Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
Ran by Ihab (2016-05-30 22:44:00)
Running from C:\Users\Omnia\Desktop
Windows 10 Pro N Version 1511 (X64) (2015-11-15 22:12:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-316627027-3033381719-1982330960-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-316627027-3033381719-1982330960-503 - Limited - Disabled)
Guest (S-1-5-21-316627027-3033381719-1982330960-501 - Limited - Disabled)
Ihab (S-1-5-21-316627027-3033381719-1982330960-1000 - Administrator - Enabled) => C:\Users\Omnia
openpgsvc (S-1-5-21-316627027-3033381719-1982330960-1004 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
ATI Catalyst Install Manager (HKLM\...\{5854205C-309C-DB40-ED50-C05675BDA8A3}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.1.1 - Genesys Logic)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Internet Mobile (HKLM-x32\...\Internet Mobile) (Version: 21.005.15.05.162 - Huawei Technologies Co.,Ltd)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.6868.2062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Odoo 9.0 (HKLM-x32\...\Odoo 9.0) (Version: 9.0 - Odoo S.A.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
PostgreSQL 9.3 (x86) (HKLM-x32\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.5 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
RealDownloader (x32 Version: 18.1.3.103 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.3.104 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.3 - RealNetworks)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.102 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAGEM F@st 800-840 (HKLM-x32\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version: 4.06.000 - SAGEM)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Ericsson Device Data (x32 Version: 1.0.32 - Sony Ericsson) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sybase PowerAMC 15.1 (HKLM-x32\...\{48B0BE4A-EDC9-44C4-A3DB-67D62D75961F}) (Version: 15.1.2850 - Sybase Inc.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-316627027-3033381719-1982330960-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Omnia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01A1D0E2-49C4-4CDB-B21E-471D79A39379} - System32\Tasks\{9D9AD9B9-4C4D-4DCE-AA28-361757016199} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{B36C9A28-B91C-47AD-9FE3-1078C8A22605} /l1036
Task: {0525CA3E-384D-4673-A981-7C4793D9423D} - System32\Tasks\{2FDC939A-D502-4C84-A853-BECE2FCDE2BA} => pcalua.exe -a "C:\Users\Omnia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NSUSX5S3\wmp11-windowsxp-x86-FR-FR.exe" -d C:\Users\Omnia\Desktop
Task: {06E5E6E1-C0A1-44FD-B014-AEC829F2971F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0EDDE066-DAD0-4821-BEE9-269A3B3B4EDE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {128D6914-EBE2-47A5-B12C-993575368F1A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {17754A70-24E8-4AEC-AC94-6DBDA58278B4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {1DFEA949-0C64-40D3-BF10-7EDF096EE946} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {1E004637-1994-4794-B008-18203250EA47} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {23A8F6A9-4214-41AD-AF77-FCAFEF5CCFFA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {24E3EE0B-C029-4640-BBA9-8EA1703F9BBC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {28CB53EF-E0DC-4DC1-BB30-C083BA854EFD} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {31180665-523F-4D34-A1B4-1575AFFB159B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {3707B2B0-3908-4A15-8428-A899E3A0B132} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {3C16B97D-6C07-481E-95FA-F52D5EAB834B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {3D32339E-B54F-4762-8AC4-CC189BE6FB22} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3F348B1B-83C2-4E50-A22E-FDBA867F9D95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {40178447-AB56-492A-BE34-CCDBEAF08801} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {40C1E769-CBA1-492A-AAB8-3DFA5B821560} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-02-03] ()
Task: {40FC1D0D-9ABC-4E20-8A25-7A09203D69B2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {44E0F61A-CFA2-4A5C-964A-ED21C0C26A34} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {4788A776-F48F-4100-ADFD-5F86089C8D7A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {570C1312-6519-46B5-A969-552A932711F4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5782008E-31FC-4F07-A51D-2E46B4C52243} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-10] (Microsoft Corporation)
Task: {650ABE68-ADE6-4DB9-84CB-221DC5410C15} - System32\Tasks\{67724B1C-0C6A-4692-805C-845BE583F863} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.105/fr/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {6C762645-63DA-469E-BABD-971A6589427E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7B4B02D9-AE21-4E95-BCC3-58A709BA9FE9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {8335AC77-AC90-44C9-88EE-4BA45688225A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {87BE89DA-BEDB-465B-B581-B97D9A7B6C1B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {8DAB871E-CC2C-4BC6-A9F0-417CEACBD0A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {A712C228-E724-48D8-8DA5-0939C17AC7B9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {AB367189-C535-4808-9A84-F88BE3D832E4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AE8A4330-A541-43EF-B31C-352A641B1BDF} - System32\Tasks\{953455B0-0EF1-48D9-AFB1-A6BE6C305A23} => pcalua.exe -a "C:\Users\Omnia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ES6CXBOC\windows-media-player-11_windows_media_player_11.0_francais_20085[1].exe" -d C:\Users\Omnia\Desktop
