Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015 Ran by evelyne at 2015-06-03 17:26:47 Running from C:\Users\evelyne pigeat\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-4022898307-792280897-3800642082-500 - Administrator - Disabled) evelyne (S-1-5-21-4022898307-792280897-3800642082-1001 - Administrator - Enabled) => C:\Users\evelyne pigeat Invité (S-1-5-21-4022898307-792280897-3800642082-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) allday savings (HKLM\...\57F737B4-ACBE-4AFB-87B3-6DC08B80F484) (Version: 2.0.1 - allday savings) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Canon iP3300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300) (Version: - ) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DTS Sound (HKLM-x32\...\{2C7A5AF4-1793-4B5A-89C0-021FB198EDE8}) (Version: 1.01.3900 - DTS, Inc.) Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden Free PDF to Word Converter 2.0 (HKLM-x32\...\Free PDF to Word Converter_is1) (Version: - Free-PDF-to-Word.com) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation) Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.8.130.12 - McAfee, Inc.) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{9011040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation) Module de compatibilité pour Microsoft Office System 2007 (HKLM-x32\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Opera Stable 23.0.1522.77 (HKLM-x32\...\Opera 23.0.1522.77) (Version: 23.0.1522.77 - Opera Software ASA) PC Sync (HKLM-x32\...\{A4DCAA77-151D-4CE9-8D79-E4ADB48031A2}) (Version: 8.00.1107 - Orange) PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.41.17507 - pdfforge GmbH) PDF Architect 2 Asian Fonts Pack (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden PDF Architect 2 Insert Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge) Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7090 - Realtek Semiconductor Corp.) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated) TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.01.6402 - Toshiba Corporation) TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.1.6403 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.04.6403 - Toshiba Corporation) TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.18 - TOSHIBA) TOSHIBA Password Utility (HKLM-x32\...\{2DB90351-FBAA-472B-9F12-6E1EBBB354DE}) (Version: v2.1.0.15 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.10.1.6400 - Toshiba Corporation) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation) TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.0.32003 - Toshiba Corporation) Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH) TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.29.107 - Toshiba Corporation) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.14 - WildTangent) Hidden WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4022898307-792280897-3800642082-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\evelyne pigeat\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4022898307-792280897-3800642082-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\evelyne pigeat\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4022898307-792280897-3800642082-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\evelyne pigeat\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4022898307-792280897-3800642082-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\evelyne pigeat\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4022898307-792280897-3800642082-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\evelyne pigeat\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 14-05-2015 13:05:59 Windows Update 21-05-2015 19:17:26 Windows Update 01-06-2015 08:18:35 Windows Update 02-06-2015 08:53:19 avast! antivirus system restore point 03-06-2015 09:18:07 Opération de restauration ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 16:25 - 2013-08-22 16:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {020D8A2B-097A-493A-AE6E-35FD84E0709D} - System32\Tasks\TOSHIBA\HotKeysCmds => C:\Windows\system32\hkcmd.exe [2013-11-22] (Intel Corporation) Task: {04A59C51-A84F-4684-825E-E346D795067C} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23] (TOSHIBA) Task: {05F7561C-593F-4065-BDDA-F5C724A12BD4} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation) Task: {0DC46990-E3B8-45F4-9FF1-4227799082E6} - System32\Tasks\TOSHIBA\IgfxTray => C:\Windows\system32\igfxtray.exe [2013-11-22] (Intel Corporation) Task: {223F6F89-3A06-41D9-92D6-6762718CD3ED} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-10-15] (TOSHIBA Corporation) Task: {2DCE8B6E-1BE9-4CD6-A56C-59327C305D3B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24] (Realtek Semiconductor) Task: {34E3F695-1E5C-41EC-94C3-1092D6DFBEB2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-14] (Microsoft Corporation) Task: {403C6D2B-216B-4177-93A7-C180B129ADEF} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: {4E839E87-DC13-4710-94C9-1425EE19B175} - System32\Tasks\TOSHIBA\TCrdMain => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-09] (TOSHIBA Corporation) Task: {54FEDEFB-2A8D-4897-A5BF-745BBD19599E} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-14] (TOSHIBA Corporation) Task: {5632EECD-EEDF-4A76-878E-22A6E4A5A75A} - System32\Tasks\TOSHIBA\Persistence => C:\Windows\system32\igfxpers.exe [2013-11-22] (Intel Corporation) Task: {72B6DF68-AC14-4450-B7D9-1557B56777FC} - System32\Tasks\Launch 10127 => C:\Program Files (x86)\PC Sync\Voxsync.exe [2014-02-03] () Task: {85CC3A6F-DE1C-4E35-B36B-C8A687403CFB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {8B454F84-D17B-4ABF-8FE9-68B543FB6E24} - System32\Tasks\Opera scheduled Autoupdate 1408889770 => C:\Program Files (x86)\Opera\launcher.exe Task: {B99DB696-624A-4524-B2F8-861CFA634D46} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: {BF02AEC1-B149-478B-B839-69A783E5FEDB} - \WindApp Update No Task File <==== ATTENTION Task: {BF065372-8775-4AC6-BF6D-880923CF7CC0} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4022898307-792280897-3800642082-1001 Task: {BFB93709-83A7-4C0A-9677-4CBB69CA3759} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH) Task: {CA14D0C8-2EF5-4850-8A0B-885B03F1EAEB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation) Task: {D02D2580-7D56-4D91-8BC0-3B4651D5AB39} - System32\Tasks\{67278362-D2A2-41A9-BE1F-3157CF00A94B} => pcalua.exe -a "C:\Users\evelyne pigeat\AppData\Roaming\webssearches\UninstallManager.exe" -c -ptid=ild <==== ATTENTION Task: {D9BC278B-3A44-4FF0-877C-AD3592AE7562} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation) Task: {EF115FCF-0BC4-4885-956B-28BD04FE24D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {F29FCAD5-A992-408F-913A-F5F364A42D5E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4022898307-792280897-3800642082-1001Core.job => C:\Users\evelyne pigeat\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4022898307-792280897-3800642082-1001Core1cff5c33e7cfe54.job => C:\Users\evelyne pigeat\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4022898307-792280897-3800642082-1001Core1d0007c1729dbcb.job => C:\Users\evelyne pigeat\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4022898307-792280897-3800642082-1001Core1d040f43d4d710c.job => C:\Users\evelyne pigeat\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4022898307-792280897-3800642082-1001Core1d08ef6610c8f3.job => C:\Users\evelyne pigeat\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe ==================== Loaded Modules (Whitelisted) ============== 2013-11-07 01:26 - 2013-11-07 01:26 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe 2012-07-19 05:38 - 2012-07-19 05:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll 2014-07-07 14:41 - 2014-02-03 15:28 - 00212992 _____ () C:\Program Files (x86)\Common Files\Orange\PC Sync\OutlookAddon9.dll 2003-07-15 06:44 - 2003-07-15 06:44 - 00102968 _____ () C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLCTL.DLL ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\evelyne pigeat\SkyDrive:ms-properties AlternateDataStreams: C:\Users\evelyne pigeat\SkyDrive.old:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4022898307-792280897-3800642082-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\evelyne pigeat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "PC Sync.lnk" HKLM\...\StartupApproved\Run: => "TSSSrv" HKU\S-1-5-21-4022898307-792280897-3800642082-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{A1D6A491-7D6E-4AB6-9FB5-E54A241110A6}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{C58218F5-ECFE-414A-BB73-1A9ED7F9908A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{507C0242-188D-4D14-BE0A-BE1B1853D575}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{CF8B9828-00CF-437C-B38F-C0725F84AED5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{06DBA1F8-AB25-45F4-A580-94247323BB86}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{80F3AA22-705D-4678-91B7-9435D091C6E1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{6FB97436-DD0A-41C3-8CF6-C8038924B705}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{30D15647-CFBA-44C9-8464-0ACEA94C29B2}C:\users\evelyne pigeat\appdata\roaming\torntv.com\torntv downloader.exe] => (Allow) C:\users\evelyne pigeat\appdata\roaming\torntv.com\torntv downloader.exe FirewallRules: [UDP Query User{69A08505-C252-40BB-8B33-D1B95AC4C1D7}C:\users\evelyne pigeat\appdata\roaming\torntv.com\torntv downloader.exe] => (Allow) C:\users\evelyne pigeat\appdata\roaming\torntv.com\torntv downloader.exe FirewallRules: [{3829AB85-4142-40BD-8B01-5C3932DD8EC5}] => (Allow) C:\Program Files (x86)\PodoWeb\bin\PodoWeb.BRT.Helper.exe FirewallRules: [{769F8C93-A0B2-41C0-AEA0-3F66C18B30A5}] => (Allow) C:\Program Files (x86)\PodoWeb\bin\PodoWeb.BRT.Helper.exe FirewallRules: [TCP Query User{9CCF7220-95B6-4DD7-A007-44866FA4C8AD}C:\users\evelyne pigeat\downloads\bittorrent [1].exe] => (Block) C:\users\evelyne pigeat\downloads\bittorrent [1].exe FirewallRules: [UDP Query User{116BB15C-DEDE-4946-A925-FF2E4F2A076F}C:\users\evelyne pigeat\downloads\bittorrent [1].exe] => (Block) C:\users\evelyne pigeat\downloads\bittorrent [1].exe FirewallRules: [{9515AFDF-D80D-42EE-8BE9-D7C33CCF17A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7C26D6B5-ADDB-416B-BCD1-3A5B1F73EAC3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{AC4F0C1D-C7B8-436F-8B60-AFAADBE20662}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{2032D9AA-491B-4118-AEB0-F173FC9C1F2C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/03/2015 05:20:40 PM) (Source: MsiInstaller) (EventID: 10005) (User: evelyne) Description: Producto: Windows Defender -- No tiene que instalar este software porque Windows Defender está incluido en Windows Vista. Puede obtener acceso a Windows Defender desde la sección Seguridad del Panel de control de Windows. Error: (06/03/2015 04:56:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme OUTLOOK.EXE version 11.0.5510.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 994 Heure de début : 01d09e04c741b62d Heure de fin : 31 Chemin d’accès de l’application : C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE ID de rapport : 4cd382bd-09f8-11e5-82be-008cfa968093 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (06/03/2015 04:43:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme OUTLOOK.EXE version 11.0.5510.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 7ac Heure de début : 01d09dfd9ed3b344 Heure de fin : 62 Chemin d’accès de l’application : C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE ID de rapport : 75767725-09f6-11e5-82bd-008cfa968093 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (06/03/2015 04:12:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme BackgroundTaskHost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 8d8 Heure de début : 01d09dfd92d439f0 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Windows\System32\BackgroundTaskHost.exe ID de rapport : 392d1178-09f2-11e5-82bd-008cfa968093 Nom complet du package défaillant : Microsoft.BingNews_3.0.4.315_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : AppexNews Error: (06/03/2015 00:46:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme BackgroundTaskHost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : c74 Heure de début : 01d09de0a3a648b6 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Windows\System32\BackgroundTaskHost.exe ID de rapport : 4a051257-09d5-11e5-82bc-008cfa968093 Nom complet du package défaillant : Microsoft.BingNews_3.0.4.315_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : AppexNews Error: (06/03/2015 00:37:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante rundll32.exe_winethc.dll, version : 6.3.9600.17415, horodatage : 0x54504eb8 Nom du module défaillant : USER32.dll, version : 6.3.9600.17736, horodatage : 0x550f4336 Code d’exception : 0xc0000142 Décalage d’erreur : 0x00000000000ec180 ID du processus défaillant : 0x218 Heure de début de l’application défaillante : 0xrundll32.exe_winethc.dll0 Chemin d’accès de l’application défaillante : rundll32.exe_winethc.dll1 Chemin d’accès du module défaillant: rundll32.exe_winethc.dll2 ID de rapport : rundll32.exe_winethc.dll3 Nom complet du package défaillant : rundll32.exe_winethc.dll4 ID de l’application relative au package défaillant : rundll32.exe_winethc.dll5 Error: (06/03/2015 11:00:00 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1228) SRUJet: L'Erreur -1811 (0xfffff8ed) s'est produite lors de l'ouverture du fichier journal C:\Windows\system32\SRU\SRU0268B.log. Error: (06/03/2015 10:30:49 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme BackgroundTaskHost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 5b8 Heure de début : 01d09dcdc76fdeba Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Windows\System32\BackgroundTaskHost.exe ID de rapport : 6e16c090-09c2-11e5-82bc-008cfa968093 Nom complet du package défaillant : Microsoft.BingNews_3.0.4.315_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : AppexNews Error: (06/03/2015 10:29:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante rundll32.exe_winethc.dll, version : 6.3.9600.17415, horodatage : 0x54504eb8 Nom du module défaillant : USER32.dll, version : 6.3.9600.17736, horodatage : 0x550f4336 Code d’exception : 0xc0000142 Décalage d’erreur : 0x00000000000ec180 ID du processus défaillant : 0xcd4 Heure de début de l’application défaillante : 0xrundll32.exe_winethc.dll0 Chemin d’accès de l’application défaillante : rundll32.exe_winethc.dll1 Chemin d’accès du module défaillant: rundll32.exe_winethc.dll2 ID de rapport : rundll32.exe_winethc.dll3 Nom complet du package