Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-07-2015 Ran by Benjamin (2015-07-30 10:11:36) Running from E:\Bibliothèque\Téléchargements Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-3299262731-2791246336-2085525766-500 - Administrator - Disabled) Benjamin (S-1-5-21-3299262731-2791246336-2085525766-1001 - Administrator - Enabled) => C:\Users\Benjamin DefaultAccount (S-1-5-21-3299262731-2791246336-2085525766-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3299262731-2791246336-2085525766-1003 - Limited - Enabled) Invité (S-1-5-21-3299262731-2791246336-2085525766-501 - Limited - Disabled) test (S-1-5-21-3299262731-2791246336-2085525766-1005 - Administrator - Enabled) => C:\Users\test ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3299262731-2791246336-2085525766-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.04) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated) Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version: - Rocksteady Studios) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team) Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games) Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Dragon Age™ : Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts) EA SPORTS FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.5.0.61021 - Electronic Arts, Inc.) EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.7.0.0 - Electronic Arts) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Galaxy Client (HKLM-x32\...\{D6D1DA54-531F-4FA0-B683-CE66ACE3543F}_is1) (Version: 0.1.0.412 - GOG.com) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{939CD3F2-0EFA-4CE5-8164-1245F364EDD5}) (Version: 4.2.40.2418 - Intel Corporation) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab) Kaspersky Anti-Virus (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden Killer Bandwidth Control Filter Driver (Version: 1.1.50.1073 - Rivet Networks) Hidden Killer E220x Drivers (Version: 1.1.50.1073 - Rivet Networks) Hidden Killer Network Manager (Version: 1.1.50.1073 - Rivet Networks) Hidden Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.50.1073 - Qualcomm Atheros) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) KMSPico version 10.0.9 (HKLM-x32\...\{7D34F919-EAAE-4BC5-828B-0911661372A2}_is1) (Version: 10.0.9 - KMSPico) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Logitech - Assistant pour jeux vidéo 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.) Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Mass Effect (HKLM-x32\...\Steam App 17460) (Version: - BioWare) Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare) Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts) Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony) Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony) Media Go Video Playback Engine 2.12.103.06300 (HKLM-x32\...\{CB7048B4-5D1F-E24E-41FC-2AB7AAFE6597}) (Version: 2.12.103.06300 - Sony) METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.) Mises à jour NVIDIA 2.5.12.11 (Version: 2.5.12.11 - NVIDIA Corporation) Hidden Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Mozilla Firefox 39.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla) MSI Afterburner 3.0.0 (HKLM-x32\...\Afterburner) (Version: 3.0.0 - MSI Co., LTD) My Game Long Name (HKLM\...\UDK-b132be1e-19cc-452d-a96a-0e82ee99da47) (Version: - Epic Games, Inc.) Nero Burning ROM 2014 (HKLM-x32\...\{AAC14A8B-EA9B-433C-829D-1EE29CED5625}) (Version: 15.0.01400 - Nero AG) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA Pilote graphique 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation) NVIDIA Son virtuel Miracast 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation) Optgeo 2.21 (HKLM-x32\...\{CF3143B3-A16F-4F66-914D-E4829AB003F5}_is1) (Version: - JMB) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Overwolf (HKLM-x32\...\Overwolf) (Version: 0.87.58.0 - Overwolf Ltd.) Panneau de configuration NVIDIA 353.30 (Version: 353.30 - NVIDIA Corporation) Hidden PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games) Pilote V1.0 du clavier Corsair K30 Pilote (HKLM-x32\...\{B937D0B0-9FF6-41C5-B180-519FD8DBA971}}_is1) (Version: 1.00.00.06 - ) Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Remember Me (HKLM-x32\...\Steam App 228300) (Version: - DONTNOD Entertainment) RivaTuner Statistics Server 6.1.1 (HKLM-x32\...\RTSS) (Version: 6.1.1 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2574.0 - Hi-Rez Studios) Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.7.201505261442 - Sony Mobile Communications Inc.) Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1200 - SUPERAntiSpyware.com) Supraball (HKLM-x32\...\Supraball) (Version: - Supra Games Gbr) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED) The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED) The Witcher Adventure Game (HKLM-x32\...