Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015 Ran by Olivier at 2015-06-16 20:18:33 Running from G:\Téléchargements Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-3535901937-2950484036-3087499836-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-3535901937-2950484036-3087499836-1002 - Limited - Enabled) Invité (S-1-5-21-3535901937-2950484036-3087499836-501 - Limited - Disabled) Olivier (S-1-5-21-3535901937-2950484036-3087499836-1001 - Administrator - Enabled) => C:\Users\Olivier ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Dr.Web Security Space (Enabled - Up to date) {43B072E9-61D5-D2DF-0530-CE16F6F72D60} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Dr.Web Security Space (Enabled - Up to date) {F8D1930D-47EF-DD51-3F80-F5648D7067DD} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adblock Plus pour IE (32-bits et 64-bits) (HKLM\...\{92E167CC-3D19-47EB-AE7F-A135427C3220}) (Version: 1.4 - Eyeo GmbH) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Apowersoft Capture d'écran Gratuit V1.1.1 (HKLM-x32\...\{6C0E08A4-E7F7-4BED-A640-016A23E094DF}_is1) (Version: 1.1.1 - APOWERSOFT LIMITED) Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArchiFacile version 18.8 (HKLM-x32\...\ArchiFacile_is1) (Version: 18.8 - JSYS) AxCrypt 1.7.3156.0 (HKLM\...\{8B49CDB9-824C-44D6-A5D3-D0235D3030B8}) (Version: 1.7.3156.0 - Axantum Software AB) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP) CLX.PayMaker (HKLM-x32\...\{59393E8E-D0AF-49DF-87EF-A5F4D078AD13}) (Version: 3.0.56.0 - CREALOGIX) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Design & Print (HKLM-x32\...\Design & Print 1.0.2) (Version: 1.0.2 - Avery Products Corp.) Dr.Web Security Space (HKLM\...\{5352DB49-883D-4b64-8443-DA7B80C33ED5}) (Version: 10.0.0.12160 - Doctor Web, Ltd.) Duplicate Cleaner Free 3.2.6 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.6 - DigitalVolcano Software Ltd) <==== ATTENTION DVDFab Passkey 8.2.3.0 (23/01/2015) (HKLM-x32\...\DVDFab Passkey 8_is1) (Version: - Fengtao Software Inc.) FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory) Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gigaset QuickSync (HKLM\...\{b49e8cfb-f094-4467-925a-97c23972cb50}) (Version: 8.3.0868.3 - Gigaset Communications GmbH) Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Howard E-Mail Notifier 1.34 (HKU\S-1-5-21-3535901937-2950484036-3087499836-1001\...\Howard E-Mail Notifier_is1) (Version: - CompSoft) iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.) ifolor Designer (HKLM-x32\...\ifolor-Designer) (Version: - Ifolor AG) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) K-Lite Mega Codec Pack 9.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - ) Logiciel de commande ifolor 3.7 (HKLM-x32\...\ifolor-OrderClient) (Version: 3.7.233.0 - Ifolor AG) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) Mises à jour NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 38.0.5 (x86 fr) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 fr)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA Logiciel système PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA Pilote graphique 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) Panneau de configuration NVIDIA 347.52 (Version: 347.52 - NVIDIA Corporation) Hidden PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.06 (16.10.2012) - Samsung Electronics Co., Ltd.) Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.04.12 (05.09.2012) - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.70.02(21.09.2012) - Samsung Electronics Co., Ltd.) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.00.05 (10.07.2012) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (x32 Version: 1.00.20.03 - Samsung Electronics Co., Ltd.) Hidden Sauvegarde des Dossiers personnels Microsoft Outlook (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation) SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform) Unity Web Player (HKU\S-1-5-21-3535901937-2950484036-3087499836-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VSTax 2014 (HKLM-x32\...\{FEBE5BC9-1FFA-4153-9266-1E6CFE97A5EE}) (Version: 1.0.3 - Abraxas Informatik AG) WD Quick View (HKLM-x32\...\{EDBCC917-ADE2-4470-83F1-D0A233D9495C}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{EF57D552-244A-401F-A23B-74685718601F}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ZHPDiag 2015 (HKLM-x32\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 20-05-2015 15:46:58 Windows Update 21-05-2015 17:20:12 Installed QuickTime 7 29-05-2015 08:23:13 Point de contrôle planifié 05-06-2015 21:22:25 Removed Google Earth 06-06-2015 18:12:01 Windows Update 10-06-2015 20:00:11 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {03C6D8C8-2DEC-4FB5-9EE4-C452AD58EFA9} - System32\Tasks\{9D26648B-79DC-4762-B116-801A076C2D3F} => pcalua.exe -a G:\Téléchargements\XnView-win-full\XnView\xnview.exe -d C:\Users\Olivier\Desktop Task: {0414D04B-2E3E-4B29-90B8-2994C0F5697D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {1850B5C0-1F31-4CDC-84C0-337FB92965A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {38B3AC91-1419-4BB4-B8C2-E92251DDBA94} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {3D571B11-ED68-4C99-81D5-9B3E57BC6355} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.) Task: {5613E42C-4F48-4DE7-A0D7-DC9C3187661A} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3535901937-2950484036-3087499836-1001 Task: {577B89C8-4333-44B5-9A7B-EEF537568C20} - System32\Tasks\Etindre le PC la nuit => shutdown Task: {8839A8C0-09CD-461A-850A-70B417017405} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-22] (Google Inc.) Task: {93273D54-1C82-44F5-8D79-C77ED0E05AA3} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [2015-04-13] (Doctor Web, Ltd.) Task: {993E940A-0112-4DAC-B955-11BBEAF5981A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-22] (Google Inc.) Task: {9FA2E94D-7CD0-47FF-847B-B750C0BC753C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {B7942413-2878-40FB-A504-1984E4DC80AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-11] (Adobe Systems Incorporated) Task: {BFC7E54A-D5DA-4074-9AA5-DABE6FEAAAD9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {C2933E15-FBCC-4CE5-BF76-EE2352E4CF10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd) Task: {CED89B0B-476E-4871-83CD-C34D12F67E6C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {E140A2FF-B0C4-4F7F-A25D-A4302934DF39} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation) Task: {FB6BAA7D-7C94-445A-A6FB-24FF2BD258D7} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {FC913313-0B4E-4F4F-9504-05C1768A6DAF} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-18] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-01-18 15:59 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-01-18 22:58 - 2012-01-09 13:47 - 00034304 _____ () C:\Windows\System32\sst7clm.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-02-20 23:23 - 2012-02-20 23:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2012-02-20 23:23 - 2012-02-20 23:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2015-01-18 22:58 - 2014-07-31 23:50 - 01325056 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst7cdu.dll 2012-02-20 23:22 - 2012-02-20 23:22 - 00050688 _____ () C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrvPS.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-01-18 16:04 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3535901937-2950484036-3087499836-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Olivier\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: My Swisscom Assistant => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe /auto ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7986CEA0-5D28-44B3-A753-17F626B9E288}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{961BA268-90F4-45C5-9B3A-8B812C2A1B2F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{04641F5C-5552-409A-B643-E93F55B5BA57}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C55E7C54-8261-4253-B211-16E868197539}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D672E94D-0F02-490C-9238-D64EA395C1F7}] => (Allow) C:\Windows\twain_32\Samsung\CLX3300\SCNSearch\USDAgent.exe FirewallRules: [{D64AC1FA-E988-4F7D-9B51-CE2B19F65781}] => (Allow) C:\Windows\twain_32\Samsung\CLX3300\SCNSearch\USDAgent.exe FirewallRules: [{936DA146-289A-4511-A222-A1DB4DF0774E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{38B91A41-A272-4771-A648-15EEB78B8677}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{F586D92D-9D34-4172-9476-CE3C7F499B26}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{370A2A1C-B5AC-4406-8619-D36C2C986894}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{A4F42D66-F14F-41E8-90DF-E04D6F336DA3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{2C6529ED-5FAD-4163-8748-CE8ED180B703}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{F4C7FE5D-12C6-478F-B49E-877DA496C2FA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{5A51CD93-E0D9-431C-81C9-95D2E54E0E77}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{D0BF5DCD-D122-416C-AA6F-929FBE1D027F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{003C0E98-6846-4AF7-B864-30B952C1771D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{A4314B7C-D7F8-475F-BD6B-73D8B6C529D9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\USDAgent.exe FirewallRules: [{891CF360-68C1-44B7-A460-679A39F699E5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\USDAgent.exe FirewallRules: [{945A75AF-453F-4F21-9951-D2B7398029E6}] => (Allow) C:\Program Files\DrWeb\spideragent.exe FirewallRules: [{369EDF32-D50E-4AB8-90A1-48426B05EEAD}] => (Allow) C:\Program Files\DrWeb\dwservice.exe FirewallRules: [{6AB819B7-9BDB-4D1D-99C6-F63972E7A159}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe FirewallRules: [TCP Query User{7AE32F9F-61C9-496D-94B7-42EE72DB8310}C:\program files (x86)\clx.paymaker\paymentstudio.exe] => (Allow) C:\program files (x86)\clx.paymaker\paymentstudio.exe FirewallRules: [UDP Query User{9C2DCFED-7B4E-4E2A-BF88-DCE30E9E0586}C:\program files (x86)\clx.paymaker\paymentstudio.exe] => (Allow) C:\program files (x86)\clx.paymaker\paymentstudio.exe FirewallRules: [{22753986-D9B4-4F69-B1C9-6DE277EF13DB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Capture\Apowersoft Free Screen Capture.exe FirewallRules: [{14705BED-7EBE-4315-9274-D28F08DE3821}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Capture\Apowersoft