défaillant : rundll32.exe_winethc.dll4 ID de l’application relative au package défaillant : rundll32.exe_winethc.dll5 Error: (06/03/2015 06:39:06 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme BackgroundTaskHost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : df8 Heure de début : 01d09dadc2a58c3b Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Windows\System32\BackgroundTaskHost.exe ID de rapport : 12849459-09a2-11e5-82bc-008cfa968093 Nom complet du package défaillant : Microsoft.BingNews_3.0.4.315_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : AppexNews System errors: ============= Error: (06/03/2015 11:28:51 AM) (Source: DCOM) (EventID: 10010) (User: evelyne) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (06/03/2015 11:28:21 AM) (Source: DCOM) (EventID: 10010) (User: evelyne) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (06/03/2015 10:09:24 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Service d’historique des fichiers est en attente de démarrage. Error: (06/03/2015 09:19:42 AM) (Source: DCOM) (EventID: 10010) (User: evelyne) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (06/01/2015 09:29:29 PM) (Source: DCOM) (EventID: 10010) (User: evelyne) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (06/01/2015 01:24:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Détection de services interactifs s’est arrêté avec l’erreur : %%1 Error: (06/01/2015 01:24:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Détection de services interactifs s’est arrêté avec l’erreur : %%1 Error: (06/01/2015 01:24:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Détection de services interactifs s’est arrêté avec l’erreur : %%1 Error: (06/01/2015 01:24:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Détection de services interactifs s’est arrêté avec l’erreur : %%1 Error: (06/01/2015 01:24:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Détection de services interactifs s’est arrêté avec l’erreur : %%1 Microsoft Office: ========================= Error: (06/03/2015 05:20:40 PM) (Source: MsiInstaller) (EventID: 10005) (User: evelyne) Description: Producto: Windows Defender -- No tiene que instalar este software porque Windows Defender está incluido en Windows Vista. Puede obtener acceso a Windows Defender desde la sección Seguridad del Panel de control de Windows.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (06/03/2015 04:56:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: OUTLOOK.EXE11.0.5510.099401d09e04c741b62d31C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE4cd382bd-09f8-11e5-82be-008cfa968093 Error: (06/03/2015 04:43:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: OUTLOOK.EXE11.0.5510.07ac01d09dfd9ed3b34462C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE75767725-09f6-11e5-82bd-008cfa968093 Error: (06/03/2015 04:12:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: BackgroundTaskHost.exe6.3.9600.174158d801d09dfd92d439f04294967295C:\Windows\System32\BackgroundTaskHost.exe392d1178-09f2-11e5-82bd-008cfa968093Microsoft.BingNews_3.0.4.315_x64__8wekyb3d8bbweAppexNews Error: (06/03/2015 00:46:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: BackgroundTaskHost.exe6.3.9600.17415c7401d09de0a3a648b64294967295C:\Windows\System32\BackgroundTaskHost.exe4a051257-09d5-11e5-82bc-008cfa968093Microsoft.BingNews_3.0.4.315_x64__8wekyb3d8bbweAppexNews Error: (06/03/2015 00:37:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec18021801d09de0e7718218C:\Windows\System32\rundll32.exeUSER32.dll2529f9a4-09d4-11e5-82bc-008cfa968093 Error: (06/03/2015 11:00:00 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost1228SRUJet: C:\Windows\system32\SRU\SRU0268B.log-1811 (0xfffff8ed) Error: (06/03/2015 10:30:49 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: BackgroundTaskHost.exe6.3.9600.174155b801d09dcdc76fdeba4294967295C:\Windows\System32\BackgroundTaskHost.exe6e16c090-09c2-11e5-82bc-008cfa968093Microsoft.BingNews_3.0.4.315_x64__8wekyb3d8bbweAppexNews Error: (06/03/2015 10:29:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec180cd401d09dcefeaaca2dC:\Windows\System32\rundll32.exeUSER32.dll3c7b125e-09c2-11e5-82bc-008cfa968093 Error: (06/03/2015 06:39:06 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: BackgroundTaskHost.exe6.3.9600.17415df801d09dadc2a58c3b4294967295C:\Windows\System32\BackgroundTaskHost.exe12849459-09a2-11e5-82bc-008cfa968093Microsoft.BingNews_3.0.4.315_x64__8wekyb3d8bbweAppexNews ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU N2820 @ 2.13GHz Percentage of memory in use: 32% Total physical RAM: 3979.29 MB Available physical RAM: 2694.07 MB Total Pagefile: 4683.29 MB Available Pagefile: 3390.86 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (TI31262500B) (Fixed) (Total:687.09 GB) (Free:630.6 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End of log ============================