Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015 Ran by gregbriclet at 2015-07-27 21:21:35 Running from C:\Users\gregbriclet\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-518435904-671319411-1353417391-500 - Administrator - Disabled) gregbriclet (S-1-5-21-518435904-671319411-1353417391-1002 - Administrator - Enabled) => C:\Users\gregbriclet HomeGroupUser$ (S-1-5-21-518435904-671319411-1353417391-1004 - Limited - Enabled) Invité (S-1-5-21-518435904-671319411-1353417391-501 - Limited - Disabled) UpdatusUser (S-1-5-21-518435904-671319411-1353417391-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus et Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus et Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Pare-feu McAfee (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.142.62248 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.9.142.62248 - Alcor Micro Corp.) Hidden Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.0.5 - ASUS) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS) ASUS N Series Demo (HKLM-x32\...\{246B4AFF-6540-4B72-93E8-B9EB86D37589}) (Version: 1.0.0003 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS) ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4712 - CyberLink Corp.) ASUS Video Magic (x32 Version: 6.0.4712 - CyberLink Corp.) Hidden ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3019_44673 - CyberLink Corp.) CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4905d - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2884 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.944 - McAfee, Inc.) Mega Browse (HKLM\...\Mega Browse) (Version: 2014.03.20.004538 - Mega Browse) <==== ATTENTION Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) NVIDIA Graphics Driver 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation) NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.) Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6828 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Spotify (HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB) Telecharger et Installer Packages (HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Telecharger et Installer Packages) (Version: - ) <==== ATTENTION Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN) WhoCrashed 5.50 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) Yahoo! Search (HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 20-10-2014 11:48:51 Sauvegarde Windows 03-11-2014 14:51:53 Sauvegarde Windows 11-11-2014 16:37:44 Sauvegarde Windows 07-12-2014 12:19:58 Sauvegarde Windows 13-04-2015 16:08:42 Sauvegarde Windows 27-07-2015 19:46:44 Installed HiJackThis 27-07-2015 19:46:57 Sauvegarde Windows 27-07-2015 19:48:29 Installed HiJackThis ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0091678B-FCA7-458B-98C9-C7BBD0B0D481} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS) Task: {2B3EBE53-A387-4352-8D82-77349DD17123} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.) Task: {4F3766F9-8E78-4632-B902-C9F6271BBADB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.) Task: {526B953A-0CC2-41ED-8725-7272AC60189F} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS) Task: {5924BF18-DF98-4D67-B56E-73ADE1F82A75} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {655B6B93-CE26-4E2A-9073-0E52749EA020} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {AB56E862-30B0-43EF-A284-F154D778C0D4} - System32\Tasks\Yahoo! Search Updater => C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrsetup.exe [2014-12-28] (Pay By Ads LTD) <==== ATTENTION Task: {B9C48CDE-02F3-4252-B754-EF099B779A0E} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] () Task: {C58E91B5-A845-4091-BA34-BA0C91B75419} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.) Task: {C8CF62A9-5C87-4BCB-BB6B-BEC65A5127D4} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek) Task: {CCA378B2-8926-4E18-B33A-BB91154FF452} - System32\Tasks\Yahoo! Search => C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [2014-12-28] (Pay By Ads LTD) <==== ATTENTION Task: {EA690DAA-096D-4776-A54D-1B4B82224DFB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-10-18 03:26 - 2015-07-27 20:04 - 00128232 _____ () C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe 2013-03-27 20:10 - 2009-04-17 12:01 - 00247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2012-11-29 19:15 - 2012-11-29 19:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe 2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2013-01-28 09:42 - 2012-11-21 10:58 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll 2012-12-28 14:07 - 2012-12-28 14:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2012-12-28 14:04 - 2012-12-28 14:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll 2012-12-28 14:09 - 2012-12-28 14:09 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2014-03-23 17:38 - 2015-07-27 20:30 - 00466664 _____ () C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe 2014-03-20 02:45 - 2015-07-27 20:31 - 00466664 _____ () C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe 2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-03-27 19:45 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-12-28 22:58 - 2014-12-28 22:58 - 00306176 _____ () C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\krcaiojV.dll 2015-07-27 20:41 - 2015-07-24 00:39 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libglesv2.dll 2015-07-27 20:41 - 2015-07-24 00:39 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libegl.dll 2015-07-27 20:41 - 2015-07-24 00:39 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-518435904-671319411-1353417391-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{77FA44A0-0288-479D-A668-7DB1122CB865}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{9F3908B9-AF84-4AE4-AE0F-A3CA352764A1}] => (Allow) LPort=2869 FirewallRules: [{B1BA499D-34D7-4542-BC63-2EA7AB4F38B7}] => (Allow) LPort=1900 FirewallRules: [{57C0F666-E390-4EA9-A1C4-F5B25AC7673B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{967E2A47-828B-42F1-9994-E30081710B32}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{FDB47284-22EE-4578-9B50-748FD16E8EDA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{E8A0DE07-1CA0-4F33-8EC4-5556BEAFD390}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{9A49FA42-CBF5-4D87-8C0F-FD69966F7465}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE FirewallRules: [{834EF065-FDA5-4F7A-94CF-29E9A48F65D2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{9C5254B3-8417-49EA-953D-47E9F4A6A1D9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{7B437913-9F21-4A72-850B-06277A595EA2}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{3F1CBF8C-F5FF-4681-AAB5-87BAB3D915B0}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{ACE9DACF-F7FE-4B4F-A776-F1A4F9B7090A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F1B31257-2B66-415B-B4D9-31D4BE5B3C34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F7C24712-76C8-43E1-9622-8FC0C10B4DF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{AE4692A4-7F3B-4BC9-BACE-830138902C10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{49D10AED-51A0-47D1-8742-96A351E3DB69}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{F9DC8BF9-A2CC-4952-B74B-E4DEEA2F6946}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe FirewallRules: [{F0B62277-D085-464C-BC35-A438F6BE2065}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe FirewallRules: [{97A63FCB-5F43-46F8-9EDA-52996FB6E6E8}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe FirewallRules: [{7D43A028-D1ED-47EF-A25F-E1384026C682}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe FirewallRules: [{1AAC547B-9423-4C54-82AB-C96F3F4F3F62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/27/2015 08:34:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1 Nom du module défaillant : delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000373c0 ID du processus défaillant : 0x710 Heure de début de l’application défaillante : 0xdelegate_execute.exe0 Chemin d’accès de l’application défaillante : delegate_execute.exe1 Chemin d’accès du module défaillant: delegate_execute.exe2 ID de rapport : delegate_execute.exe3 Nom complet du package défaillant : delegate_execute.exe4 ID de l’application relative au package défaillant : delegate_execute.exe5 Error: (07/27/2015 07:42:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1 Nom du module défaillant : delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00036d1b ID du processus défaillant : 0x1bf0 Heure de début de l’application défaillante : 0xdelegate_execute.exe0 Chemin d’accès de l’application défaillante : delegate_execute.exe1 Chemin d’accès du module défaillant: delegate_execute.exe2 ID de rapport : delegate_execute.exe3 Nom complet du package défaillant : delegate_execute.exe4 ID de l’application relative au package défaillant : delegate_execute.exe5 Error: (07/27/2015 07:41:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 496932733 ticks; setting correction factor to 508685050 Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15688 Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15688 Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/13/2015 04:20:23 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: La sauvegarde a échoué. Erreur : La Sauvegarde Windows a rencontré une erreur lors de l’écriture des données sur la cible de sauvegarde. (0x80780166). Error: (04/13/2015 04:20:22 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: AUTORITE NT) Description: L’opération de sauvegarde démarrée à « 