Task: {B2AA3DC5-3CFC-4DEA-A481-2CFA48C87739} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {B9C601AD-FCDD-42FD-A6DD-2E5C7E521924} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BF9343A1-9E73-473F-A317-BD9677D5C9C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {C4486774-0CCE-4E61-A05F-A504113E5907} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C8404A8B-F677-42FF-9A29-B19C9551D34A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {C8908A7C-1508-4119-A0BC-5320B8D5124B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {C8BEE0EF-5E93-41F0-AEE3-292B4C4F065E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {C98AE3DE-2321-4E8B-A120-9CD679A80B3D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CA1C1FDA-28D1-43A1-833B-F551D219D791} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CB3E5BBD-7DE0-4874-921F-333E224C9284} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D2A4E9DD-F62B-45D1-9483-01B375F50706} - System32\Tasks\Microsoft\Internet Explorer\Supprimer les versions précédentes d’Internet Explorer => C:\Windows\SYSTEM32\ie4uinit.EXE [2016-01-16] (Microsoft Corporation)
Task: {D30785B7-D215-422A-B4E3-03259EA3A4AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DB224CAB-74BF-48D3-B058-6D0E9C686635} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DBB53BF0-E98E-4296-9B62-B548940FCC25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {DF15F89D-3A49-4FCD-B4B2-7C481AD335DC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {E1B68741-C1D9-4C75-86CB-4EE3E306917A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {E7C3B4DE-B661-4B6C-9408-76875C813235} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E7C80751-802F-4B14-83A6-72FC8E523CFA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {E8C72CEE-F823-4782-BADA-56DF8540CE32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F574365F-BBE4-4CA7-80B0-21D56EF5E426} - System32\Tasks\{522F0E3E-0865-42C3-BD84-1DA8F410D046} => pcalua.exe -a "C:\Users\Omnia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4YHGUF4\sp55086[1].exe" -d C:\Users\Omnia\Desktop
Task: {F5EBE4C2-AF8E-4182-90AA-EE14AA5D486B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {F979DC26-C89B-4F41-89CF-163892C6006E} - System32\Tasks\{BAB20F9F-4EBF-4650-A537-169FE858C154} => pcalua.exe -a "C:\Users\Omnia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBE5X2V9\Win7Vista_64_152254.exe" -d C:\Users\Omnia\Desktop
Task: {FC09E2D5-4048-4F37-B35B-DBD831A66BAF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {FE983465-79B3-453D-A89C-A2BCA353AC13} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {FF74C0F5-375C-4F3A-AA96-5513F2B02A25} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 08:16 - 2015-10-30 08:16 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-21 17:11 - 2016-05-02 04:01 - 00417472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-03-20 02:35 - 2016-03-20 02:35 - 00023552 _____ () D:\odoo\Odoo 9.0-20160320\service\win32_service.exe
2016-02-03 19:49 - 2016-02-03 19:49 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-01-04 21:32 - 2012-01-04 21:31 - 00246112 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\ouc.exe
2016-03-20 02:39 - 2016-03-20 02:39 - 00020992 _____ () D:\odoo\Odoo 9.0-20160320\server\openerp-server.exe
2016-04-13 11:34 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 11:34 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-20 20:08 - 2016-05-20 20:08 - 00959168 _____ () C:\Users\Omnia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-12-18 15:04 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 20:31 - 2016-04-23 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-10 20:31 - 2016-04-23 05:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-10 20:31 - 2016-04-23 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-10 20:32 - 2016-04-23 04:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-10 20:32 - 2016-04-23 05:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-08 01:32 - 2010-12-01 15:48 - 00028672 _____ () C:\Windows\SysWOW64\UMonit.exe
2016-02-03 19:00 - 2016-02-03 19:00 - 00712432 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2016-01-06 17:41 - 2016-01-06 17:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-05-13 17:44 - 2016-05-13 17:44 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2014-02-15 23:23 - 2014-02-15 23:23 - 00027648 _____ () D:\odoo\Odoo 9.0-20160320\service\servicemanager.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00110592 _____ () D:\odoo\Odoo 9.0-20160320\service\pywintypes27.dll
2014-02-15 23:23 - 2014-02-15 23:23 - 00042496 _____ () D:\odoo\Odoo 9.0-20160320\service\win32service.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00100352 _____ () D:\odoo\Odoo 9.0-20160320\service\win32api.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00036864 _____ () D:\odoo\Odoo 9.0-20160320\service\win32process.pyd
2016-02-03 19:48 - 2016-02-03 19:48 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-02-03 19:48 - 2016-02-03 19:48 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-02-03 19:49 - 2016-02-03 19:49 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2016-03-20 23:55 - 2014-07-22 07:51 - 00138752 _____ () D:\odoo\Odoo 9.0-20160320\PostgreSQL\bin\LIBPQ.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 00011362 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\mingwm10.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 00043008 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\libgcc_s_dw2-1.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 02415104 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtCore4.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 01148416 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtNetwork4.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 00384512 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QueryStrategy.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 00398336 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtXml4.dll
2016-03-20 23:56 - 2014-02-05 07:56 - 01036800 _____ () D:\odoo\Odoo 9.0-20160320\PostgreSQL\bin\libxml2.dll
2014-03-06 14:44 - 2014-03-06 14:44 - 02935296 _____ () D:\odoo\Odoo 9.0-20160320\server\lxml.etree.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00100352 _____ () D:\odoo\Odoo 9.0-20160320\server\win32api.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00110592 _____ () D:\odoo\Odoo 9.0-20160320\server\pywintypes27.dll
2014-02-15 23:24 - 2014-02-15 23:24 - 00397312 _____ () D:\odoo\Odoo 9.0-20160320\server\pythoncom27.dll
2013-11-10 14:54 - 2013-11-10 14:54 - 00087552 _____ () D:\odoo\Odoo 9.0-20160320\server\_ctypes.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00358400 _____ () D:\odoo\Odoo 9.0-20160320\server\_hashlib.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00686080 _____ () D:\odoo\Odoo 9.0-20160320\server\unicodedata.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00044544 _____ () D:\odoo\Odoo 9.0-20160320\server\_socket.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00899584 _____ () D:\odoo\Odoo 9.0-20160320\server\_ssl.pyd
2014-01-08 13:53 - 2014-01-08 13:53 - 01262592 _____ () D:\odoo\Odoo 9.0-20160320\server\psycopg2._psycopg.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00042496 _____ () D:\odoo\Odoo 9.0-20160320\server\win32service.pyd
2014-03-04 18:52 - 2014-03-04 18:52 - 00178176 _____ () D:\odoo\Odoo 9.0-20160320\server\_yaml.pyd
2014-03-07 05:00 - 2014-03-07 05:00 - 00798720 _____ () D:\odoo\Odoo 9.0-20160320\server\PIL._imaging.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00127488 _____ () D:\odoo\Odoo 9.0-20160320\server\pyexpat.pyd
2014-03-06 14:56 - 2014-03-06 14:56 - 00026112 _____ () D:\odoo\Odoo 9.0-20160320\server\reportlab.lib._rl_accel.pyd
2013-05-21 21:28 - 2013-05-21 21:28 - 00008192 _____ () D:\odoo\Odoo 9.0-20160320\server\markupsafe._speedups.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00010240 _____ () D:\odoo\Odoo 9.0-20160320\server\select.pyd
2013-11-25 14:27 - 2013-11-25 14:27 - 00036352 _____ () D:\odoo\Odoo 9.0-20160320\server\_psutil_mswindows.pyd
2016-05-20 20:08 - 2016-05-20 20:08 - 00679624 _____ () C:\Users\Omnia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-03-09 13:03 - 2016-03-09 13:03 - 00022288 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\mediautil.dll
2016-03-09 13:03 - 2016-03-09 13:03 - 01520912 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avformat-55.dll
2016-03-09 13:03 - 2016-03-09 13:03 - 04274960 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2016-03-09 13:03 - 2016-03-09 13:03 - 00322832 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
2016-02-03 18:53 - 2016-02-03 18:53 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-03-09 13:02 - 2016-03-09 13:02 - 00654608 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [252]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-09 15:15 - 2014-04-29 21:59 - 00000855 _RASH C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-316627027-3033381719-1982330960-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{99A7BA4B-61EB-47B5-BF3B-A7D38AED94B8}] => (Allow) LPort=48113
FirewallRules: [{2A19B614-1FE0-4A04-9022-2D3EC0239623}] => (Allow) LPort=48113
FirewallRules: [{5CD0AEF2-F09D-46B5-B860-A38E4BC20B69}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{167B252D-7F8B-45A3-A79A-1F897B042071}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{43DC926F-EC16-4D81-88D3-25886ABB652E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{64C5BEEA-46B5-4875-8171-A92AA420AC22}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{15E06ECB-21A6-4728-A4F8-509D95038D06}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{3B9C8C76-0EF0-428D-8225-D67BB36A8718}] => (Allow) LPort=48114
FirewallRules: [{E1F26475-7F75-406D-B9D8-401932791FDC}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{D0733789-5F23-4042-A2FD-758D563AB7AB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EE9EA82B-F2FA-43E2-A981-5EB3E3F7A5D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{31F66B29-18D7-45F7-A583-249E5B8DF4DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{71A6A65D-A991-43EB-9143-BD4230B8A8E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E8D01D6D-E525-44C5-8CF5-42FA4EEAE15A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E87CB6BF-E105-4627-9BC0-A55AC36A8D95}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{DBC7D1BB-1911-43E5-90B1-9F11FA02BF5B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/30/2016 09:54:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1505) (User: IHAB-PC)
Description: Windows ne peut pas charger le profil de l’utilisateur mais a ouvert une session avec le profil par défaut pour le système.