Free Screen Capture.exe FirewallRules: [{3F0D947F-5645-4D22-96B2-E85EE98EC6FA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{09D02241-B940-4240-8F19-0C629F4E247E}] => (Allow) LPort=2869 FirewallRules: [{6642AF14-0F39-4590-ACFC-49720100327B}] => (Allow) LPort=1900 FirewallRules: [{7727978C-DB1A-4200-B5DC-65A75C8C207E}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{0553650C-A516-40DD-9873-938A628F9C93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9094AF33-268D-4B2B-9EB0-D39D6C182FDC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/16/2015 05:57:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/16/2015 08:55:34 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/16/2015 08:15:37 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/15/2015 10:23:06 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 90080108 Error: (06/15/2015 09:23:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/15/2015 08:43:14 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: La création du contexte d’activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3. Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (06/15/2015 08:20:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/14/2015 06:34:36 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/14/2015 06:08:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/13/2015 08:45:46 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 90080108 System errors: ============= Error: (06/15/2015 10:34:59 AM) (Source: Disk) (EventID: 11) (User: ) Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2. Error: (06/11/2015 00:25:38 PM) (Source: Schannel) (EventID: 4119) (User: AUTORITE NT) Description: L’alerte fatale suivante a été reçue : 49. Error: (06/11/2015 00:13:40 PM) (Source: Disk) (EventID: 11) (User: ) Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2. Error: (06/09/2015 10:15:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Le Gestionnaire de services de contrôle a essayé d’entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service Client DNS, mais cette action a échoué en raison de l’erreur suivante : %%1056 Error: (06/09/2015 10:13:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Connaissance des emplacements réseau s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 100 millisecondes : Redémarrer le service. Error: (06/09/2015 10:13:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Station de travail s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error: (06/09/2015 10:13:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Client DNS s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service. Error: (06/09/2015 10:13:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Services de chiffrement s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error: (06/08/2015 08:57:32 AM) (Source: Schannel) (EventID: 4119) (User: AUTORITE NT) Description: L’alerte fatale suivante a été reçue : 49. Error: (06/06/2015 06:16:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Microsoft Office: ========================= Error: (03/25/2015 06:57:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 84 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/25/2015 04:37:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21 seconds with 0 seconds of active time. This session ended with a crash. Error: (02/17/2015 09:56:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/25/2015 11:48:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/24/2015 07:59:43 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 24 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/24/2015 07:59:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 63 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/24/2015 03:10:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 476 seconds with 420 seconds of active time. This session ended with a crash. Error: (01/23/2015 07:51:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/21/2015 00:08:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 284 seconds with 180 seconds of active time. This session ended with a crash. Error: (01/19/2015 06:51:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz Percentage of memory in use: 37% Total physical RAM: 8191.18 MB Available physical RAM: 5087.55 MB Total Pagefile: 16380.56 MB Available Pagefile: 13117.96 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: (HP SSD) (Fixed) (Total:119.14 GB) (Free:63.84 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (FACTORY_IMAGE) (Fixed) (Total:14.58 GB) (Free:2.56 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: (DD INT) (Fixed) (Total:684.06 GB) (Free:651.8 GB) NTFS Drive i: (SSD 2) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS Drive l: (My Passport) (Fixed) (Total:931.48 GB) (Free:862.57 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 1549F232) Partition 1: (Not Active) - (Size=698.6 GB) - (Type=42) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: FA9B2E7E) Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=119.1 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: A68CB155) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of log ============================