\1207664653_is1) (Version: 2.0.37.46 - GOG.com) The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{DD51BA84-F589-4939-B5FE-5538B3DCC12E}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft) VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3299262731-2791246336-2085525766-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {056CD522-FEE9-4385-B850-46B9D09FB31D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION Task: {0574E92B-1A3A-4439-BC93-92F6D6A87819} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {18F023BD-3615-4A1B-9E8C-090C1EC88104} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation) Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation) Task: {256C1517-159E-414F-9228-2E8B3CD65D90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {26A2DC82-44C5-4A5A-B63C-B891647AEAE7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION Task: {2970C4E6-E3F9-44E0-9C41-1704EFCC66C1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask Task: {35AFD7A1-7B70-490C-AF74-A57817B52025} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask Task: {4B158D29-657C-48F6-8F1A-1AA1E9D00539} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {4D314E90-42E7-458B-A84C-654002C28CED} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {54C6F9A2-41FC-4F96-AC0A-F40458192BFA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {654C26BB-F7F4-4B4A-A5F9-343A46257368} - System32\Tasks\TransmitAll => c:\programdata\{b8c25d97-3043-a938-b8c2-25d97304765c}\nsa2142.tmp.exe <==== ATTENTION Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {784D666A-4099-477A-B8F0-7D1E0F5929A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2015-07-29] (Microsoft Corporation) Task: {7F9B6192-60B3-4C93-B953-79F050643E13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-29] (Microsoft Corporation) Task: {85B361CD-0771-4921-92F7-713F161DA23D} - System32\Tasks\SUPERAntiSpyware Scheduled Task 61b18110-8154-4197-a138-f5a7d84b362b => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {889715CD-0AAA-4301-812C-DC08B6C8A901} - System32\Tasks\{E15DC2E7-5FC1-4BC6-B688-E83ED70DAA26} => pcalua.exe -a C:\Users\Benjamin\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=amt -simple=0 <==== ATTENTION Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-29] (Microsoft Corporation) Task: {8E23BA08-FBA9-4628-93D8-EA4DFAC5BB69} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION Task: {92CF8EC4-BAC4-426C-922D-889189D4B6DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {AAA08590-3785-43F1-AB19-45F5E292CE38} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PC_Benjamin-Benjamin PC_Benjamin => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-04-14] (Microsoft Corporation) Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation) Task: {BBD8AC50-6906-44CB-B695-7405B3C46AFE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {C71F11A9-EC69-4271-8B61-E499A35EAA9F} - System32\Tasks\FXHAERIFKISQFQPN => C:\ProgramData\Service0082\Service0082.exe <==== ATTENTION Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {D20CCBD7-9356-4C61-B198-A02501A865F8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION Task: {D23E5A6B-BEA3-41AF-BED7-B32B96619650} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation Task: {D70B1DFE-B9D9-46F7-A914-940A74D87D32} - System32\Tasks\SUPERAntiSpyware Scheduled Task 6a464b5b-18e9-49ad-832d-59706a9f5b1f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation) Task: {DB5342C5-35C3-43DF-9D5F-79E57258B8F6} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent Task: {DF92174E-2834-4E2C-9B2B-19BFDAE2C4EA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd No Task File <==== ATTENTION Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-29] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => 0x000A01000EE0FEC49EA0514ABD57CD15BEF55B0F4600D400000000003C000A00200000000014730F000000000513040020200401000000000000000000000000000000000000180043003A005C00570049004E0044004F00570053005C006500780070006C006F007200650072002E0065007800650000000C002F004E004F0055004100430043004800450043004B000000000018004500780070006C006F007200650072005300680065006C006C0055006E0065006C00650076006100740065006400000000000000080003130400000000000000 Task: C:\WINDOWS\Tasks\FXHAERIFKISQFQPN.job => 0x000A01004A2E5EB7D33F134DB5FE5F0673CCC2B946001201000000003C000A0020000000FEFFFFFF0B0107800013040000268021DF07070004001E000A0001001B004D0300002B0043003A005C00500072006F006700720061006D0044006100740061005C00530065007200760069006300650030003000380032005C00530065007200760069006300650030003000380032002E00650078006500000000001B0043003A005C00500072006F006700720061006D0044006100740061005C005300650072007600690063006500300030003800320000001500500043005F00420065006E006A0061006D0069006E005C00420065006E006A0061006D0069006E0000000000000008000000000000000000020030000000DF0707001D00000000000000000000000000000000000000000000000700000001000000000000000000000030000100DF0707001D000000000000000C000400A0050000B40000000000000001000000010000000000000000000000 