C:\Program Files\My Connection\BackgroundService\ModemListener.exe
2015-04-02 15:55 - 2014-03-26 19:42 - 00159056 _____ () C:\Program Files\Web Connection\IAM\BackgroundService\ModemListener.exe
2015-06-09 01:02 - 2014-05-22 17:53 - 00928312 _____ () C:\Program Files\MeditelInternet\MeditelInternet_Launcher.exe
2015-06-09 01:02 - 2014-05-22 17:53 - 00258560 _____ () C:\Program Files\MeditelInternet\WtgMobileBroadband7.dll
2014-04-14 20:41 - 2015-04-04 23:14 - 00020288 ____R () C:\Program Files\CCleaner\branding.dll
2015-08-17 06:54 - 2015-08-17 06:54 - 00071168 _____ () c:\users\hatim\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxibg28.dll
2015-03-04 22:45 - 2015-08-05 21:49 - 00012800 _____ () C:\Users\Hatim\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-08-05 21:49 - 00779776 _____ () C:\Users\Hatim\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 19:04 - 2015-08-05 21:49 - 00056320 _____ () C:\Users\Hatim\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-08-05 21:49 - 00012288 _____ () C:\Users\Hatim\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-09-25 03:53 - 2014-09-23 05:06 - 01098056 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 03:53 - 2014-09-23 05:06 - 00174408 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 03:53 - 2014-09-23 05:07 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 03:53 - 2014-09-23 05:07 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 03:53 - 2014-09-23 05:06 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2015-07-15 15:10 - 2015-07-13 10:14 - 16307888 _____ () C:\Users\Hatim\AppData\Local\Google\Chrome\User Data\PepperFlash\18.0.0.209\pepflashplayer.dll
2015-08-14 18:03 - 2015-08-14 18:03 - 17482952 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 02013536 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 01678176 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
AlternateDataStreams: C:\Users\Hatim\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\ma-config.com -> hxxp://ma-config.com
IE trusted site: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\touslesdrivers.com -> hxxp://touslesdrivers.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img10.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AgentAntidote32"
HKLM\...\StartupApproved\Run: => "AdobeCEPServiceManager"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\StartupApproved\StartupFolder: => "Envoyer à OneNote.lnk"
HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\StartupApproved\Run: => "PoivY"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{AA7E16DE-2924-42AE-863B-E782D2164E34}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{A039AD90-84C1-45F1-A3CE-05B6583DA9D8}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{0E567B6A-13A2-442D-BE79-EE482D6C5F8E}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QMAccountProtection.exe
FirewallRules: [{F57438F8-AF4A-4B16-8E8C-A0C1E0DF5FFB}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QMRouterMgr.exe
FirewallRules: [{CF17813B-8E32-4029-A00E-36A28110F525}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\TpkUpdate.exe
FirewallRules: [{D86EE68F-F786-45D2-9D50-C115F15E7A9B}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCPatch.exe
FirewallRules: [{3B691714-D407-483F-BDEA-30E23F5EAD7B}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\Uninst.exe
FirewallRules: [{80453CCC-4F8E-4347-8B2C-DAE443A3F72A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQRepair.exe
FirewallRules: [{0397C665-BAD1-4618-8F32-390208FC79E9}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCUpdateAVLib.exe
FirewallRules: [{E2C41EC4-7DD4-4B15-8203-097C3D21D97A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCSysOptimize.exe
FirewallRules: [{80151E1F-259C-471B-B012-6EA869A0B232}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftGame.exe
FirewallRules: [{BFDA008C-5A60-4779-97B1-2F4AD61CCE92}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{55230C99-4CD9-4570-A522-4ACE62ECE08C}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCLaunch.exe
FirewallRules: [{238B173D-43DA-4662-821C-79956907D97F}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCClinic.exe
FirewallRules: [{EF9A500A-D7F9-4454-AE47-3D316232605D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCBTU.exe
FirewallRules: [{F3F8F9E9-64B8-4BA3-A5B1-E6E14A50FAFF}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{B4C0BED8-7471-43B2-B726-A5EF65B493A6}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftMgr.exe
FirewallRules: [{7EFBBFFA-787B-4A8C-AFF0-D03A289B811D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPConfig.exe
FirewallRules: [{7B40FE07-0CDD-4987-A26B-6DEFEB6225E1}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{25353349-3241-4ED8-AD45-F2845A08328D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCLeakScan.exe
FirewallRules: [{FF8057B4-2AB9-45FC-AB6A-DDE6E6B85FB2}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{22D8DC68-FBB2-4FDB-83E0-2402CB0F4111}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCFileOpen.exe
FirewallRules: [{55232801-121C-4607-89EE-B41D05ED5572}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\bugreport.exe
FirewallRules: [{F9696E53-04D5-4CBA-99F0-4F42AB8C0ACE}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QMDL.exe
FirewallRules: [{78786438-D0A2-4FE0-B4B3-5726408B2D9C}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP.exe
FirewallRules: [{B3562171-D826-469D-B989-7EDF133378A9}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCMgr.exe
FirewallRules: [{9B118611-A18E-4BE5-B0F5-B422E1B68A11}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe
FirewallRules: [{DE2AF5FD-3DC9-4AFF-972D-CA17991360F5}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCmgrInstallGuide.exe
FirewallRules: [{66E0593F-DB72-4FD8-8689-1A53EDAD963C}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{A21AA86C-4860-41E5-93DE-1D931FD4C592}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{A603894D-12CB-47D2-AA21-EE75D992C5F6}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{7447BC56-1998-44AE-9735-7EAA62E52973}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{500B5F96-4B7F-4821-98CA-705157953916}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{7FCFDE7D-BB7E-4DEA-AB15-83D92A7107E8}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{317E556A-5022-46A1-BD32-7DEBFA1FB50A}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{EBA27512-8EF4-4BC1-9758-6278C09AA0D7}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{53F7ACDF-E547-481A-90EE-8D7AB0C76A28}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{D0BBE824-D77F-4D2C-9003-1218E2DEC927}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{9F4D6709-71C0-452B-B7B6-558F86526BF5}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{E55B8D67-0154-4973-A28A-7A9FC0C207EA}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{161F058B-B8C2-41E4-9958-9BF36A0F64FA}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{93DC45BF-2992-46A0-A44E-21259BC369BF}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{5BE30E0A-1ED8-42ED-9FED-BFB9D49D5913}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{EA38F434-32AA-4650-B5A6-B3B2974A7BCF}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{4B84FBC7-3582-4E54-93D1-7BF36AFA559C}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{06FC5E04-958F-479A-9F27-7EFC0042F0A9}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{036CEEBA-A1CB-4A63-88E4-05EA76F6D656}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{1296ED73-67F3-417F-BFC8-14BF5E28F629}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{D7D94A57-8479-40BE-A2E3-6DC4EE3437FE}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{89A4E242-8A2D-4413-A20C-A122AB5030B6}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{35AAA7D3-DAA4-4492-AACB-7B6BE85C1B41}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{04584828-99C5-40F0-A097-9F4540DFC2EA}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{B4C132A5-8F58-401C-BEFC-CFBEFE4D4809}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{EDA52EA6-5AB1-4274-8F2F-27C326BCA1EA}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{40207A52-6DA6-4856-B531-6A0EEF7479F7}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{46719EA7-E5A8-47B3-B232-1CA6E754294C}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{BC89D5C5-AFEC-48C4-9A76-BF5E7B380F41}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{228B8C36-03EA-4A51-BFAF-E726F7FE96A3}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{AEC5583F-638E-406B-A08D-32C4CC73AF14}] => (Allow) C:\program files\common files\baidu\bddownload\109\bddownloader.exe
FirewallRules: [{4830B09B-8EC7-4F06-BAC9-D17F65E2EB2E}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{1AA74D0D-1945-41DB-8343-90BE3B793774}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{CC7C5FF2-694D-4CCD-AD16-A450E49B4631}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{583D2758-FB6B-4F18-8377-A2EE411A050D}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{6440587E-7718-43D6-9240-93BF8A142E49}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{302F9F7A-0A8E-454B-A776-5E2ED005C692}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{CAA3B2BB-145F-42B7-8C06-EF48CCD12B12}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{F34297F0-1BCA-41F0-9F2D-FD05D161DE8B}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{B837384C-049C-4EF4-8413-CA36D405057D}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{4495756A-B8E0-4A95-9CCF-9A72E60F553A}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{43C852AB-BB43-457C-9E33-FC1E57CDC10B}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{FD5991DF-476E-404F-AF05-CA92A28B83D2}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{568E2C7E-3CB9-4004-8F94-E6238103E5C1}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{FDCA2C01-4DAA-4A43-B7DE-471F2DAEAE76}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{F34BDC6F-8B03-4454-9BF3-A6C1B7E74D50}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{D39C045B-194B-4C41-9404-765631546255}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{3700058A-9DE5-429F-9C4E-54571066D09F}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{50CF3A51-E50A-49AD-85B6-9785A941DAC2}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{452C6452-AC6A-4633-8F78-786B98249B67}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{430EBEFF-407B-4EF3-82F9-F305BA867BFF}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{A5354573-00DF-4C08-9149-7F7BEED4963F}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{7026BDA0-2C72-44D1-87D1-0E1F0E5F0EB6}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{744B0D69-DD3E-4B49-B264-09D775CF90B8}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{7A670EAC-4B1F-4A22-A559-534F2B6EA8F2}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{919CCEF4-552E-4754-B6DC-99BFAEB14B47}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{B35A9FBD-9C15-4ABE-A86D-1036635D8CD8}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{3D30B41A-DA77-48CB-875D-6F647FBC9CB6}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{7D90A811-DEC8-454E-94EA-94ABFC4FD5F0}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{9690DC12-AAF9-4161-B09E-C73B73D1BAB5}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{AAE8AE45-87EE-405B-A3BC-C8D26DF926D4}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [UDP Query User{7BF980D2-21E2-42E5-983E-EF1A47DC2EB3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{84D0D121-ECBD-42A3-8784-F4585E6B748B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{D546B4A6-5579-433B-B119-681E4BF3FC8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{25CBC805-8990-4617-936E-D0078912EA85}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4BA80539-38BF-41D7-B6C1-A1244805C1A9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{25F3E29E-92E4-40A2-9CEA-5D8F631DB0B6}] => (Allow) C:\Users\Hatim\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{CB739D73-E219-45EC-9B94-741817ED549B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{65C0DA70-1CBB-486F-A87C-08B5E8F17681}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8A04790C-AA90-456D-9A4C-958C8051990D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{920F57D0-D489-4872-90DC-311A86381935}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{EAE7CB6F-1E10-4BA8-AB07-3D9C68DF85E7}C:\users\hatim\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\hatim\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4A61198D-4666-4926-ADF5-24326E09BCA8}C:\users\hatim\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\hatim\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{AA948A9E-726F-402C-B912-7CC60B7C7DD8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{48C508F2-6D58-4A1D-9EC3-ACBC7754A5E4}] => (Allow) C:\Users\Hatim\AppData\Local\Temp\7zS17B1\hppiw.exe
FirewallRules: [{2E4EC838-C10C-43CD-BFBE-4FFBE9BB3198}] => (Allow) C:\Users\Hatim\AppData\Local\Temp\7zS17B1\hppiw.exe
FirewallRules: [{96A465E3-7CEB-4D9C-A936-E1CEE183FBB2}] => (Allow) LPort=48114
FirewallRules: [{5F6CFF17-BFB6-45DB-B380-9FC9D26AC48B}] => (Allow) LPort=48113
FirewallRules: [{716A1302-5FB0-4E45-BA15-B1BA06FC1025}] => (Allow) C:\Users\Hatim\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{228B1DCC-0D40-4D8E-AD5E-6AB195040BCF}] => (Allow) C:\Users\Hatim\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{132006EF-3D05-4562-8E83-169B39B90677}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E04628E7-EBA2-4877-9137-7644756B5AFC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CAB04377-462C-448F-9B9A-E49B971D6969}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [TCP Query User{36455534-D65B-429A-B6A4-3301D7DBE94D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{2E1BAF5D-DECC-4A15-BE34-F7BA218B26B3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{1D183E32-AE2F-41F7-B8F7-838D23CAEDFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D2924F01-8EF7-4446-A70A-78676056D752}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0F6879D2-3FD5-4DE0-81ED-E2BE49D3372F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{82A5DFE7-7B43-404C-9A6E-F126B73BEF6D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{16605EB5-37AA-4C51-9B23-2CA7CECC316A}] => (Allow) C:\Users\Hatim\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A8D5F5F8-B1B8-4C2E-B8D1-55B49FD784B0}] => (Allow) C:\Users\Hatim\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C7DBF1B6-FA65-404E-90D9-87BD560935C5}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (08/17/2015 06:52:59 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:59 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:59 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:59 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:58 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:57 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:57 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:56 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:56 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:56 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6570 @ 2.10GHz
Percentage of memory in use: 74%
Total physical RAM: 2972.26 MB
Available physical RAM: 745.56 MB
Total Virtual: 4252.26 MB
Available Virtual: 1693.04 MB
==================== Drives ================================
Drive c: (Windows_8) (Fixed) (Total:78.26 GB) (Free:12.4 GB) NTFS
Drive d: (Data) (Fixed) (Total:141.6 GB) (Free:13.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 9315B1BF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=78.1 GB) - (Type=05)
==================== End of log ============================
Ran by Hatim (2015-08-17 07:09:01)
Running from C:\Users\Hatim\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1961227778-3986054411-4220875295-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1961227778-3986054411-4220875295-503 - Limited - Disabled)
Guest (S-1-5-21-1961227778-3986054411-4220875295-501 - Limited - Disabled)
Hatim (S-1-5-21-1961227778-3986054411-4220875295-1001 - Administrator - Enabled) => C:\Users\Hatim
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
4shared Desktop (HKLM\...\4shared Desktop) (Version: 4.0.13.26830 - 4shared)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 8.0 - PainteR)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Antidote 8 (HKLM\...\{09AAAB09-6DBA-4DD9-9865-54597D3FBCA8}) (Version: 8.03.407 - Druide informatique inc.)
Artisteer 4 (HKLM\...\Artisteer 4) (Version: 4.0 - Extensoft)
bl (Version: 1.0.0 - Your Company Name) Hidden
BookWright version 1.0.81 (HKLM\...\{C17978EB-5A2C-40E3-B351-F03A27245BF9}_is1) (Version: 1.0.81 - Blurb, Inc.)
BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
D1600 (Version: 140.0.851.000 - Hewlett-Packard) Hidden
DJ_SF_06_D1600_SW_Min (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
EndNote X7 (HKLM\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.0.1.7212 - Thomson Reuters)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.6.124.715 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 (HKLM\...\{96178C0A-BAF9-4E49-A2A5-CDE76722105B}) (Version: 14.0 - HP)
HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 (HKLM\...\{CB7915E9-C217-4AB3-8A8B-DB2D08F17614}) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6268.0 - IDT)
Internet Haut Débit Mobile (HKLM\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )
Internet Mobile (HKLM\...\Internet Mobile) (Version: 21.005.15.05.162 - Huawei Technologies Co.,Ltd)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.0.5 - )
Le Grand Robert de la langue française (HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\Le Grand Robert) (Version: - )
LeConjugueur (HKLM\...\LeConjugueur) (Version: - )
LG Connection Manager (Version: 1.16.10.709 - LGE) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Meditel Internet (HKLM\...\MeditelInternet) (Version: 4.0.3.2 - Meditel Internet)
Mendeley Desktop 1.10.1 (HKLM\...\Mendeley Desktop) (Version: 1.10.1 - Mendeley Ltd.)
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visio Professionnel 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.10.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
My Connection (HKLM\...\IAM Aegean My Connection_is1) (Version: - IAM)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 4.80 - FinePrint Software, LLC)
ph (Version: 1.0.0 - Your Company Name) Hidden
Puran File Recovery 1.2 (HKLM\...\Puran File Recovery_is1) (Version: - Puran Software)
ResearchSoft Direct Export Helper (HKLM\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Secure Download Manager (HKLM\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version: - Microsoft)
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Solid Converter PDF (HKLM\...\{56BFAA6E-2BCC-4AED-9233-84731E66B205}) (Version: 6.0.669.0 - SolidDocuments)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM\...\{90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{AE1BB975-11D1-49A0-82E8-1D26DD62AFE7}) (Version: - Microsoft)
Visual CertExam Suite 1.5 (HKLM\...\{E0649555-ACA7-4E2D-9490-0AEB158693EF}) (Version: 1.5.410 - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Web Connection (HKLM\...\IAM_Web Flame Web Connection_is1) (Version: - IAM)
WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-21 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Hatim\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{3C70D620-5735-4E90-922E-50E66CC3FC65}\localserver32 -> C:\Program Files\Mendeley Desktop\MendeleyWordPlugin.exe ()
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5563940A-C75D-4BD7-9727-05C6F8B3C97F}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\MoteurIntegration.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5563940B-2B33-4F1B-91FD-E33E13474297}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\MoteurIntegration.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5999E1EE-711E-48D2-9884-851A709F543D}\localserver32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Hatim\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\AgentAntidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\Antidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}\localserver32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files\Druide\Antidote 8\Programmes32\Antidote.exe (Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Hatim\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Hatim\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-04-24 04:48 - 2015-04-24 04:48 - 00000204 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01A61E11-7FBB-4C57-8674-567AD63B9783} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Battery Saver Deferred Install => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {06EDBE3F-EA74-45A5-9F91-CF2D06323780} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {0820F3D2-E359-40BA-852B-D3AD430475B0} - System32\Tasks\{278AFA89-A591-42DE-89CF-B46C44AF3A38} => pcalua.exe -a C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppinst4.exe -c /uninstall
Task: {08C614E7-0E9E-4385-80A1-B57D741C85F0} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\WINDOWS\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {08FA831B-4C44-48C2-A66A-0D0239F24C4E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0B8B8675-BE25-4D7D-AAA3-50B1FA47252D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {0C72B578-D676-414D-9F9C-FF0B216A314F} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {13550F2C-A475-475F-AE32-F8D7682F8C40} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {147FF7B2-79AF-482A-93D9-2A575057E4E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {1E59CAD0-D49B-4553-88DE-227F411F5D57} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\WINDOWS\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {201CF893-BC56-46DA-8598-6F75905C9028} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {20DB51B6-EF49-403A-BAD4-4D24B9BB5A9E} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-03-24] ()
Task: {210B29B6-A68A-4580-AC06-855728389B03} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {299D4132-0CD1-4331-9EF8-817A091B4DC8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2E55AA51-E9B8-40B5-9EA6-0A24D15DDE63} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {2F8B6434-E7FE-480E-A736-22FD6B77AEE8} - System32\Tasks\{7BDBD51B-FD86-469D-BE5A-9769CCBB9D55} => Chrome.exe http://ui.skype.com/ui/0/6.9.0.106/fr/abandoninstall?source=lightinstaller&page=tsInstall
Task: {382B44DA-CFC2-46C3-A347-0B2741A4EEB0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001Core => C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {3C480DB5-9C57-4D02-A3C4-6737DD9DD027} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\WINDOWS\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {3F628C45-4379-43B1-82E3-3D0AC5EF7C33} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {489A34B7-9791-432B-A762-FEE4D0E9562E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {49C6F58F-98A3-4416-98C4-24BD457AC122} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {4C61D4C0-ADF1-48A4-91D6-C64A8CE35E79} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\WINDOWS\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {4C7B56E3-0356-4A04-B96E-6F65F43BEE41} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {4CFE539E-2813-42D6-936B-A2D0E3BD20A2} - System32\Tasks\{2C446042-C276-454A-AD46-B52FBDFD5F44} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.7.0.102&LastError=2
Task: {4FE24D27-0EE9-48A4-92DE-0B59A885017A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001UA => C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {5939381C-0190-432E-832A-5C83F1C6673B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-14] (Adobe Systems Incorporated)