2015-04-13T14:08:42.645226000Z » a échoué avec le code d’erreur suivant : « 0x80780166 » (%%2155348326). Consultez les détails de l’événement pour trouver une solution, puis réexécutez l’opération de sauvegarde une fois le problème résolu. Error: (04/13/2015 04:20:23 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine IVssAsync::QueryStatus. hr = 0x80010108, L’objet invoqué s’est déconnecté de ses clients. . Opération : Événement BackupComplete Opération asynchrone en cours d’exécution Contexte : État actuel: BackupComplete Error: (04/13/2015 04:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 160682623 ticks; setting correction factor to 1388593710 System errors: ============= Error: (07/27/2015 08:56:05 PM) (Source: iaStorA) (EventID: 4102) (User: ) Description: Error log: Smart event occured on disk :J8110076HWMTMK Error: (07/27/2015 08:44:42 PM) (Source: DCOM) (EventID: 10016) (User: greg) Description: propres à l’applicationLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}greggregbricletS-1-5-21-518435904-671319411-1353417391-1002LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/27/2015 08:44:42 PM) (Source: DCOM) (EventID: 10016) (User: greg) Description: propres à l’applicationLocalActivation{A188DB29-2ABC-46CB-9A38-40B82CF5D051}{EA022610-0748-4C24-B229-6C507EBDFDBB}greggregbricletS-1-5-21-518435904-671319411-1353417391-1002LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/27/2015 08:34:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service NVIDIA Update Service Daemon est en attente de démarrage. Error: (07/27/2015 08:31:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service McAfee VirusScan Announcer est en attente de démarrage. Error: (07/27/2015 08:29:51 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (07/27/2015 08:28:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Fournisseur du Groupement résidentiel dépend du service Publication des ressources de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1070 Error: (07/27/2015 08:28:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Découverte SSDP est en attente de démarrage. Error: (07/27/2015 08:28:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Agent de stratégie IPsec est en attente de démarrage. Error: (07/27/2015 08:28:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Publication des ressources de découverte de fonctions est en attente de démarrage. Microsoft Office: ========================= Error: (07/27/2015 08:34:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: delegate_execute.exe38.0.2125.111544712a1delegate_execute.exe38.0.2125.111544712a1c0000005000373c071001d0c89ad3d52804C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exe11d2c4f4-348e-11e5-be8a-6c71d92dba4e Error: (07/27/2015 07:42:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: delegate_execute.exe38.0.2125.111544712a1delegate_execute.exe38.0.2125.111544712a1c000000500036d1b1bf001d0c89392fd65b3C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exed79a689d-3486-11e5-be89-6c71d92dba4e Error: (07/27/2015 07:41:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 496932733 ticks; setting correction factor to 508685050 Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15688 Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15688 Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/13/2015 04:20:23 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: La Sauvegarde Windows a rencontré une erreur lors de l’écriture des données sur la cible de sauvegarde. (0x80780166) Error: (04/13/2015 04:20:22 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: AUTORITE NT) Description: 2015-04-13T14:08:42.645226000Z0x80780166%%2155348326 Error: (04/13/2015 04:20:23 PM) (Source: VSS) (EventID: 8193) (User: ) Description: IVssAsync::QueryStatus0x80010108, L’objet invoqué s’est déconnecté de ses clients. Opération : Événement BackupComplete Opération asynchrone en cours d’exécution Contexte : État actuel: BackupComplete Error: (04/13/2015 04:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 160682623 ticks; setting correction factor to 1388593710 CodeIntegrity Error: =================================== Date: 2014-08-10 19:31:09.871 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\EhStorClass.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz Percentage of memory in use: 31% Total physical RAM: 8077.74 MB Available physical RAM: 5570.66 MB Total Virtual: 16269.74 MB Available Virtual: 13585.6 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:279.45 GB) (Free:217.94 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:397.87 GB) (Free:376.19 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 1FEB4A9B) Partition: GPT Partition Type. ==================== End of log ============================