DÉTAIL - Access is denied.
Error: (05/30/2016 09:54:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: IHAB-PC)
Description: Windows ne peut pas trouver le profil local et tente de vous connecter avec un profil temporaire. Les modifications effectuées à ce profil seront perdues lorsque vous vous déconnecterez.
Error: (05/30/2016 08:02:30 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1505) (User: IHAB-PC)
Description: Windows ne peut pas charger le profil de l’utilisateur mais a ouvert une session avec le profil par défaut pour le système.
DÉTAIL - Access is denied.
Error: (05/30/2016 08:02:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: IHAB-PC)
Description: Windows ne peut pas trouver le profil local et tente de vous connecter avec un profil temporaire. Les modifications effectuées à ce profil seront perdues lorsque vous vous déconnecterez.
Error: (05/30/2016 12:40:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1505) (User: IHAB-PC)
Description: Windows ne peut pas charger le profil de l’utilisateur mais a ouvert une session avec le profil par défaut pour le système.
DÉTAIL - Access is denied.
Error: (05/30/2016 12:40:34 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: IHAB-PC)
Description: Windows ne peut pas trouver le profil local et tente de vous connecter avec un profil temporaire. Les modifications effectuées à ce profil seront perdues lorsque vous vous déconnecterez.
Error: (05/30/2016 11:52:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme iexplore.exe version 11.0.10586.20 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.
ID de processus : 1480
Heure de début : 01d1ba60f5b991f6
Heure de fin : 84
Chemin d'accès de l'application : C:\Program Files (x86)\Internet Explorer\iexplore.exe
ID de rapport : 9b43895b-2654-11e6-a3ae-74de2b74a6b9
Nom complet du package défaillant :
ID de l'application relative au package défaillant :
Error: (05/30/2016 11:37:33 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1 ». Erreur dans le fichier de manifeste ou de stratégie « UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2 » à la ligne UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (05/30/2016 11:37:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1 ».
Assembly dépendant rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (05/30/2016 11:37:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1 ».
Assembly dépendant rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
System errors:
=============
Error: (05/30/2016 09:56:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 6ème fois.
Error: (05/30/2016 09:56:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 5ème fois.
Error: (05/30/2016 09:56:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 4ème fois.
Error: (05/30/2016 09:56:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 3ème fois.
Error: (05/30/2016 09:56:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 2ème fois.
Error: (05/30/2016 09:55:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealPlayer Cloud Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (05/30/2016 09:55:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (05/30/2016 09:54:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Internet Mobile. RunOuc n’a pas pu démarrer en raison de l’erreur :
%%1053
Error: (05/30/2016 09:54:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Internet Mobile. RunOuc.
