cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-06-2016
Ran by Hicham (2016-06-09 15:34:52)
Running from C:\Users\Hicham\Desktop
Windows 10 Pro Version 1511 (X64) (2016-04-24 20:53:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3904176937-4064756832-2789825856-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3904176937-4064756832-2789825856-503 - Limited - Disabled)
Guest (S-1-5-21-3904176937-4064756832-2789825856-501 - Limited - Disabled)
Hicham (S-1-5-21-3904176937-4064756832-2789825856-1001 - Administrator - Enabled) => C:\Users\Hicham

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3904176937-4064756832-2789825856-1001\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader 7.0.8 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A70800000002}) (Version: 7.0.8 - Adobe Systems Incorporated)
Aimersoft Video Converter Ultimate(Build 4.0.3.0) (HKLM-x32\...\Aimersoft Video Converter Ultimate_is1) (Version: - Aimersoft Software)
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1713, 27.04.2016 - AIMP DevTeam)
Any Audio Converter 5.9.4 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
Bigasoft Video Downloader Pro 3.9.9.5750 (HKLM-x32\...\{C7056BA6-D954-42A2-ABBA-AB2E8E777730}_is1) (Version: - Bigasoft Corporation)
BlueStacks App Player (HKLM-x32\...\{AA655366-D323-404D-AA9B-AD562CAE1DD0}) (Version: 2.2.21.6212 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Étude pour l'amélioration du produit HP Deskjet 1510 series (HKLM\...\{4FC8905C-0B85-4A31-B30B-F3CD3917F7D6}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
f.lux (HKU\S-1-5-21-3904176937-4064756832-2789825856-1001\...\Flux) (Version: - )
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.2.5251 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Deskjet 1510 series Aide (HKLM-x32\...\{00645C10-53C9-46DC-B7D0-6F7B006972E9}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.2.8.25 - HP)
HP Support Solutions Framework (HKLM-x32\...\{EB72DB50-C935-4C26-8349-69828F198902}) (Version: 12.4.18.7 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
K-Lite Codec Pack 5.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.2.0 - )
Logiciel de base du périphérique HP Deskjet 1510 series (HKLM\...\{54C00C25-16ED-4035-BAEC-1C5F9B83B113}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040C-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Octoshape Streaming Services (HKU\S-1-5-21-3904176937-4064756832-2789825856-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{2E0C1D31-8FEC-411E-97FB-6E56BD429A98}) (Version: 1.3.10 - Microsoft Corporation)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Quranflash Desktop الإصدار 1.3 (HKLM-x32\...\{628E798A-4A77-46F8-9E3D-5A5D6377323E}}_is1) (Version: 1.3 - Vijua, Inc.)
RealDownloader (x32 Version: 18.1.3.103 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.3.104 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VirtualDJ 8 (HKLM-x32\...\{68A952A1-F666-4A5F-98C9-03EE9625B2E2}) (Version: 8.1.2857.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3904176937-4064756832-2789825856-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Hicham\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {129DB53A-6A26-4064-9DB4-72705F1B06BD} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3904176937-4064756832-2789825856-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-02-03] (RealNetworks, Inc.)
Task: {1B25DB65-7EAF-48C5-990D-6FDAD2F43ECD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {1DEC413E-D3FA-41F5-8BC7-E5613DBB7EE3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {376B4863-AA79-459A-A745-55A43C060F6C} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {3A0BEB44-D402-4D54-97E0-A8C0414FDF21} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {3AB334C5-8B01-45EC-85F6-77FE8AC513D2} - System32\Tasks\HPCeeScheduleForHicham => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {42A7940C-279F-4F16-BD12-CB4271717299} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3904176937-4064756832-2789825856-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {51DF496D-5BE7-447D-B1A9-94DF3B10DD96} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-22] (HP Inc.)
Task: {67EA482E-99E6-4639-9DF7-CCAE14D3AF88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {8936EFCB-8554-4A59-BBCF-2AF7ABFEE265} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {997E1775-F97B-4378-89E6-549099D80956} - System32\Tasks\AdobeAAMUpdater-1.0-IdrissiGFX-Hicham => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {A680EA58-5263-4158-912F-26F66DF64B96} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {AE289875-4E38-4D7A-86E1-FD1170023BE0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {BA849769-F41F-4A59-AC56-2B43FF7490C2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3904176937-4064756832-2789825856-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {C67054FD-2D22-4456-8ABA-2554A7E766E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {E642A7E9-45E3-4B8D-B404-0BA7EBE8D6A4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {F11E14E5-708A-4D79-9336-7F239940CEA3} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-02-03] ()
Task: {F3C6C805-692E-4BA9-BC1D-ADC8639CBE02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {F76F9066-D158-4CD1-A454-5165EE2BEACB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForHicham.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Hicham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Diagrammes de Gliffy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=bhmicilclplefnflapjmnngmkkkkpfad
ShortcutWithArgument: C:\Users\Hicham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 07:18 - 2015-10-30 07:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-24 18:55 - 2016-01-29 10:49 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-25 11:19 - 2016-03-29 10:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-03 17:49 - 2016-02-03 17:49 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-06-09 14:52 - 2016-06-09 14:52 - 00496640 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SeriousBit.3cb6c405#\05e6a6d0f95a8e237681aa755bf91aa9\SeriousBit.NetBalancer.DeskBand.ni.dll
2016-04-25 11:19 - 2016-03-29 10:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-18 11:13 - 2016-05-18 11:13 - 00959168 _____ () C:\Users\Hicham\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2014-05-01 14:13 - 2014-05-01 14:13 - 00470016 _____ () C:\Users\Hicham\AppData\Local\MEGAsync\ShellExtX64.dll