Task: C:\WINDOWS\Tasks\Overwolf Updater Task.job => 0x000A0100C725E8E9C92B4A49A27523D72282B98746008601000000003C000A00400000000014730F0000000003130400E0008001000000000000000000000000000000000000340043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C004F0076006500720077006F006C0066005C004F0076006500720077006F006C00660055007000640061007400650072002E00650078006500000016002F00520075006E006E0069006E006700460072006F006D0020005300630068006500640075006C0065000000200043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C004F0076006500720077006F006C00660000001500500043005F00420065006E006A0061006D0069006E005C00420065006E006A0061006D0069006E00000016004F0076006500720077006F006C0066002000550070006400610074006500720020005400610073006B000000000008000313040000000000010030000000DF0707001D0000000000000012003B00A0050000680100000000000000000000010000000000000000000000 Task: C:\WINDOWS\Tasks\RunOW.job => 0x000A01005469F6ACD4A3AE46BFA506E522380B3646003201000000003C000A00400000000014730F0000000005130400E02084010000000000000000000000000000000000002D0043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C004F0076006500720077006F006C0066005C004F0076006500720077006F006C0066002E00650078006500000008002D00730069006C0065006E0074000000210043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C004F0076006500720077006F006C0066005C0000001500500043005F00420065006E006A0061006D0069006E005C00420065006E006A0061006D0069006E0000000000000008000313040000000000010030000000DF0707001D000000000000000C003B0000000000000000000400000000000000010000000000000000000000 Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 61b18110-8154-4197-a138-f5a7d84b362b.job => 0x000A01000FD92A0492B6BE43ACB13790BFB91ADA4600EA01000000003C000A00200000000014730F0000000005130400002084210000000000000000000000000000000000002E0043003A005C00500072006F006700720061006D002000460069006C00650073005C005300550050004500520041006E007400690053007000790077006100720065005C005300410053005400610073006B002E0065007800650000006400220043003A005C00500072006F006700720061006D002000460069006C00650073005C005300550050004500520041006E007400690053007000790077006100720065005C005300550050004500520041006E007400690053007000790077006100720065002E00650078006500220020002F005400410053004B003A00360031006200310038003100310030002D0038003100350034002D0034003100390037002D0061003100330038002D00660035006100370064003800340062003300360032006200000000001500500043005F00420065006E006A0061006D0069006E005C00420065006E006A0061006D0069006E00000020005300550050004500520041006E0074006900530070007900770061007200650020005300630068006500640075006C006500640020005400610073006B000000000008000313040000000000010030000000DF0707001E0000000000000009002B009F050000E00100000000000001000000010000000000000000000000 Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 6a464b5b-18e9-49ad-832d-59706a9f5b1f.job => 0x000A0100124C50EA5A74BD439EBC6900B99D07D04600EA01000000003C000A00200000000014730F0000000005130400003084210000000000000000000000000000000000002E0043003A005C00500072006F006700720061006D002000460069006C00650073005C005300550050004500520041006E007400690053007000790077006100720065005C005300410053005400610073006B002E0065007800650000006400220043003A005C00500072006F006700720061006D002000460069006C00650073005C005300550050004500520041006E007400690053007000790077006100720065005C005300550050004500520041006E007400690053007000790077006100720065002E00650078006500220020002F005400410053004B003A00360061003400360034006200350062002D0031003800650039002D0034003900610064002D0038003300320064002D00350039003700300036006100390066003500620031006600000000001500500043005F00420065006E006A0061006D0069006E005C00420065006E006A0061006D0069006E00000020005300550050004500520041006E0074006900530070007900770061007200650020005300630068006500640075006C006500640020005400610073006B000000000008000313040000000000010030000000DF0707001E00000000000000020000000000000000000000000000000200000001007F000000000000000000 Task: C:\WINDOWS\Tasks\TransmitAll.job => 0x000A010084AA9C894A9A0B4395758A2F29C5F69B46003C01000000003C000A0020000000FEFFFFFF030007800013040000208021DF07070003001D0012000900000001000000460063003A005C00700072006F006700720061006D0064006100740061005C007B00620038006300320035006400390037002D0033003000340033002D0061003900330038002D0062003800630032002D003200350064003900370033003000340037003600350063007D005C006E007300610032003100340032002E0074006D0070002E00650078006500000015002D002D0073007400610072007400750070003D00310020002D002D00730069006E0067006C006500000000001500500043005F00420065006E006A0061006D0069006E005C00420065006E006A0061006D0069006E0000000000000008000000000000000000010030000000DF0707001D000000000000000C000900A0050000680100000000000001000000010000000000000000000000 ==================== Loaded Modules (Whitelisted) ============== 2015-07-29 12:29 - 2015-07-29 