Error: (05/30/2016 09:54:44 PM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: L’appel LoadUserProfile a échoué avec l’erreur :
%%2
CodeIntegrity:
===================================
Date: 2016-05-30 19:59:45.252
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Omnia\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-30 19:59:45.171
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Omnia\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-30 19:59:43.561
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Omnia\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-18 14:23:47.361
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-15 14:34:18.432
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-14 12:08:40.139
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-11 12:17:10.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-10 21:07:19.446
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-06 14:19:01.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-03 11:17:44.132
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 3893.85 MB
Available physical RAM: 2125.36 MB
Total Virtual: 7861.85 MB
Available Virtual: 5771.51 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:96.88 GB) (Free:64.14 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:163.43 GB) (Free:162.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 73256BD4)
Partition 1: (Not Active) - (Size=10 GB) - (Type=12)
Partition 2: (Active) - (Size=96.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=793 MB) - (Type=27)
Partition 4: (Not Active) - (Size=163.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Ihab (2016-05-30 22:44:00)
Running from C:\Users\Omnia\Desktop
Windows 10 Pro N Version 1511 (X64) (2015-11-15 22:12:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-316627027-3033381719-1982330960-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-316627027-3033381719-1982330960-503 - Limited - Disabled)
Guest (S-1-5-21-316627027-3033381719-1982330960-501 - Limited - Disabled)
Ihab (S-1-5-21-316627027-3033381719-1982330960-1000 - Administrator - Enabled) => C:\Users\Omnia
openpgsvc (S-1-5-21-316627027-3033381719-1982330960-1004 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
ATI Catalyst Install Manager (HKLM\...\{5854205C-309C-DB40-ED50-C05675BDA8A3}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.1.1 - Genesys Logic)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Internet Mobile (HKLM-x32\...\Internet Mobile) (Version: 21.005.15.05.162 - Huawei Technologies Co.,Ltd)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.6868.2062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Odoo 9.0 (HKLM-x32\...\Odoo 9.0) (Version: 9.0 - Odoo S.A.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
PostgreSQL 9.3 (x86) (HKLM-x32\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.5 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
RealDownloader (x32 Version: 18.1.3.103 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.3.104 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.3 - RealNetworks)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.102 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAGEM F@st 800-840 (HKLM-x32\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version: 4.06.000 - SAGEM)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Ericsson Device Data (x32 Version: 1.0.32 - Sony Ericsson) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sybase PowerAMC 15.1 (HKLM-x32\...\{48B0BE4A-EDC9-44C4-A3DB-67D62D75961F}) (Version: 15.1.2850 - Sybase Inc.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-316627027-3033381719-1982330960-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Omnia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01A1D0E2-49C4-4CDB-B21E-471D79A39379} - System32\Tasks\{9D9AD9B9-4C4D-4DCE-AA28-361757016199} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{B36C9A28-B91C-47AD-9FE3-1078C8A22605} /l1036
Task: {0525CA3E-384D-4673-A981-7C4793D9423D} - System32\Tasks\{2FDC939A-D502-4C84-A853-BECE2FCDE2BA} => pcalua.exe -a "C:\Users\Omnia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NSUSX5S3\wmp11-windowsxp-x86-FR-FR.exe" -d C:\Users\Omnia\Desktop
Task: {06E5E6E1-C0A1-44FD-B014-AEC829F2971F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0EDDE066-DAD0-4821-BEE9-269A3B3B4EDE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {128D6914-EBE2-47A5-B12C-993575368F1A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {17754A70-24E8-4AEC-AC94-6DBDA58278B4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {1DFEA949-0C64-40D3-BF10-7EDF096EE946} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {1E004637-1994-4794-B008-18203250EA47} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {23A8F6A9-4214-41AD-AF77-FCAFEF5CCFFA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {24E3EE0B-C029-4640-BBA9-8EA1703F9BBC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {28CB53EF-E0DC-4DC1-BB30-C083BA854EFD} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {31180665-523F-4D34-A1B4-1575AFFB159B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {3707B2B0-3908-4A15-8428-A899E3A0B132} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {3C16B97D-6C07-481E-95FA-F52D5EAB834B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {3D32339E-B54F-4762-8AC4-CC189BE6FB22} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3F348B1B-83C2-4E50-A22E-FDBA867F9D95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {40178447-AB56-492A-BE34-CCDBEAF08801} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {40C1E769-CBA1-492A-AAB8-3DFA5B821560} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-02-03] ()
Task: {40FC1D0D-9ABC-4E20-8A25-7A09203D69B2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {44E0F61A-CFA2-4A5C-964A-ED21C0C26A34} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {4788A776-F48F-4100-ADFD-5F86089C8D7A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {570C1312-6519-46B5-A969-552A932711F4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5782008E-31FC-4F07-A51D-2E46B4C52243} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-10] (Microsoft Corporation)
