Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015 Ran by David at 2015-07-14 10:34:57 Running from C:\Users\David\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-1048256787-344287163-565126587-500 - Administrator - Disabled) David (S-1-5-21-1048256787-344287163-565126587-1000 - Administrator - Enabled) => C:\Users\David Invité (S-1-5-21-1048256787-344287163-565126587-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1048256787-344287163-565126587-1000\...\uTorrent) (Version: 3.4.2.39744 - BitTorrent Inc.) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-1048256787-344287163-565126587-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{331C520E-D8C3-4AB9-ADF7-A666A3561922}) (Version: 1.3.17.25001 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.3.17.25001 - Alcor Micro Corp.) Hidden Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.18 - asus) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6086 - AVG Technologies) AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.6086 - AVG Technologies) Hidden BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.) BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform) Dropbox (HKU\S-1-5-21-1048256787-344287163-565126587-1000\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.) ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version: - ) Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.) GameRanger (HKU\S-1-5-21-1048256787-344287163-565126587-1000\...\GameRanger) (Version: - GameRanger Technologies) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Hitman Blood Money (HKLM-x32\...\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}) (Version: 1.00.0000 - Eidos) ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Ma-Config.com (64 bits) (HKLM\...\{E1322B8A-6F66-44ED-95D5-7FEBC50AC814}) (Version: 7.1.5.0 - Cybelsoft) Malwarebytes Anti-Exploit version 1.07.1.1011 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1011 - Malwarebytes) Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Professionnel Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Mises à jour NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Pilote graphique 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) Panneau de configuration NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 4.9 - Power Software Ltd) qBittorrent 3.2.0 (HKLM-x32\...\qBittorrent) (Version: 3.2.0 - The qBittorrent project) Quake III Arena Point Release 1.32 (HKLM-x32\...\Quake III Arena Point Release 1.32) (Version: - ) Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1200 - Nom de votre société) Super Hide IP (HKLM-x32\...\SuperHideIP) (Version: 3.0.6.2 - ) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinDirStat 1.1.2 (HKU\S-1-5-21-1048256787-344287163-565126587-1000\...\WinDirStat) (Version: - ) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1048256787-344287163-565126587-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) ==================== Restore Points ========================= 13-07-2015 12:43:16 Installed AVG 2015 13-07-2015 12:44:28 Installed AVG 2015 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:34 - 2015-07-11 15:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {165E1CA8-313E-4AD3-863E-363773DDC02E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated) Task: {198C2664-F805-4EB2-A43A-6C8EE24498BC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {19C935BD-2EC5-4562-8DCA-60531E8F47C9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1048256787-344287163-565126587-1000Core => C:\Users\David\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {23E3CA3D-1EED-4349-8F69-CF741EC6C010} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS) Task: {35D0EAA9-FFFB-440D-BEC6-AC73DAED774D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-12] (Google Inc.) Task: {42CEF5D2-3630-47F5-A4DB-46375B09D5CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-12] (Google Inc.) Task: {4B1946CD-DEC1-4481-AB53-10FA5CFD4536} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-07-24] () Task: {8B585691-B8AF-4FAB-86CE-C053D3DDD781} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd) Task: {E2059714-751F-4471-AA61-AE17447AC252} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1048256787-344287163-565126587-1000UA => C:\Users\David\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1048256787-344287163-565126587-1000Core.job => C:\Users\David\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1048256787-344287163-565126587-1000UA.job => C:\Users\David\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-12-06 18:29 - 2014-07-02 15:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2009-07-24 06:32 - 2009-07-24 06:32 - 01593344 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 2015-06-11 18:03 - 2015-06-11 17:58 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll 2015-05-08 15:50 - 2015-05-08 15:50 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2014-10-11 09:06 - 2014-10-11 09:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 09:05 - 2014-10-11 09:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-11 13:35 - 2015-07-11 13:35 - 00043008 _____ () c:\users\david\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl5jsv4.dll 2015-03-04 18:45 - 2015-03-19 04:15 - 00750080 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 18:45 - 2015-03-19 04:15 - 00047616 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 18:45 - 2015-03-19 04:15 - 00865280 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 18:45 - 2015-03-19 04:15 - 00200704 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-03-04 18:45 - 2015-03-19 04:15 - 00010240 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 18:45 - 2015-03-19 04:15 - 00726016 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-03-04 18:45 - 2015-03-19 04:15 - 00010240 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\David\Desktop\CV - LM.lnk:com.dropbox.attributes ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1048256787-344287163-565126587-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 89.248.166.149 - 8.8.8.8 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: VoipConnect => "D:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.exe" -nosplash -minimized ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{283276B3-F746-4638-881B-2FD11D003E6D}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3016982E-3367-49ED-ABB5-D4FCC281D73D}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{392A2FCA-4582-4370-8515-13E0FF42BD59}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{EC9F6862-5FFF-4E1A-A0CC-33B79FCB6871}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\david\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{AB269713-015E-4232-8A36-8F91AAD06A72}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{542106B3-F883-44B9-9227-7F863DE5E07F}C:\users\david\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\david\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{DE9B4158-37D0-480D-B85B-AA5798B86DAD}C:\users\david\downloads\utorrent.exe] => (Allow) C:\users\david\downloads\utorrent.exe FirewallRules: [UDP Query User{3245E2C1-2578-443A-8C9E-24A572B06A29}C:\users\david\downloads\utorrent.exe] => (Allow) C:\users\david\downloads\utorrent.exe FirewallRules: [{16A0D637-939D-4746-A2B1-AAEB69274806}] => (Allow) LPort=48113 FirewallRules: [{5D730258-0A3E-4615-82EC-A09CED898D8E}] => (Allow) LPort=48114 FirewallRules: [{FDE89F85-78FF-471E-8E17-70D2445AAC4A}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{B55D0CA2-CE7A-4C01-B65E-DE5B93D6C252}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{C7F6C81F-918C-4520-985F-C3F1B15DDFBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{36A1DA13-D30A-4BF4-BD06-F17E7082EA61}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{57455261-4EF9-4F1B-BB12-F88A02D6CD25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9C317823-3A88-4DD3-BCE6-0F365228FD54}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{AC0CDDA1-5DD6-4E5E-B903-8E25CAB7F856}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{ED3F6F98-AD6C-4F7F-8CAD-7910B8DB42A6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{123F2BDC-963C-4581-83A9-6A34CFEB8AB7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{09C35C61-B33D-4483-92DA-6B172A649F33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{CFFDA5B2-204B-40C8-B01D-9C5671E3D0C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{6B89E2F2-211D-4B90-8E91-1AF8D1F8AE30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{61CD5D21-2CC9-40C1-BADE-3FF342E98A86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7E7B09CD-CB55-4123-9AD4-EFE27AA5D0D3}] => (Allow) C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{A27E2931-5FC1-4727-AE0D-ECC14A05AD30}] => (Allow) C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{45180A32-8755-4256-8141-FCCB5D69EDE4}C:\users\david\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\david\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{22AA3C4C-1A44-499D-88DA-1211164C6CD1}C:\users\david\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\david\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{507E2AB9-AF77-4823-A87F-058903F2D066}C:\users\david\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\david\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [UDP Query User{4D8A2BB7-94FC-4A5D-8C24-BB45373C7F39}C:\users\david\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\david\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [TCP Query User{FCF6C90F-0378-4920-B298-AA0CF26A220F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [UDP Query User{45E2480C-2FA3-487B-9B1C-97F28D906A34}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [TCP Query User{220CA3CB-1192-4760-A89F-E35860F22CE7}C:\users\david\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\david\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [UDP Query User{AB3D0DE7-511C-444E-AAB8-FF94422EC8C1}C:\users\david\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\david\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [TCP Query User{20E782C2-E4D4-4CB4-9D2E-C7E76907ADFF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [UDP Query User{DE42AFB0-9FDE-4B99-885A-DCE46F84BBC1}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [TCP Query User{7B57437E-E100-49F0-BB14-AF1CAFD85182}C:\users\david\downloads\utorrent.exe] => (Allow) C:\users\david\downloads\utorrent.exe FirewallRules: [UDP Query User{C8D1D20E-03F1-41F0-AF0C-DD29BDB00C06}C:\users\david\downloads\utorrent.exe] => (Allow) C:\users\david\downloads\utorrent.exe FirewallRules: [{9DE42FB6-6C00-4CAC-8FA9-2CC8A44B7DC0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{ECA0CE91-ADF3-4FEE-A1A2-D7881E590536}D:\age of empires ii\age of empires ii 1.0\age2_x1\age2_x1.exe] => (Allow) D:\age of empires ii\age of empires ii 1.0\age2_x1\age2_x1.exe FirewallRules: [UDP Query User{6B110600-6ECF-42EB-BEDA-893CECAB1E2E}D:\age of empires ii\age of empires ii 1.0\age2_x1\age2_x1.exe] => (Allow) D:\age of empires ii\age of empires ii 1.0\age2_x1\age2_x1.exe FirewallRules: [TCP Query User{12D99087-646A-4303-88D5-B2F8D66F6DA8}D:\age of empires ii\age of empires ii 1.0c\age2_x1\age2_x1.exe] => (Allow) D:\age of empires ii\age of empires ii 1.0c\age2_x1\age2_x1.exe FirewallRules: [UDP Query User{E1FFA8B9-3268-4092-B01E-2E5242778FF2}D:\age of empires ii\age of empires ii 1.0c\age2_x1\age2_x1.exe] => (Allow) D:\age of empires ii\age of empires ii 1.0c\age2_x1\age2_x1.exe FirewallRules: [TCP Query User{58072F38-EFCD-4E34-8306-BF1C283BF522}D:\age of empires ii\age of empires ii 1.0\age2_x1\age2_x1.exe] => (Allow) D:\age of empires ii\age of empires ii 1.0\age2_x1\age2_x1.exe FirewallRules: [UDP Query User{4451C284-D0CB-45A8-B467-E179A1242A29}D:\age of empires ii\age of empires ii 1.0\age2_x1\age2_x1.exe] => (Allow) D:\age of empires ii\age of empires ii 1.0\age2_x1\age2_x1.exe FirewallRules: [{21FF6180-1950-4C01-83AE-D110C15BB86D}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{C14123B9-2B55-42BF-86F7-46F62794CAE7}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{2679001B-4162-4408-B0FE-354BCD0DE8E0}] => (Allow) LPort=4481 FirewallRules: [{8CB71772-019C-46A0-92C0-F27D1A24142D}] => (Allow) LPort=4481 FirewallRules: [{8D48C585-1770-4929-A389-28BE658292F3}] => (Allow) LPort=4482 FirewallRules: [{58A386E9-1ABB-4839-BF2C-D88956D8B4C8}] => (Allow) LPort=4482 FirewallRules: [TCP Query User{F8DB21F9-01CF-416A-B998-FE315F309A6F}C:\users\david\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.4.2_38913.exe FirewallRules: [UDP Query User{E19612F7-B3A8-457E-B405-837B06D0DA9B}C:\users\david\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.4.2_38913.exe FirewallRules: [TCP Query User{2B1EFB6E-A13F-4FC5-97ED-47A89007FFC1}D:\age of empires ii\age of empires ii 1.0c\age2_x1\age2_x1.exe] => (Allow) D:\age of empires ii\age of empires ii 1.0c\age2_x1\age2_x1.exe FirewallRules: [UDP Query User{5ADEF5C7-1A39-4232-8E91-82F589ABDD07}D:\age of empires ii\age of empires ii 1.0c\age2_x1\age2_x1.exe] => (Allow) D:\age of empires ii\age of empires ii 1.0c\age2_x1\age2_x1.exe FirewallRules: [TCP Query User{8D18EE9E-E490-43CB-BBE0-6F8E31D5E776}C:\users\david\desktop\cs 1.6\hl.exe] => (Allow) C:\users\david\desktop\cs 1.6\hl.exe FirewallRules: [UDP Query User{217DF528-3DAA-4AB1-960B-3E5CB8A68F38}C:\users\david\desktop\cs 1.6\hl.exe] => (Allow) C:\users\david\desktop\cs 1.6\hl.exe FirewallRules: [TCP Query User{6F9073E4-00CE-4E8B-B0A1-427955F01A28}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{3B5BF95E-F116-4A0E-B513-FF44B3837531}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{90F97C57-505A-4FB2-927B-16B018B202C8}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe FirewallRules: [UDP Query User{36B21157-A48D-47A1-B0B7-280205FB7906}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe FirewallRules: [{6925A53C-ED88-4DF1-B7D6-95EE72D559AB}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{F0F72920-1F25-4E6C-B5CA-914CBF92E487}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{F5674FD5-ABE1-4242-95BE-6C9BFD11AB3B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4D80F09C-DF39-433D-A4DD-65C75F9B464B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{EB3BD2EA-096F-433C-B654-7DD0DE594645}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{5807F893-518F-4886-9798-0BB21A515952}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{12AAECF2-03D5-410D-871A-5232B3F6D9DB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{76592A9A-8775-4F54-9B24-EB0CFB0DD663}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{74577411-E70B-45DB-BFCE-344C62756844}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{6CDCB6EF-E05F-476E-8B26-2128EF24C9DE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{2EE5089C-62DD-4E15-9759-555B8F1B09BA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/14/2015 10:25:22 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 35402243 Error: (07/14/2015 10:25:22 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 35402243 Error: (07/14/2015 10:25:22 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/14/2015 10:25:20 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 35400589 Error: (07/14/2015 10:25:20 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 35400589 Error: (07/14/2015 10:25:20 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/14/2015 10:25:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 35399544 Error: (07/14/2015 10:25:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 35399544 Error: (07/14/2015 10:25:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/14/2015 10:25:18 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 35398452 System errors: ============= Error: (07/12/2015 08:34:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Service de rapport d’erreurs Windows. Error: (07/11/2015 05:37:18 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur. Error: (07/11/2015 01:28:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Office Software Protection Platform s’est terminé de façon inattendue pour la 1ème fois. Error: (07/11/2015 01:28:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Installer s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service. Error: (07/11/2015 01:28:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Ma-Config Agent s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service. Error: (07/11/2015 01:28:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Programme d’installation pour les modules Windows s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service. Error: (07/11/2015 01:28:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (07/11/2015 01:28:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Cliché instantané des volumes s’est terminé de façon inattendue pour la 1ème fois. Error: (07/11/2015 01:28:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Blackberry Device Manager s’est terminé de façon inattendue pour la 1ème fois. Error: (07/11/2015 01:28:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Service de l’iPod s’est terminé de façon inattendue pour la 1ème fois. Microsoft Office: ========================= Error: (07/14/2015 10:25:22 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 35402243 Error: (07/14/2015 10:25:22 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 35402243 Error: (07/14/2015 10:25:22 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/14/2015 10:25:20 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 35400589 Error: (07/14/2015 10:25:20 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 35400589 Error: (07/14/2015 10:25:20 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/14/2015 10:25:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 35399544 Error: (07/14/2015 10:25:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 35399544 Error: (07/14/2015 10:25:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/14/2015 10:25:18 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 35398452 CodeIntegrity Errors: =================================== Date: 2015-06-15 17:31:22.306 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-15 17:31:06.399 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-15 17:31:02.487 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-15 17:31:00.858 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-15 17:30:57.687 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-15 17:30:56.444 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-15 17:30:55.754 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-15 16:32:51.759 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-15 16:30:10.652 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-15 16:30:06.344 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz Percentage of memory in use: 70% Total physical RAM: 4095.27 MB Available physical RAM: 1221.49 MB Total Virtual: 8188.75 MB Available Virtual: 5370.95 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.52 GB) (Free:6.82 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:38.94 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 76692CA8) Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C) Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=208.9 GB) - (Type=OF Extended) ==================== End of log ============================