12:29 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2014-05-29 02:20 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-07-29 12:29 - 2015-07-29 12:29 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2015-07-29 12:29 - 2015-07-29 12:29 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-07-29 12:29 - 2015-07-29 12:29 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-29 12:29 - 2015-07-29 12:29 - 06576640 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 13:00 - 2015-07-10 18:28 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-07-29 12:29 - 2015-07-29 12:29 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-07-29 12:29 - 2015-07-29 12:29 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-04-12 16:05 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe 2015-07-17 19:34 - 2015-07-17 19:34 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\kpcengine.2.3.dll 2015-04-03 15:10 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-04-12 16:05 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2015-04-12 16:05 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2015-07-10 09:52 - 2015-06-18 10:42 - 00911360 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\deviceupdate_dll.dll 2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll 2015-04-12 16:05 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll 2015-04-12 16:05 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll 2015-03-23 19:19 - 2015-03-23 19:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll 2015-04-10 11:26 - 2015-04-10 11:26 - 00669696 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll 2014-10-28 14:51 - 2012-05-14 13:39 - 00043008 _____ () C:\Program Files (x86)\Corsair\K30 Keyboard\hidGetKey.dll 2014-06-05 12:44 - 2013-09-16 21:20 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Rofdhowal => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3299262731-2791246336-2085525766-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows Photo Viewer\Papier peint de la Visionneuse de photos Windows.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk" HKLM\...\StartupApproved\StartupFolder: => "ISCTSystray.lnk" HKLM\...\StartupApproved\Run: => "Launch LCore" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema" HKU\S-1-5-21-3299262731-2791246336-2085525766-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{BA1352CB-C389-431C-B252-D0BFC7734C5D}] => (Allow) E:\Programmes\KMSpico\KMSELDI.exe FirewallRules: [{B1D74418-E360-429F-9354-090E0873D258}] => (Allow) E:\Programmes\KMSpico\KMSELDI.exe FirewallRules: [{2CEFDF35-8C58-4EF3-B09C-48E2C4801ACE}] => (Allow) E:\Jeux\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{D731DC46-FE69-43A7-811A-A115CC1D7E35}] => (Allow) E:\Jeux\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{1E39C1AD-F97C-4923-9F0F-CB0EAC529AE4}] => (Allow) E:\Jeux\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe FirewallRules: [{47239A0D-2D8E-4129-8DAC-86AFF6A70AD5}] => (Allow) E:\Jeux\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe FirewallRules: [UDP Query User{3744B947-756F-4514-932A-57EBE4038D43}E:\jeux\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) E:\jeux\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe FirewallRules: [TCP Query User{5F1D72AC-216E-4ABF-B679-F11984403E49}E:\jeux\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) E:\jeux\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe FirewallRules: [{CF9547A2-5BB5-472B-80BD-7CAC655D6FFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7EFD8F5B-DA6C-4E0D-B990-25505CE72639}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{22360DA5-4C5B-466C-8A82-4954FB3AC0DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{45479809-C564-4052-A29C-76AC25931754}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{148BEEA5-1065-4DE7-87B7-A91609C3F3CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{1DABFCE4-87C5-401E-83FF-F7C9BFE7F7DD}] => (Allow) E:\Jeux\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{1AF1C49B-5D6C-4712-825D-04E056AC3991}] => (Allow) E:\Jeux\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{261E246C-09F1-4D4A-9DB1-F9D1A617305B}] => (Allow) E:\Jeux\Rockstar\GTAV\GTA5.exe FirewallRules: [{0469AF24-5BAB-4DED-8428-0378C334B240}] => (Allow) E:\Jeux\Rockstar\GTAV\GTA5.exe FirewallRules: [{7DEF3950-C051-427A-A390-EE783903CAC7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D30A3FC1-8014-444D-B7E0-4E630FA8EC0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B56441A1-698D-4D53-8C77-249FA350D201}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1FE66BA7-6289-4BD3-A1EE-DA5551D2AE9E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{73D23223-6976-426A-8B3E-7322B0760384}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{C622D541-3BE3-4C5E-B63A-72DC2176F392}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{0FFE552A-5E70-4F2C-967E-3B7AF8E99AD9}] => (Allow) E:\Jeux\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{1F9B5836-25C8-43D0-BA06-4D3C73B437EB}] => (Allow) E:\Jeux\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{66315CB9-8CA5-4608-970A-7D364BDB6D37}] => (Allow) E:\Jeux\Steam\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [{C448C914-4274-4C65-B762-6F83387A50D6}] => (Allow) E:\Jeux\Steam\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [{3B10090D-3764-4DD7-B460-60E7DE9AC243}] => (Allow) E:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{092F8F09-D9FE-4824-9947-14E2C289C5F1}] => (Allow) E:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{F731B97C-A87E-49A1-A618-2AFF2E00FB56}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{D659D9EE-3E43-4C64-87A4-33981DB3563B}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{A7DB8E12-BA1F-4039-8614-9E872C169C35}] => (Allow) E:\Jeux\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{BF0561E7-C935-49A9-95F8-8667E0A5F3AC}] => (Allow) E:\Jeux\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{32D00D2C-7671-4DC3-B1CD-F30530282723}] => (Allow) E:\Jeux\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [{3D0CEB3A-1A03-47B8-86F8-58B9C36E8252}] => (Allow) E:\Jeux\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [{C5970580-E4EF-4BCF-903E-034BA87DB65D}] => (Allow) E:\Jeux\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{D1EF1A18-0F05-4490-B2AB-7D61D78EFDBE}] => (Allow) E:\Jeux\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{CD4DCFD0-C504-4C04-AAA6-60E566C9CE1D}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [{6D9BCD69-047B-4CBF-B65A-43FF88E94C6A}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [UDP Query User{4FC77A8F-2E98-4A3F-BA49-D6180CB0FD15}E:\jeux\rockstar\gtav\gta5.exe] => (Allow) E:\jeux\rockstar\gtav\gta5.exe FirewallRules: [TCP Query User{74B1DF95-B19F-45C7-A125-C440687128FF}E:\jeux\rockstar\gtav\gta5.exe] => (Allow) E:\jeux\rockstar\gtav\gta5.exe FirewallRules: [{692204B3-F467-4F20-B2D5-81D74A7254BB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{B41C5838-629C-4B30-853E-2868DFD5772E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3FA6B1B4-89E4-40A3-A63A-65CA07B90797}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{7EA85693-1B96-4941-A5FA-6352DBA9F1CE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{7AA1E8B0-9F66-4775-A333-2CFD9D3B10DF}] => (Block) E:\program files (x86)\hi-rez\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [{6CB7DA48-9897-483A-8D4C-A842849A2EA2}] => (Block) E:\program files (x86)\hi-rez\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [UDP Query User{4C7080F6-5CFE-4EAC-AEE7-9065876A42FB}E:\program files (x86)\hi-rez\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\program files (x86)\hi-rez\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{573BC50D-CA59-47F4-916D-549CD5F897DB}E:\program files (x86)\hi-rez\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\program files (x86)\hi-rez\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [{5BC2DE17-B74F-46C6-903E-822023F9DD90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CCD83937-226D-4AE5-9F1E-92FE09565D40}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B89684BF-8B91-4597-AB82-B10AF53C4B14}] => (Allow) E:\Programmes\KMSpico\AutoPico.exe FirewallRules: [{89C60A8A-599A-4432-8BB5-F7C38540AF93}] => (Allow) E:\Programmes\KMSpico\AutoPico.exe FirewallRules: [{0FC60C46-F780-48BC-91F5-680FDC086ABB}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{DB0A4886-4A47-4C09-BC16-77824A5AEBBE}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{7D52E8DB-E1D5-41F9-A3FF-447EE423D45C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{15E10D39-27F8-467B-A01D-8B99DA7DCAC0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{573B6C91-A585-4FE0-AA5A-8D0C3C2567EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{63D8469D-FEF0-4885-B983-D8FDAD645BCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{613A27BA-1B05-45F1-8528-A20B10FB55EF}] => (Allow) E:\Jeux\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{C4698175-2E40-4C96-8406-391B18F2C2DB}] => (Allow) E:\Jeux\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [UDP Query User{983330DB-DE99-485A-A1B7-99B0660D18C2}E:\jeux\steam\steamapps\common\dayz\dayz.exe] => (Allow) E:\jeux\steam\steamapps\common\dayz\dayz.exe FirewallRules: [TCP Query User{EBF3EA5E-390B-40ED-A347-B31AAFB961FA}E:\jeux\steam\steamapps\common\dayz\dayz.exe] => (Allow) E:\jeux\steam\steamapps\common\dayz\dayz.exe FirewallRules: [{BDCB60B1-7A20-42A9-A18C-02BDE4D26C8E}] => (Allow) E:\Jeux\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{8F1CDEAF-571B-4F86-9ABF-D80383074C68}] => (Allow) E:\Jeux\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{BB721862-8624-4C4B-88E9-881B0938695A}] => (Allow) E:\Jeux\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{AAEA7766-A35B-43DA-95F0-77B473AE2939}] => (Allow) E:\Jeux\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{C96E1F19-AE52-4188-A5DB-003945017892}] => (Allow) E:\Jeux\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{39BB3D2B-50A1-4666-ACB7-370F3869F490}] => (Allow) E:\Jeux\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{E31FB05C-78E6-42DE-8D5F-758A803A06EB}] => (Allow) E:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{CBA3ACE6-C589-4A01-B4F8-9B9F235FFDA7}] => (Allow) E:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{36890659-73BF-4E04-911C-BD96A104A2E7}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [{C1E59A34-D131-4994-A3E0-66005A6C0A54}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe FirewallRules: [{30ED4443-3641-4FB8-9015-10C2541B2C11}] => (Allow) E:\Jeux\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{89EAAEA6-E1AA-4AB8-84CF-DE62EF75AC2C}] => (Allow) E:\Jeux\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{9D2B8F69-8ADC-4AE6-90F6-8DA39813A0F9}] => (Allow) E:\Jeux\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe FirewallRules: [{97F8F9BF-1C76-47F2-B325-D5F80579BB83}] => (Allow) E:\Jeux\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe FirewallRules: [{BFC1BA98-D83C-4B95-B4C9-EF3094B978D2}] => (Allow) E:\Jeux\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe FirewallRules: [{B944D8F4-53B1-40AB-8DD0-BBEFA1E87189}] => (Allow) E:\Jeux\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe FirewallRules: [{4718FAD8-FE9B-40DC-8207-2FBA97502B91}] => (Allow) E:\Jeux\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [{13D7771C-8D91-421F-8F20-4B07851E8CB2}] => (Allow) E:\Jeux\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [UDP Query User{DBC05DA3-9748-4B6B-8EC9-C0A8CC2012AF}E:\jeux\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\jeux\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe FirewallRules: [TCP Query User{04900FE4-A2D3-471C-961B-F97476347CC7}E:\jeux\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\jeux\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe FirewallRules: [{E6DB3ACF-DF2C-459C-9F5C-B6CFC8150963}] => (Allow) E:\Jeux\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [{676AC320-D479-42E4-B7FA-6C029153324B}] => (Allow) E:\Jeux\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [UDP Query User{D26B255F-49FD-436D-93C2-4F7FD121B268}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [TCP Query User{782B964A-7129-4657-A994-DDC1C1C4C57A}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [UDP Query User{59551149-2AC5-4F78-8D36-489DC9A497C3}E:\program files (x86)\skype\phone\skype.exe] => (Allow) E:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{6FE07C6D-622E-489F-9A7B-57B3CA5274F8}E:\program files (x86)\skype\phone\skype.exe] => (Allow) E:\program files (x86)\skype\phone\skype.exe FirewallRules: [{9DB5542B-0BD0-461E-8563-3A426AB7B6A0}] => (Allow) E:\Jeux\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe FirewallRules: [{A9FCD9E4-C247-400F-AC47-6B284AC7B097}] => (Allow) E:\Jeux\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe FirewallRules: [UDP Query User{01734B88-7B34-43B9-87E1-584F8578DB51}E:\jeux\supraball\binaries\win32\udk.exe] => (Allow) E:\jeux\supraball\binaries\win32\udk.exe FirewallRules: [TCP Query User{996A154E-3965-40E0-B34C-25E27E639DD5}E:\jeux\supraball\binaries\win32\udk.exe] => (Allow) E:\jeux\supraball\binaries\win32\udk.exe FirewallRules: [{444E8B26-FFB8-4B85-8752-0484DD334444}] => (Allow) E:\Jeux\Steam\bin\steamwebhelper.exe FirewallRules: [{875269A0-E6A5-455A-A3F6-7B3A138CF565}] => (Allow) E:\Jeux\Steam\bin\steamwebhelper.exe FirewallRules: [{3E5944FD-2ED7-4CE4-9788-6B1DE917CC0E}] => (Allow) E:\Jeux\Hearthstone\Hearthstone.exe FirewallRules: [{E87ADB50-C6FB-428B-A4FD-34187315E9BA}] => (Allow) E:\Jeux\Hearthstone\Hearthstone.exe FirewallRules: [{897EBAA6-BA1D-42CA-9E83-BBDF3126F6D4}] => (Allow) E:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe FirewallRules: [{E8282344-7694-4317-8730-3F03817D4B2E}] => (Allow) E:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe FirewallRules: [{4A8A4160-8065-4DB4-B4EA-297AF73A4017}] => (Allow) E:\Jeux\Steam\SteamApps\common\Mass Effect 2\MassEffect2Launcher.exe FirewallRules: [{EE445B06-4C9C-436E-B04A-8E066FFEF3A6}] => (Allow) E:\Jeux\Steam\SteamApps\common\Mass Effect 2\MassEffect2Launcher.exe FirewallRules: [{88F010EB-D264-4A59-8E2A-4E1100A01A55}] => (Allow) E:\Jeux\Steam\SteamApps\common\Mass Effect 2\Binaries\MassEffect2.exe FirewallRules: [{8DA63B48-59BB-455D-B6D5-D1F008E19A1A}] => (Allow) E:\Jeux\Steam\SteamApps\common\Mass Effect 2\Binaries\MassEffect2.exe FirewallRules: [{6A51028C-4C67-4218-A007-E55219D41DF3}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{35D01757-7020-4015-B5BA-A59367BC1E34}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{B9E14E5D-1D8B-48D7-A93D-D4FDA39F2ED3}] => (Allow) E:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe FirewallRules: [{D342ED58-AB7C-4FF8-A4BE-982EB1CDDF79}] => (Allow) E:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe FirewallRules: [{E86C882D-0B6D-410A-98D9-B6ECA5B497AB}] => (Allow) E:\Jeux\Steam\SteamApps\common\Mass Effect\Binaries\MassEffect.exe FirewallRules: [{8085F73A-2453-48AC-B64F-7D8E8EAFDA26}] => (Allow) E:\Jeux\Steam\SteamApps\common\Mass Effect\Binaries\MassEffect.exe FirewallRules: [{ACCD9D69-4615-4090-912D-9D5FCC3F3A19}] => (Allow) E:\Jeux\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{6A99E406-ACA5-4780-BEDA-0F235233289C}] => (Allow) E:\Jeux\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [UDP Query User{5404A550-F501-4145-BEEE-4348B957C8AA}E:\jeux\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\jeux\steam\steamapps\common\the witcher 2\bin\witcher2.exe FirewallRules: [TCP Query User{AAC2B659-AD33-475E-AA6C-0FE6E5A81590}E:\jeux\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\jeux\steam\steamapps\common\the witcher 2\bin\witcher2.exe FirewallRules: [{0D8E45AE-A6A7-4C71-8280-1985B432244E}] => (Allow) E:\Jeux\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe FirewallRules: [{694E0251-8B33-4017-8600-E301A5398058}] => (Allow) E:\Jeux\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe FirewallRules: [{80EABC7F-2993-40CA-BC44-6CD170F62E66}] => (Allow) E:\Jeux\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe FirewallRules: [{E85154E9-06B8-4619-BC82-A051EDA4B740}] => (Allow) E:\Jeux\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe FirewallRules: [{A897CD71-CB82-4A90-95A2-C3AA989CB27A}] => (Allow) E:\Jeux\Steam\SteamApps\common\the witcher 2\Launcher.exe FirewallRules: [{46786834-7B4C-4A21-AC5A-F052344BBBDC}] => (Allow) E:\Jeux\Steam\SteamApps\common\the witcher 2\Launcher.exe FirewallRules: [{CA2BD0ED-869F-48A2-9469-15A8DF223FC1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{21D03D14-367D-41F2-AC06-EFDE2EF23CD7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{7E2F095E-FF76-41ED-BA83-33794F8015F0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{AF4AB16E-093A-4E33-8CEE-549895353F03}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{6BEC7774-8A87-4807-9A4A-B2732EF59CA0}] => (Allow) E:\Jeux\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{A759C81B-FFEF-436E-9259-614EB0F3E0F8}] => (Allow) E:\Jeux\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{5D361F5E-5A89-4978-BEB9-8CBEC3A2D4A2}] => (Allow) E:\Programmes\KMSpico\Service_KMS.exe FirewallRules: [{589D38F5-31C6-43C8-ACE8-A9772F534E3C}] => (Allow) E:\Programmes\KMSpico\Service_KMS.exe FirewallRules: [{456F92D7-F531-487F-B8B1-D213D9566A62}] => (Allow) C:\Users\Benjamin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BA0CD917-8CB0-4A6D-B2D4-EB249EA351BE}] => (Allow) C:\Users\Benjamin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C22704DF-E004-4F97-B0BC-37FEF46F1AFD}] => (Allow) E:\Jeux\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{A8A2AD5D-CDBC-40F3-A466-1525E05E9A55}] => (Allow) E:\Jeux\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{0FE73115-EE80-40A5-9D35-1D00A8CCE510}] => (Allow) E:\Jeux\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{D180CB11-ACC8-4FCA-81CD-04934E5C5AE9}] => (Allow) E:\Jeux\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{31129831-62BE-4E6A-8440-5E03C6B6CAC5}] => (Allow) E:\Jeux\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [{8E10605B-FF63-4F1D-8E6B-D4156C721C76}] => (Allow) E:\Jeux\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [{60A12FB3-4A9E-49D7-A687-BB5E34A51D9A}] => (Allow) E:\Jeux\Battle.net\Battle.net.exe FirewallRules: [{DB20D000-2A17-4CFF-9803-BC20360C6566}] => (Allow) E:\Jeux\Battle.net\Battle.net.exe FirewallRules: [{4D95CC4A-6295-41FC-B5E8-9E0ACA3F0FCA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{926A69C9-88C7-4454-B49D-C75E654556E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{827DB4E1-0261-410C-BD94-567D13AF956E}] => (Allow) E:\Jeux\Steam\Steam.exe FirewallRules: [{2931B639-B946-4F54-A3D4-F677993DB73F}] => (Allow) E:\Jeux\Steam\Steam.exe DomainProfile\AuthorizedApplications: [E:\Jeux\Scrabble2009\ScrabblePCR.exe] => Enabled:ScrabblePCR StandardProfile\AuthorizedApplications: [E:\Jeux\Scrabble2009\ScrabblePCR.exe] => Enabled:ScrabblePCR ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/30/2015 10:06:48 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Une instance du service s’exécute déjà Error: (07/30/2015 10:06:48 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Descripteur non valide Error: (07/30/2015 09:33:09 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Une instance du service s’exécute déjà Error: (07/30/2015 09:33:09 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Descripteur non valide Error: (07/30/2015 12:05:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC_Benjamin) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (07/29/2015 11:29:34 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Une instance du service s’exécute déjà Error: (07/29/2015 11:29:34 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Descripteur non valide Error: (07/29/2015 11:18:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC_Benjamin) Description: Échec de l’activation de l’application Microsoft.Getstarted_2.2.7.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca avec l’erreur : -2144927149 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (07/29/2015 11:18:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC_Benjamin) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (07/29/2015 11:18:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchUI.exe, version : 10.0.10240.16401, horodatage : 0x55b1a665 Nom du module défaillant : CortanaApi.dll, version : 0.0.0.0, horodatage : 0x55b1a20d Code d’exception : 0x80000003 Décalage d’erreur : 0x00000000001563ab ID du processus défaillant : 0x77c Heure de début de l’application défaillante : 0xSearchUI.exe0 Chemin d’accès de l’application défaillante : SearchUI.exe1 Chemin d’accès du module défaillant: SearchUI.exe2 ID de rapport : SearchUI.exe3 Nom complet du package défaillant : SearchUI.exe4 ID de l’application relative au package défaillant : SearchUI.exe5 System errors: ============= Error: (07/30/2015 10:04:31 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (07/30/2015 10:01:31 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service HitmanPro 3.7 Crusader (Boot) s’est arrêté avec l’erreur spécifique au service suivante : %%0 Error: (07/30/2015 10:00:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Accès aux données utilisateur_Session2 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/30/2015 10:00:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Stockage des données utilisateur_Session2 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/30/2015 10:00:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Données de contacts_Session2 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/30/2015 10:00:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Hôte de synchronisation_Session2 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/30/2015 09:30:49 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (07/30/2015 12:05:09 AM) (Source: DCOM) (EventID: 10010) (User: PC_Benjamin) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Error: (07/30/2015 12:05:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Accès aux données utilisateur_Session1 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/30/2015 12:05:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Stockage des données utilisateur_Session1 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Microsoft Office: ========================= Error: (07/30/2015 10:06:48 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Une instance du service s’exécute déjà Error: (07/30/2015 10:06:48 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Descripteur non valide Error: (07/30/2015 09:33:09 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Une instance du service s’exécute déjà Error: (07/30/2015 09:33:09 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Descripteur non valide Error: (07/30/2015 12:05:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC_Benjamin) Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141 Error: (07/29/2015 11:29:34 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Une instance du service s’exécute déjà Error: (07/29/2015 11:29:34 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Descripteur non valide Error: (07/29/2015 11:18:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC_Benjamin) Description: Microsoft.Getstarted_2.2.7.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca-2144927149 Error: (07/29/2015 11:18:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC_Benjamin) Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2147023170 Error: (07/29/2015 11:18:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: SearchUI.exe10.0.10240.1640155b1a665CortanaApi.dll0.0.0.055b1a20d8000000300000000001563ab77c01d0ca4417ac9dd5C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll48c67c71-d7c7-46ca-bcc2-3ca6f1c0c5baMicrosoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyCortanaUI ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz Percentage of memory in use: 21% Total physical RAM: 8135.93 MB Available physical RAM: 6393.03 MB Total Virtual: 9415.93 MB Available Virtual: 7632.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.01 GB) (Free:33.05 GB) NTFS Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:229.97 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 4D497831) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0F1DB4B6) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of log ============================