2016-02-13 12:54 - 2016-02-13 12:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 20:30 - 2016-04-23 04:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-10 20:32 - 2016-04-23 04:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-10 20:32 - 2016-04-23 03:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-10 20:32 - 2016-04-23 03:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-10 20:32 - 2016-04-23 04:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-03 17:00 - 2016-02-03 17:00 - 00712432 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-04-08 19:53 - 2015-04-08 19:53 - 00049152 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2016-06-09 12:43 - 2016-06-04 01:01 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-09 12:43 - 2016-06-04 01:01 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
2015-12-22 00:47 - 2015-12-22 00:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll
2016-02-03 17:48 - 2016-02-03 17:48 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-02-03 17:48 - 2016-02-03 17:48 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-02-03 17:49 - 2016-02-03 17:49 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2016-05-18 11:13 - 2016-05-18 11:13 - 00679624 _____ () C:\Users\Hicham\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-04-26 14:40 - 2016-05-11 14:10 - 03306496 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
2016-04-25 23:12 - 2016-04-25 23:12 - 00089328 _____ () c:\program files (x86)\real\realplayer\CrashRpt\CrashRpt1402.dll
2016-04-25 23:11 - 2016-04-25 23:11 - 00022288 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\mediautil.dll
2016-04-25 23:11 - 2016-04-25 23:11 - 04274960 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2016-04-25 23:11 - 2016-04-25 23:11 - 00322832 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
2016-04-25 23:11 - 2016-04-25 23:11 - 01520912 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avformat-55.dll
2016-02-03 16:53 - 2016-02-03 16:53 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-04-25 23:11 - 2016-04-25 23:11 - 00654608 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll
2016-02-03 17:00 - 2016-02-03 17:00 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2016-01-16 20:40 - 2016-01-16 20:40 - 00143872 _____ () C:\Users\Hicham\AppData\Local\MEGAsync\libuv.dll
2015-11-04 11:40 - 2015-11-04 11:40 - 00052224 _____ () C:\Users\Hicham\AppData\Local\MEGAsync\cares.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 05:26 - 2012-07-26 05:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3904176937-4064756832-2789825856-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3904176937-4064756832-2789825856-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8B491665-548B-415C-A9A2-D23660A01E91}] => (Allow) C:\Users\Hicham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5D2A2EAA-B425-4B8E-B1C4-9213E0F97AF4}] => (Allow) C:\Users\Hicham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0E0FA27B-C4D4-4A44-8C68-33093C36B2C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{18065CBE-3A74-4E5B-98AB-C6D707406000}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1FB26BAF-BB08-46F7-AA8D-23101DD357A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4BA9E2BF-8B19-4FCA-AD46-B4186CA5A8C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D49AEA3C-FB53-4E1B-B458-BAE9E78339A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AC4FD5A8-83D0-4CAA-B02B-0BC11398E4C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{780D6AA9-B4F4-41C3-B23E-EE696F6F18EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{46262F98-7568-42E6-B63D-305AD6133482}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{90530ED4-A169-44BD-82D8-E39E4F82B989}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{94AC5A33-0E1D-45F7-86FA-BE02CA5B164F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{732A8E27-38CD-4509-9331-C887F7FE70D0}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{ABAEEC99-1E9E-4CA8-87C5-282E53A4524B}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{53805812-8A6E-4579-8297-37FDFA669870}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
FirewallRules: [{CE477D3F-EDEA-4D84-B5FD-D835A3CA381E}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{0CCF3911-F4D1-443B-BD53-3AFC14680E1A}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{FFA1EFEF-D9BB-405C-9CBF-05B7F80407F0}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{14F863EC-4288-452B-BE65-ACCAAC235986}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{4D8CBEDF-FF78-4A49-9F9C-FB616B9E1B5D}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3F0DDEA9-F683-495F-9852-9EE593596ED3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A6C36316-66A1-41AD-A201-939089729E40}] => (Allow) LPort=2869
FirewallRules: [{9D6EAAB3-68E6-4610-9C40-19309C678828}] => (Allow) LPort=1900
FirewallRules: [{9E6D74D8-2EA9-4939-86FE-EBCE568ECB2B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{207FED21-279D-4A80-8C55-58CEABB9627E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Périphérique système de base
Description: Périphérique système de base
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Périphérique système de base
Description: Périphérique système de base
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Périphérique système de base
Description: Périphérique système de base
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2016 03:30:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/09/2016 03:30:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (06/09/2016 03:28:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (06/09/2016 03:28:47 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (06/09/2016 03:28:45 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (06/09/2016 03:28:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (06/09/2016 03:28:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (06/09/2016 03:28:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (06/09/2016 03:28:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/09/2016 02:17:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (06/09/2016 03:31:08 PM) (Source: DCOM) (EventID: 10016) (User: IdrissiGFX)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}IdrissiGFXHichamS-1-5-21-3904176937-4064756832-2789825856-1001LocalHost (Using LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