Task: {59E09A26-2322-447C-BBEB-180FC61478F8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5AF0CB6C-ABC7-431E-AF6A-97B10D8E1BA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {5CE5009F-1260-496A-AE13-40BEF27A8EFB} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {5CFC6547-F84F-4299-A6D9-75E2E9304389} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-10] (Microsoft Corporation)
Task: {6451D5E9-DC34-446B-AD5B-9D75EFC36B38} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\WINDOWS\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {65E8B085-1FAE-40EF-AEDE-E6E1E0A3B859} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6CC2569D-EFD0-42A4-A0C0-FE506F7AF0ED} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\WINDOWS\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {7135AB65-C102-40AF-8A95-750F84E26CA4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-10] (Microsoft Corporation)
Task: {774A65FA-58F3-4431-8C46-7078368F6A3E} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\WINDOWS\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {784017A0-41E3-423C-B4F3-CF8F69DF8C64} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {795A91A7-C3A0-47A8-8D87-7A3D00BEF8BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {797930BC-B506-4F11-9896-4C928674405C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {79D54361-7420-4F1B-B758-98E88380BBBB} - System32\Tasks\AdobeAAMUpdater-1.0-HatimPC-Hatim => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {7D275F92-280B-48FA-BA67-6084D5F373C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {7EBF3FF6-2F17-4FB5-8F4D-2C9D1C5547F9} - System32\Tasks\{1807C55B-EB22-4DE5-8EB3-0973D0A40E5C} => pcalua.exe -a "C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe" -c -datfile hpqhsc01.dat -forcereboot
Task: {8511523D-F416-4708-A601-BF25AB1F4464} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-11] (Microsoft Corporation)
Task: {88742C4E-AF27-4EC0-AA61-61526B2F4601} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {8BD8D26D-9B78-4CF6-9D46-9E9201ECED6B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-07-10] (Microsoft Corporation)
Task: {8C499162-CDC8-4756-954B-354F6E9E5C0B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {92444044-702A-48E5-BFF5-61E5539B0206} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001Core => C:\Users\Hatim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-10] (Facebook Inc.)
Task: {99CE4190-659E-4715-9630-A2713EF5E512} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {A499EB02-E4EB-40A9-9D59-6E250F07C9C1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AE745E26-495D-43A1-9EC6-FB9A3E000456} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AFED54EE-EDE7-4FC1-87E9-7CF32E762537} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B2AFD82E-BDE6-42CE-A68C-A659D5391671} - System32\Tasks\{68D332EA-FFDD-49D2-8ECF-CBB46A2324EB} => pcalua.exe -a "C:\Program Files\Internet Mobile+\uninst.exe"
Task: {B8C17161-1BAA-4324-9E99-9F6ABC62CBD3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C7F8DC2D-9D31-4DFE-A34C-1A5E18943525} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\WINDOWS\system32\ClipUp.exe [2015-07-10] (Microsoft Corporation)
Task: {C90E5FD9-228D-4A6C-A897-42583B5668B2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C98D8259-7584-4043-9025-5FC9582EAB98} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D7B09F2A-6B62-41E8-8DEE-34674BD70BFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DD87F70B-C8AE-4ECD-9AFC-288536510545} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\WINDOWS\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {E15FBDFF-1BF9-4030-B889-95528FFFDB78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E3FBBA84-1DB8-48C0-9156-90AB8123E65E} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {F31D7EF8-31AF-4E29-B9A4-6152E173C5CA} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {FB6B539D-57C2-4E39-98FD-C9D2BF921B63} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\WINDOWS\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001Core.job => C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001UA.job => C:\Users\Hatim\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1961227778-3986054411-4220875295-1001Core.job => C:\Users\Hatim\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WebReg HP Deskjet F300 series.job => C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-10 09:24 - 2015-07-10 09:24 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2013-04-11 16:02 - 2009-10-23 20:20 - 00027456 _____ () C:\WINDOWS\System32\solidlocalmon.dll
2014-11-27 22:59 - 2004-10-06 02:31 - 00050364 _____ () C:\WINDOWS\System32\zarpdfmon.dll
2014-11-27 22:59 - 2005-05-24 15:28 - 00045056 _____ () C:\WINDOWS\System32\ZARPDF.dll
2014-01-18 22:39 - 2013-04-15 11:49 - 00059904 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\HP1006PP.dll
2013-11-05 19:54 - 2013-11-05 19:54 - 00230240 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2015-04-01 19:22 - 2012-03-14 12:05 - 00053312 _____ () C:\Program Files\My Connection\BackgroundService\ServiceManager.exe
2015-06-09 01:02 - 2014-05-22 17:53 - 00346680 _____ () C:\Program Files\MeditelInternet\MeditelInternet_Service.exe
2015-04-02 15:55 - 2013-06-18 11:28 - 00058192 _____ () C:\Program Files\Web Connection\IAM\BackgroundService\ServiceManager.exe
2013-04-27 14:27 - 2014-08-25 00:14 - 00246112 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\ouc.exe
2013-04-27 14:27 - 2013-04-27 14:26 - 00011362 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\mingwm10.dll
2013-04-27 14:27 - 2013-04-27 14:26 - 00043008 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\libgcc_s_dw2-1.dll
2013-04-27 14:27 - 2013-09-16 23:22 - 02415104 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtCore4.dll
2013-04-27 14:27 - 2013-09-16 23:22 - 01148416 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtNetwork4.dll
2013-04-27 14:27 - 2013-09-16 23:22 - 00384512 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QueryStrategy.dll
2013-04-27 14:27 - 2013-09-16 23:22 - 00398336 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtXml4.dll
2015-07-10 09:24 - 2015-07-10 09:24 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-10 09:24 - 2015-07-10 09:24 - 01768544 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-10 09:24 - 2015-07-10 09:24 - 01768544 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-08-23 00:30 - 2001-08-10 14:23 - 00388608 _____ () C:\Program Files\TEXTware\QUICKfind\PlugIns\IEHelp.dll
2013-04-11 15:16 - 2009-12-12 14:12 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-11-17 00:39 - 2014-11-11 16:35 - 00181144 _____ () C:\Program Files\4shared Desktop\CMenu.dll
2015-07-10 09:24 - 2015-07-10 09:24 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 04321792 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-11-15 21:44 - 2009-08-11 17:24 - 00123392 _____ () C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe
2015-04-01 19:22 - 2012-09-26 19:36 - 00126056 _____ () C:\Program Files\My Connection\BackgroundService\ModemListener.exe
2015-04-02 15:55 - 2014-03-26 19:42 - 00159056 _____ () C:\Program Files\Web Connection\IAM\BackgroundService\ModemListener.exe
2015-06-09 01:02 - 2014-05-22 17:53 - 00928312 _____ () C:\Program Files\MeditelInternet\MeditelInternet_Launcher.exe
2015-06-09 01:02 - 2014-05-22 17:53 - 00258560 _____ () C:\Program Files\MeditelInternet\WtgMobileBroadband7.dll
2014-04-14 20:41 - 2015-04-04 23:14 - 00020288 ____R () C:\Program Files\CCleaner\branding.dll
2015-08-17 06:54 - 2015-08-17 06:54 - 00071168 _____ () c:\users\hatim\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxibg28.dll
2015-03-04 22:45 - 2015-08-05 21:49 - 00012800 _____ () C:\Users\Hatim\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-08-05 21:49 - 00779776 _____ () C:\Users\Hatim\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 19:04 - 2015-08-05 21:49 - 00056320 _____ () C:\Users\Hatim\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-08-05 21:49 - 00012288 _____ () C:\Users\Hatim\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-09-25 03:53 - 2014-09-23 05:06 - 01098056 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 03:53 - 2014-09-23 05:06 - 00174408 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 03:53 - 2014-09-23 05:07 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 03:53 - 2014-09-23 05:07 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 03:53 - 2014-09-23 05:06 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2015-07-15 15:10 - 2015-07-13 10:14 - 16307888 _____ () C:\Users\Hatim\AppData\Local\Google\Chrome\User Data\PepperFlash\18.0.0.209\pepflashplayer.dll
2015-08-14 18:03 - 2015-08-14 18:03 - 17482952 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 02013536 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-07-10 09:25 - 2015-07-10 11:49 - 01678176 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
AlternateDataStreams: C:\Users\Hatim\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\ma-config.com -> hxxp://ma-config.com
IE trusted site: HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\touslesdrivers.com -> hxxp://touslesdrivers.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img10.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AgentAntidote32"
HKLM\...\StartupApproved\Run: => "AdobeCEPServiceManager"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\StartupApproved\StartupFolder: => "Envoyer à OneNote.lnk"
HKU\S-1-5-21-1961227778-3986054411-4220875295-1001\...\StartupApproved\Run: => "PoivY"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{AA7E16DE-2924-42AE-863B-E782D2164E34}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{A039AD90-84C1-45F1-A3CE-05B6583DA9D8}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{0E567B6A-13A2-442D-BE79-EE482D6C5F8E}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QMAccountProtection.exe
FirewallRules: [{F57438F8-AF4A-4B16-8E8C-A0C1E0DF5FFB}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QMRouterMgr.exe
FirewallRules: [{CF17813B-8E32-4029-A00E-36A28110F525}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\TpkUpdate.exe
FirewallRules: [{D86EE68F-F786-45D2-9D50-C115F15E7A9B}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCPatch.exe
FirewallRules: [{3B691714-D407-483F-BDEA-30E23F5EAD7B}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\Uninst.exe
FirewallRules: [{80453CCC-4F8E-4347-8B2C-DAE443A3F72A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQRepair.exe
FirewallRules: [{0397C665-BAD1-4618-8F32-390208FC79E9}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCUpdateAVLib.exe
FirewallRules: [{E2C41EC4-7DD4-4B15-8203-097C3D21D97A}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCSysOptimize.exe
FirewallRules: [{80151E1F-259C-471B-B012-6EA869A0B232}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftGame.exe
FirewallRules: [{BFDA008C-5A60-4779-97B1-2F4AD61CCE92}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{55230C99-4CD9-4570-A522-4ACE62ECE08C}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCLaunch.exe
FirewallRules: [{238B173D-43DA-4662-821C-79956907D97F}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCClinic.exe
FirewallRules: [{EF9A500A-D7F9-4454-AE47-3D316232605D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCBTU.exe
FirewallRules: [{F3F8F9E9-64B8-4BA3-A5B1-E6E14A50FAFF}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{B4C0BED8-7471-43B2-B726-A5EF65B493A6}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftMgr.exe
FirewallRules: [{7EFBBFFA-787B-4A8C-AFF0-D03A289B811D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPConfig.exe
FirewallRules: [{7B40FE07-0CDD-4987-A26B-6DEFEB6225E1}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{25353349-3241-4ED8-AD45-F2845A08328D}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCLeakScan.exe
FirewallRules: [{FF8057B4-2AB9-45FC-AB6A-DDE6E6B85FB2}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{22D8DC68-FBB2-4FDB-83E0-2402CB0F4111}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCFileOpen.exe
FirewallRules: [{55232801-121C-4607-89EE-B41D05ED5572}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\bugreport.exe
FirewallRules: [{F9696E53-04D5-4CBA-99F0-4F42AB8C0ACE}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QMDL.exe
FirewallRules: [{78786438-D0A2-4FE0-B4B3-5726408B2D9C}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP.exe
FirewallRules: [{B3562171-D826-469D-B989-7EDF133378A9}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCMgr.exe
FirewallRules: [{9B118611-A18E-4BE5-B0F5-B422E1B68A11}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe
FirewallRules: [{DE2AF5FD-3DC9-4AFF-972D-CA17991360F5}] => (Allow) C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QQPCmgrInstallGuide.exe
FirewallRules: [{66E0593F-DB72-4FD8-8689-1A53EDAD963C}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{A21AA86C-4860-41E5-93DE-1D931FD4C592}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{A603894D-12CB-47D2-AA21-EE75D992C5F6}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{7447BC56-1998-44AE-9735-7EAA62E52973}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{500B5F96-4B7F-4821-98CA-705157953916}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{7FCFDE7D-BB7E-4DEA-AB15-83D92A7107E8}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe
FirewallRules: [{317E556A-5022-46A1-BD32-7DEBFA1FB50A}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{EBA27512-8EF4-4BC1-9758-6278C09AA0D7}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{53F7ACDF-E547-481A-90EE-8D7AB0C76A28}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{D0BBE824-D77F-4D2C-9003-1218E2DEC927}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{9F4D6709-71C0-452B-B7B6-558F86526BF5}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{E55B8D67-0154-4973-A28A-7A9FC0C207EA}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe
FirewallRules: [{161F058B-B8C2-41E4-9958-9BF36A0F64FA}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{93DC45BF-2992-46A0-A44E-21259BC369BF}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{5BE30E0A-1ED8-42ED-9FED-BFB9D49D5913}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{EA38F434-32AA-4650-B5A6-B3B2974A7BCF}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{4B84FBC7-3582-4E54-93D1-7BF36AFA559C}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{06FC5E04-958F-479A-9F27-7EFC0042F0A9}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe
FirewallRules: [{036CEEBA-A1CB-4A63-88E4-05EA76F6D656}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{1296ED73-67F3-417F-BFC8-14BF5E28F629}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{D7D94A57-8479-40BE-A2E3-6DC4EE3437FE}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{89A4E242-8A2D-4413-A20C-A122AB5030B6}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{35AAA7D3-DAA4-4492-AACB-7B6BE85C1B41}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{04584828-99C5-40F0-A097-9F4540DFC2EA}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAn.exe
FirewallRules: [{B4C132A5-8F58-401C-BEFC-CFBEFE4D4809}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{EDA52EA6-5AB1-4274-8F2F-27C326BCA1EA}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{40207A52-6DA6-4856-B531-6A0EEF7479F7}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{46719EA7-E5A8-47B3-B232-1CA6E754294C}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{BC89D5C5-AFEC-48C4-9A76-BF5E7B380F41}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{228B8C36-03EA-4A51-BFAF-E726F7FE96A3}] => (Allow) C:\Program Files\baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe
FirewallRules: [{AEC5583F-638E-406B-A08D-32C4CC73AF14}] => (Allow) C:\program files\common files\baidu\bddownload\109\bddownloader.exe
FirewallRules: [{4830B09B-8EC7-4F06-BAC9-D17F65E2EB2E}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{1AA74D0D-1945-41DB-8343-90BE3B793774}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{CC7C5FF2-694D-4CCD-AD16-A450E49B4631}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{583D2758-FB6B-4F18-8377-A2EE411A050D}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{6440587E-7718-43D6-9240-93BF8A142E49}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{302F9F7A-0A8E-454B-A776-5E2ED005C692}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe
FirewallRules: [{CAA3B2BB-145F-42B7-8C06-EF48CCD12B12}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{F34297F0-1BCA-41F0-9F2D-FD05D161DE8B}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{B837384C-049C-4EF4-8413-CA36D405057D}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{4495756A-B8E0-4A95-9CCF-9A72E60F553A}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{43C852AB-BB43-457C-9E33-FC1E57CDC10B}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{FD5991DF-476E-404F-AF05-CA92A28B83D2}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe
FirewallRules: [{568E2C7E-3CB9-4004-8F94-E6238103E5C1}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{FDCA2C01-4DAA-4A43-B7DE-471F2DAEAE76}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{F34BDC6F-8B03-4454-9BF3-A6C1B7E74D50}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{D39C045B-194B-4C41-9404-765631546255}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{3700058A-9DE5-429F-9C4E-54571066D09F}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{50CF3A51-E50A-49AD-85B6-9785A941DAC2}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe
FirewallRules: [{452C6452-AC6A-4633-8F78-786B98249B67}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{430EBEFF-407B-4EF3-82F9-F305BA867BFF}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{A5354573-00DF-4C08-9149-7F7BEED4963F}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{7026BDA0-2C72-44D1-87D1-0E1F0E5F0EB6}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{744B0D69-DD3E-4B49-B264-09D775CF90B8}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{7A670EAC-4B1F-4A22-A559-534F2B6EA8F2}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSd.exe
FirewallRules: [{919CCEF4-552E-4754-B6DC-99BFAEB14B47}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{B35A9FBD-9C15-4ABE-A86D-1036635D8CD8}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{3D30B41A-DA77-48CB-875D-6F647FBC9CB6}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{7D90A811-DEC8-454E-94EA-94ABFC4FD5F0}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{9690DC12-AAF9-4161-B09E-C73B73D1BAB5}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [{AAE8AE45-87EE-405B-A3BC-C8D26DF926D4}] => (Allow) C:\Program Files\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe
FirewallRules: [UDP Query User{7BF980D2-21E2-42E5-983E-EF1A47DC2EB3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{84D0D121-ECBD-42A3-8784-F4585E6B748B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{D546B4A6-5579-433B-B119-681E4BF3FC8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{25CBC805-8990-4617-936E-D0078912EA85}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4BA80539-38BF-41D7-B6C1-A1244805C1A9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{25F3E29E-92E4-40A2-9CEA-5D8F631DB0B6}] => (Allow) C:\Users\Hatim\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{CB739D73-E219-45EC-9B94-741817ED549B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{65C0DA70-1CBB-486F-A87C-08B5E8F17681}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8A04790C-AA90-456D-9A4C-958C8051990D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{920F57D0-D489-4872-90DC-311A86381935}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{EAE7CB6F-1E10-4BA8-AB07-3D9C68DF85E7}C:\users\hatim\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\hatim\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4A61198D-4666-4926-ADF5-24326E09BCA8}C:\users\hatim\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\hatim\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{AA948A9E-726F-402C-B912-7CC60B7C7DD8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{48C508F2-6D58-4A1D-9EC3-ACBC7754A5E4}] => (Allow) C:\Users\Hatim\AppData\Local\Temp\7zS17B1\hppiw.exe
FirewallRules: [{2E4EC838-C10C-43CD-BFBE-4FFBE9BB3198}] => (Allow) C:\Users\Hatim\AppData\Local\Temp\7zS17B1\hppiw.exe
FirewallRules: [{96A465E3-7CEB-4D9C-A936-E1CEE183FBB2}] => (Allow) LPort=48114
FirewallRules: [{5F6CFF17-BFB6-45DB-B380-9FC9D26AC48B}] => (Allow) LPort=48113
FirewallRules: [{716A1302-5FB0-4E45-BA15-B1BA06FC1025}] => (Allow) C:\Users\Hatim\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{228B1DCC-0D40-4D8E-AD5E-6AB195040BCF}] => (Allow) C:\Users\Hatim\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{132006EF-3D05-4562-8E83-169B39B90677}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E04628E7-EBA2-4877-9137-7644756B5AFC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CAB04377-462C-448F-9B9A-E49B971D6969}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [TCP Query User{36455534-D65B-429A-B6A4-3301D7DBE94D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{2E1BAF5D-DECC-4A15-BE34-F7BA218B26B3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{1D183E32-AE2F-41F7-B8F7-838D23CAEDFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D2924F01-8EF7-4446-A70A-78676056D752}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0F6879D2-3FD5-4DE0-81ED-E2BE49D3372F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{82A5DFE7-7B43-404C-9A6E-F126B73BEF6D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{16605EB5-37AA-4C51-9B23-2CA7CECC316A}] => (Allow) C:\Users\Hatim\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A8D5F5F8-B1B8-4C2E-B8D1-55B49FD784B0}] => (Allow) C:\Users\Hatim\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C7DBF1B6-FA65-404E-90D9-87BD560935C5}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (08/17/2015 06:52:59 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:59 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:59 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:59 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:58 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:57 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:57 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:56 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:56 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/17/2015 06:52:56 AM) (Source: DCOM) (EventID: 10016) (User: HatimPC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HatimPCHatimS-1-5-21-1961227778-3986054411-4220875295-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6570 @ 2.10GHz
Percentage of memory in use: 74%
Total physical RAM: 2972.26 MB
Available physical RAM: 745.56 MB
Total Virtual: 4252.26 MB
Available Virtual: 1693.04 MB
==================== Drives ================================
Drive c: (Windows_8) (Fixed) (Total:78.26 GB) (Free:12.4 GB) NTFS
Drive d: (Data) (Fixed) (Total:141.6 GB) (Free:13.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 9315B1BF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=78.1 GB) - (Type=05)
==================== End of log ============================