Task: {650ABE68-ADE6-4DB9-84CB-221DC5410C15} - System32\Tasks\{67724B1C-0C6A-4692-805C-845BE583F863} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.14.0.105/fr/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {6C762645-63DA-469E-BABD-971A6589427E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7B4B02D9-AE21-4E95-BCC3-58A709BA9FE9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {8335AC77-AC90-44C9-88EE-4BA45688225A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {87BE89DA-BEDB-465B-B581-B97D9A7B6C1B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {8DAB871E-CC2C-4BC6-A9F0-417CEACBD0A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {A712C228-E724-48D8-8DA5-0939C17AC7B9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {AB367189-C535-4808-9A84-F88BE3D832E4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AE8A4330-A541-43EF-B31C-352A641B1BDF} - System32\Tasks\{953455B0-0EF1-48D9-AFB1-A6BE6C305A23} => pcalua.exe -a "C:\Users\Omnia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ES6CXBOC\windows-media-player-11_windows_media_player_11.0_francais_20085[1].exe" -d C:\Users\Omnia\Desktop
Task: {B2AA3DC5-3CFC-4DEA-A481-2CFA48C87739} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {B9C601AD-FCDD-42FD-A6DD-2E5C7E521924} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BF9343A1-9E73-473F-A317-BD9677D5C9C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {C4486774-0CCE-4E61-A05F-A504113E5907} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C8404A8B-F677-42FF-9A29-B19C9551D34A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {C8908A7C-1508-4119-A0BC-5320B8D5124B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {C8BEE0EF-5E93-41F0-AEE3-292B4C4F065E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {C98AE3DE-2321-4E8B-A120-9CD679A80B3D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CA1C1FDA-28D1-43A1-833B-F551D219D791} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CB3E5BBD-7DE0-4874-921F-333E224C9284} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D2A4E9DD-F62B-45D1-9483-01B375F50706} - System32\Tasks\Microsoft\Internet Explorer\Supprimer les versions précédentes d’Internet Explorer => C:\Windows\SYSTEM32\ie4uinit.EXE [2016-01-16] (Microsoft Corporation)
Task: {D30785B7-D215-422A-B4E3-03259EA3A4AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DB224CAB-74BF-48D3-B058-6D0E9C686635} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DBB53BF0-E98E-4296-9B62-B548940FCC25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {DF15F89D-3A49-4FCD-B4B2-7C481AD335DC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {E1B68741-C1D9-4C75-86CB-4EE3E306917A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {E7C3B4DE-B661-4B6C-9408-76875C813235} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E7C80751-802F-4B14-83A6-72FC8E523CFA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {E8C72CEE-F823-4782-BADA-56DF8540CE32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F574365F-BBE4-4CA7-80B0-21D56EF5E426} - System32\Tasks\{522F0E3E-0865-42C3-BD84-1DA8F410D046} => pcalua.exe -a "C:\Users\Omnia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4YHGUF4\sp55086[1].exe" -d C:\Users\Omnia\Desktop
Task: {F5EBE4C2-AF8E-4182-90AA-EE14AA5D486B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {F979DC26-C89B-4F41-89CF-163892C6006E} - System32\Tasks\{BAB20F9F-4EBF-4650-A537-169FE858C154} => pcalua.exe -a "C:\Users\Omnia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBE5X2V9\Win7Vista_64_152254.exe" -d C:\Users\Omnia\Desktop
Task: {FC09E2D5-4048-4F37-B35B-DBD831A66BAF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-316627027-3033381719-1982330960-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {FE983465-79B3-453D-A89C-A2BCA353AC13} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {FF74C0F5-375C-4F3A-AA96-5513F2B02A25} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 08:16 - 2015-10-30 08:16 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-21 17:11 - 2016-05-02 04:01 - 00417472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-03-20 02:35 - 2016-03-20 02:35 - 00023552 _____ () D:\odoo\Odoo 9.0-20160320\service\win32_service.exe
2016-02-03 19:49 - 2016-02-03 19:49 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-01-04 21:32 - 2012-01-04 21:31 - 00246112 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\ouc.exe
2016-03-20 02:39 - 2016-03-20 02:39 - 00020992 _____ () D:\odoo\Odoo 9.0-20160320\server\openerp-server.exe
2016-04-13 11:34 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 11:34 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-20 20:08 - 2016-05-20 20:08 - 00959168 _____ () C:\Users\Omnia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-12-18 15:04 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 20:31 - 2016-04-23 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-10 20:31 - 2016-04-23 05:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-10 20:31 - 2016-04-23 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-10 20:32 - 2016-04-23 04:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-10 20:32 - 2016-04-23 05:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-08 01:32 - 2010-12-01 15:48 - 00028672 _____ () C:\Windows\SysWOW64\UMonit.exe
2016-02-03 19:00 - 2016-02-03 19:00 - 00712432 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2016-01-06 17:41 - 2016-01-06 17:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-05-13 17:44 - 2016-05-13 17:44 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2014-02-15 23:23 - 2014-02-15 23:23 - 00027648 _____ () D:\odoo\Odoo 9.0-20160320\service\servicemanager.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00110592 _____ () D:\odoo\Odoo 9.0-20160320\service\pywintypes27.dll
2014-02-15 23:23 - 2014-02-15 23:23 - 00042496 _____ () D:\odoo\Odoo 9.0-20160320\service\win32service.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00100352 _____ () D:\odoo\Odoo 9.0-20160320\service\win32api.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00036864 _____ () D:\odoo\Odoo 9.0-20160320\service\win32process.pyd
2016-02-03 19:48 - 2016-02-03 19:48 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-02-03 19:48 - 2016-02-03 19:48 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-02-03 19:49 - 2016-02-03 19:49 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2016-03-20 23:55 - 2014-07-22 07:51 - 00138752 _____ () D:\odoo\Odoo 9.0-20160320\PostgreSQL\bin\LIBPQ.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 00011362 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\mingwm10.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 00043008 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\libgcc_s_dw2-1.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 02415104 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtCore4.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 01148416 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtNetwork4.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 00384512 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QueryStrategy.dll
2012-01-04 21:32 - 2012-01-04 21:31 - 00398336 _____ () C:\ProgramData\Internet Mobile\OnlineUpdate\QtXml4.dll
2016-03-20 23:56 - 2014-02-05 07:56 - 01036800 _____ () D:\odoo\Odoo 9.0-20160320\PostgreSQL\bin\libxml2.dll
2014-03-06 14:44 - 2014-03-06 14:44 - 02935296 _____ () D:\odoo\Odoo 9.0-20160320\server\lxml.etree.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00100352 _____ () D:\odoo\Odoo 9.0-20160320\server\win32api.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00110592 _____ () D:\odoo\Odoo 9.0-20160320\server\pywintypes27.dll
2014-02-15 23:24 - 2014-02-15 23:24 - 00397312 _____ () D:\odoo\Odoo 9.0-20160320\server\pythoncom27.dll
2013-11-10 14:54 - 2013-11-10 14:54 - 00087552 _____ () D:\odoo\Odoo 9.0-20160320\server\_ctypes.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00358400 _____ () D:\odoo\Odoo 9.0-20160320\server\_hashlib.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00686080 _____ () D:\odoo\Odoo 9.0-20160320\server\unicodedata.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00044544 _____ () D:\odoo\Odoo 9.0-20160320\server\_socket.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00899584 _____ () D:\odoo\Odoo 9.0-20160320\server\_ssl.pyd
2014-01-08 13:53 - 2014-01-08 13:53 - 01262592 _____ () D:\odoo\Odoo 9.0-20160320\server\psycopg2._psycopg.pyd
2014-02-15 23:23 - 2014-02-15 23:23 - 00042496 _____ () D:\odoo\Odoo 9.0-20160320\server\win32service.pyd
2014-03-04 18:52 - 2014-03-04 18:52 - 00178176 _____ () D:\odoo\Odoo 9.0-20160320\server\_yaml.pyd
2014-03-07 05:00 - 2014-03-07 05:00 - 00798720 _____ () D:\odoo\Odoo 9.0-20160320\server\PIL._imaging.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00127488 _____ () D:\odoo\Odoo 9.0-20160320\server\pyexpat.pyd
2014-03-06 14:56 - 2014-03-06 14:56 - 00026112 _____ () D:\odoo\Odoo 9.0-20160320\server\reportlab.lib._rl_accel.pyd
2013-05-21 21:28 - 2013-05-21 21:28 - 00008192 _____ () D:\odoo\Odoo 9.0-20160320\server\markupsafe._speedups.pyd
2013-11-10 14:54 - 2013-11-10 14:54 - 00010240 _____ () D:\odoo\Odoo 9.0-20160320\server\select.pyd
2013-11-25 14:27 - 2013-11-25 14:27 - 00036352 _____ () D:\odoo\Odoo 9.0-20160320\server\_psutil_mswindows.pyd
2016-05-20 20:08 - 2016-05-20 20:08 - 00679624 _____ () C:\Users\Omnia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-03-09 13:03 - 2016-03-09 13:03 - 00022288 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\mediautil.dll
2016-03-09 13:03 - 2016-03-09 13:03 - 01520912 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avformat-55.dll
2016-03-09 13:03 - 2016-03-09 13:03 - 04274960 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2016-03-09 13:03 - 2016-03-09 13:03 - 00322832 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
2016-02-03 18:53 - 2016-02-03 18:53 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-03-09 13:02 - 2016-03-09 13:02 - 00654608 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [252]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-07-09 15:15 - 2014-04-29 21:59 - 00000855 _RASH C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-316627027-3033381719-1982330960-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{99A7BA4B-61EB-47B5-BF3B-A7D38AED94B8}] => (Allow) LPort=48113
FirewallRules: [{2A19B614-1FE0-4A04-9022-2D3EC0239623}] => (Allow) LPort=48113
FirewallRules: [{5CD0AEF2-F09D-46B5-B860-A38E4BC20B69}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{167B252D-7F8B-45A3-A79A-1F897B042071}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{43DC926F-EC16-4D81-88D3-25886ABB652E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{64C5BEEA-46B5-4875-8171-A92AA420AC22}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{15E06ECB-21A6-4728-A4F8-509D95038D06}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{3B9C8C76-0EF0-428D-8225-D67BB36A8718}] => (Allow) LPort=48114
FirewallRules: [{E1F26475-7F75-406D-B9D8-401932791FDC}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{D0733789-5F23-4042-A2FD-758D563AB7AB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EE9EA82B-F2FA-43E2-A981-5EB3E3F7A5D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{31F66B29-18D7-45F7-A583-249E5B8DF4DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{71A6A65D-A991-43EB-9143-BD4230B8A8E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E8D01D6D-E525-44C5-8CF5-42FA4EEAE15A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E87CB6BF-E105-4627-9BC0-A55AC36A8D95}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{DBC7D1BB-1911-43E5-90B1-9F11FA02BF5B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/30/2016 09:54:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1505) (User: IHAB-PC)
Description: Windows ne peut pas charger le profil de l’utilisateur mais a ouvert une session avec le profil par défaut pour le système.
DÉTAIL - Access is denied.
Error: (05/30/2016 09:54:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: IHAB-PC)
Description: Windows ne peut pas trouver le profil local et tente de vous connecter avec un profil temporaire. Les modifications effectuées à ce profil seront perdues lorsque vous vous déconnecterez.
Error: (05/30/2016 08:02:30 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1505) (User: IHAB-PC)
Description: Windows ne peut pas charger le profil de l’utilisateur mais a ouvert une session avec le profil par défaut pour le système.
DÉTAIL - Access is denied.
Error: (05/30/2016 08:02:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: IHAB-PC)
Description: Windows ne peut pas trouver le profil local et tente de vous connecter avec un profil temporaire. Les modifications effectuées à ce profil seront perdues lorsque vous vous déconnecterez.
Error: (05/30/2016 12:40:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1505) (User: IHAB-PC)
Description: Windows ne peut pas charger le profil de l’utilisateur mais a ouvert une session avec le profil par défaut pour le système.
DÉTAIL - Access is denied.
Error: (05/30/2016 12:40:34 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: IHAB-PC)
Description: Windows ne peut pas trouver le profil local et tente de vous connecter avec un profil temporaire. Les modifications effectuées à ce profil seront perdues lorsque vous vous déconnecterez.
Error: (05/30/2016 11:52:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme iexplore.exe version 11.0.10586.20 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.
ID de processus : 1480
Heure de début : 01d1ba60f5b991f6
Heure de fin : 84
Chemin d'accès de l'application : C:\Program Files (x86)\Internet Explorer\iexplore.exe
ID de rapport : 9b43895b-2654-11e6-a3ae-74de2b74a6b9
Nom complet du package défaillant :
ID de l'application relative au package défaillant :
Error: (05/30/2016 11:37:33 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1 ». Erreur dans le fichier de manifeste ou de stratégie « UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2 » à la ligne UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (05/30/2016 11:37:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1 ».
Assembly dépendant rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (05/30/2016 11:37:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1 ».
Assembly dépendant rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
System errors:
=============
Error: (05/30/2016 09:56:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 6ème fois.
Error: (05/30/2016 09:56:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 5ème fois.
Error: (05/30/2016 09:56:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 4ème fois.
Error: (05/30/2016 09:56:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 3ème fois.
Error: (05/30/2016 09:56:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 2ème fois.
Error: (05/30/2016 09:55:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealPlayer Cloud Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (05/30/2016 09:55:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service RealTimes Desktop Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (05/30/2016 09:54:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Internet Mobile. RunOuc n’a pas pu démarrer en raison de l’erreur :
%%1053
Error: (05/30/2016 09:54:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Internet Mobile. RunOuc.
Error: (05/30/2016 09:54:44 PM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: L’appel LoadUserProfile a échoué avec l’erreur :
%%2
CodeIntegrity:
===================================
Date: 2016-05-30 19:59:45.252
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Omnia\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-30 19:59:45.171
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Omnia\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-30 19:59:43.561
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Omnia\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-18 14:23:47.361
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-15 14:34:18.432
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-14 12:08:40.139
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-11 12:17:10.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-10 21:07:19.446
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-06 14:19:01.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-03 11:17:44.132
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 3893.85 MB
Available physical RAM: 2125.36 MB
Total Virtual: 7861.85 MB
Available Virtual: 5771.51 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:96.88 GB) (Free:64.14 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:163.43 GB) (Free:162.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 73256BD4)
Partition 1: (Not Active) - (Size=10 GB) - (Type=12)
Partition 2: (Active) - (Size=96.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=793 MB) - (Type=27)
Partition 4: (Not Active) - (Size=163.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================