Error: (06/09/2016 03:23:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Group Policy Client n’a pas pu démarrer en raison de l’erreur :
%%3

Error: (06/09/2016 03:23:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Group Policy Client n’a pas pu démarrer en raison de l’erreur :
%%3

Error: (06/09/2016 03:23:36 PM) (Source: DCOM) (EventID: 10010) (User: IdrissiGFX)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (06/09/2016 03:23:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service User Data Access_28483 s’est terminé de façon inattendue pour la 1ème fois.

Error: (06/09/2016 03:23:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service User Data Storage_28483 s’est terminé de façon inattendue pour la 1ème fois.

Error: (06/09/2016 03:23:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Contact Data_28483 s’est terminé de façon inattendue pour la 1ème fois.

Error: (06/09/2016 03:23:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Sync Host_28483 s’est terminé de façon inattendue pour la 1ème fois.

Error: (06/09/2016 03:23:29 PM) (Source: DCOM) (EventID: 10010) (User: IdrissiGFX)
Description: {0002DF02-0000-0000-C000-000000000046}

Error: (06/09/2016 03:23:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable


CodeIntegrity:
===================================
Date: 2016-06-07 22:39:38.398
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-06 15:07:08.167
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-15 06:58:30.706
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-12 01:31:16.408
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-10 22:25:22.076
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-02 02:38:41.234
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-27 22:54:20.778
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 18:00:55.127
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 13:12:28.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-26 12:46:22.173
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 57%
Total physical RAM: 4022.86 MB
Available physical RAM: 1724.4 MB
Total Virtual: 4726.86 MB
Available Virtual: 2140.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:116.38 GB) (Free:73.35 GB) NTFS
Drive d: () (Fixed) (Total:180.9 GB) (Free:88.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 11ED480E)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=474 MB) - (Type=27)
Partition 4: (Not Active) - (Size=180.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité