cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by ght (2016-07-04 04:07:05)
Running from C:\Users\ght\Desktop
Windows 10 Pro Version 1511 (X64) (2016-06-30 18:41:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1893985918-689026998-722324329-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1893985918-689026998-722324329-503 - Limited - Disabled)
ght (S-1-5-21-1893985918-689026998-722324329-1002 - Administrator - Enabled) => C:\Users\ght
Guest (S-1-5-21-1893985918-689026998-722324329-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1893985918-689026998-722324329-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«Pro Evolution Soccer 2016» 1.8.0.0 (HKLM-x32\...\«Pro Evolution Soccer 2016»_is1) (Version: 1.8.0.0 - KONAMI)
µTorrent (HKU\S-1-5-21-1893985918-689026998-722324329-1002\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Canon LBP6020 (HKLM\...\Canon LBP6020) (Version: - )
Catalyst Control Center Next Localization BR (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0621.1741.29990 - Advanced Micro Devices, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.19.52 - Conexant)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
FPatch PES 16 (HKLM\...\{AADC303A-30F8-48C8-89AC-376AC23D2DC5}) (Version: 1.0.0 - Group FPEdit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Larousse Médical (HKLM-x32\...\{11DA34AE-A565-4659-86BE-11252557783F}) (Version: - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
The Amazing Spider-Man 2 (HKLM-x32\...\The Amazing Spider-Man 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
Viber (HKU\S-1-5-21-1893985918-689026998-722324329-1002\...\{e577cb09-2068-44fb-8eed-cfcc1617b010}) (Version: 5.3.0.1884 - Viber Media Inc.)
Viber (x32 Version: 5.3.0.1884 - Viber Media Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.13.0 (HKLM\...\VulkanRT1.0.13.0) (Version: 1.0.13.0 - LunarG, Inc.)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1893985918-689026998-722324329-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ght\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EB583B-E8C3-403E-97D2-50BD1BFA13AD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {04BB4F42-07AD-4B3D-97D3-EF3D520401A5} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-01-08] ()
Task: {0E0FE01A-DB57-413B-9821-0C90CD803A7F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0EA24334-BB72-4453-806B-4152819C3D8A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {17AF6FE1-F125-43EB-B0CE-9DCFAC64486C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2B9265A1-0BCD-448B-95EB-536DADD635D0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {6103FA4A-7EF6-4ECB-AE82-50C9F78B78D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-07] (Google Inc.)
Task: {63F391C2-95AB-4292-B7A1-017DA5E7D39E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {676E248A-9F90-473F-9967-CE74AB2E3E57} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {69901AAB-7A09-4F1F-A810-95DAA1DD6BA9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6EF3093C-C03C-4C54-989A-83FE1AAE1B6D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7282CB9E-5843-4A2F-AFC6-F055CE6A91F2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7D32F304-4692-47ED-83FE-2B172FE6B124} - System32\Tasks\{39C7CA80-EFA4-4E9F-A546-B840FF48BB04} => pcalua.exe -a E:\GaMeEs\Windows\NFS\EASetup.exe -d E:\GaMeEs\Windows\NFS
Task: {80507FA9-F593-4BC6-A650-9C71B666E2BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {81FEFEDC-5081-404F-B02B-2BD653AC0FBB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8342FCFC-E32C-405C-AED2-2814AD73A9D7} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-06-21] (Advanced Micro Devices, Inc.)
Task: {871DCC27-281F-41CE-ACF3-18A599561431} - \Optimize Start Menu Cache Files-S-1-5-21-1893985918-689026998-722324329-1001 -> No File <==== ATTENTION
Task: {8E9DB703-51AE-40D5-94C4-C5900BE984A8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {989AD617-85AE-4F5D-B25F-91C85A3D995F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {A907408E-DA7D-4305-95B1-F9362F5DD331} - \WinTaske -> No File <==== ATTENTION
Task: {AB89B1A5-C863-4BCF-89F2-1C0F4F6693FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-07] (Google Inc.)
Task: {C4DC8818-4B07-427D-BC7B-32C4BA4D0EC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D4FB9684-B16D-4324-A2F1-21C2EC6A8E88} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {D8EF58E3-BBC9-46EC-8292-1BEB4A17926A} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {DCEB57E0-181E-4F2A-8033-2AF44181714E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E28A2072-35E8-4FD6-9229-F682EDF48AB1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for BUMBA_WORLD-ght BUMBA_WORLD => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {FA287B1F-6AB8-44D8-B974-EA5020701C85} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-01 00:40 - 2016-07-01 00:40 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-07-01 03:48 - 2016-07-01 03:48 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-30 19:50 - 2016-06-30 19:50 - 00959168 _____ () C:\Users\ght\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-07-01 03:48 - 2016-07-01 03:48 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-27 07:10 - 2016-04-27 07:10 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-01 03:49 - 2016-07-01 03:49 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-01 03:48 - 2016-07-01 03:48 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-01 03:48 - 2016-07-01 03:48 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-01 03:48 - 2016-07-01 03:48 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-01 03:48 - 2016-07-01 03:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-07-01 20:59 - 2016-07-01 20:59 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-07-01 20:59 - 2016-07-01 20:59 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-07-01 20:59 - 2016-07-01 20:59 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-07-01 20:48 - 2016-07-01 20:48 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-07-01 20:49 - 2016-07-01 20:50 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-30 19:49 - 2016-06-30 19:49 - 00679624 _____ () C:\Users\ght\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2012-10-01 20:37 - 2012-10-01 20:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-06-17 23:29 - 2016-06-15 10:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 23:29 - 2016-06-15 10:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-07-01 20:49 - 2016-07-01 20:50 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-07-01 20:49 - 2016-07-01 20:50 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-06-17 23:29 - 2016-06-15 10:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1893985918-689026998-722324329-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\ght\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{7c3e9010-1a89-4276-8ef3-9173d726ef7a}.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1893985918-689026998-722324329-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1893985918-689026998-722324329-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1893985918-689026998-722324329-1002\...\StartupApproved\Run: => "Viber"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1EF18414-4139-4177-A016-D768B1BFD0E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{93C54A4A-2529-4FFE-8E1D-5277A8B5036A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8F558803-23CD-457A-B77F-F25004423E3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{03B6BD39-3AF4-4773-B30C-41CB8DCA31ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B841B732-F400-418F-B614-8ED9A1F72FAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{03DCD94A-0820-4880-BCCD-C05C714BAFB2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A3895B38-390B-4E31-82C7-9AF67C8FC355}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{65128038-7A7B-4A3F-82FA-75A4FCA6C29A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B1CADB34-C07F-4846-8287-F9E670AB6BBA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{78102697-117A-4B27-BB71-4DDABA5D8C28}] => (Allow) C:\Users\ght\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{01DE25B2-7B3D-4A7B-A097-726D2EFD5289}] => (Allow) C:\Users\ght\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8785BFED-83D7-482C-9708-6749DE1818EC}] => (Allow) C:\Users\ght\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B15A1CE-C439-4921-B01D-02A012B04C81}] => (Allow) C:\Users\ght\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D92F3809-38E6-41FB-9122-4BC8D1BF3402}] => (Allow) C:\Users\ght\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{264ECA1C-A882-49F6-B583-F390B4BE06C0}] => (Allow) C:\Users\ght\AppData\Roaming\uTorrent\uTorrent.exe

==================== Restore Points =========================

01-07-2016 00:27:56 Installed DirectX
02-07-2016 02:32:36 Installed DirectX
02-07-2016 04:59:39 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2016 08:03:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BUMBA_WORLD)
Description: Activation of app Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/03/2016 07:41:38 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/03/2016 05:47:37 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/03/2016 05:47:32 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/03/2016 06:31:07 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/03/2016 06:31:02 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/03/2016 12:44:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Hotspot Shield 5.4.exe, version: 172.3.4.6788, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 10.0.10586.306, time stamp: 0x571afb9a
Exception code: 0x0eedfade
Fault offset: 0x000bdae8
Faulting process id: 0x5e84
Faulting application start time: 0xHotspot Shield 5.4.exe0
Faulting application path: Hotspot Shield 5.4.exe1
Faulting module path: Hotspot Shield 5.4.exe2
Report Id: Hotspot Shield 5.4.exe3
Faulting package full name: Hotspot Shield 5.4.exe4
Faulting package-relative application ID: Hotspot Shield 5.4.exe5

Error: (07/02/2016 07:25:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PES2016.exe, version: 1.8.0.0, time stamp: 0x573a00b8
Faulting module name: PES2016.exe, version: 1.8.0.0, time stamp: 0x573a00b8
Exception code: 0xc0000005
Fault offset: 0x00593d53
Faulting process id: 0x2888
Faulting application start time: 0xPES2016.exe0
Faulting application path: PES2016.exe1
Faulting module path: PES2016.exe2
Report Id: PES2016.exe3
Faulting package full name: PES2016.exe4
Faulting package-relative application ID: PES2016.exe5

Error: (07/02/2016 05:37:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BUMBA_WORLD)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/02/2016 05:36:22 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error


System errors:
=============
Error: (07/03/2016 11:56:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/03/2016 09:21:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/03/2016 08:09:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/03/2016 07:41:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_6e052ce service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/03/2016 07:41:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/03/2016 07:20:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/03/2016 05:47:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_6d0479d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/03/2016 05:47:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/03/2016 05:41:07 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/03/2016 06:31:04 AM) (Source: DCOM) (EventID: 10010) (User: BUMBA_WORLD)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


CodeIntegrity:
===================================
Date: 2016-07-03 00:41:31.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-07-02 05:18:33.756
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-07-02 04:56:13.660
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-02 04:56:13.457
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-01 00:30:05.041
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-30 20:11:18.349
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-30 19:15:42.894
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-30 18:55:44.070
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 48%
Total physical RAM: 8112.23 MB
Available physical RAM: 4142.57 MB
Total Virtual: 10022.23 MB
Available Virtual: 5386.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.63 GB) (Free:202.33 GB) NTFS
Drive d: (°° PhàRmàCiè °°) (Fixed) (Total:292.97 GB) (Free:274.14 GB) NTFS
Drive e: (Images , Films , Music) (Fixed) (Total:345.57 GB) (Free:153.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3774E703)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité