Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015 Ran by Doudou at 2015-07-24 21:53:31 Running from C:\Users\Doudou\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-1763256067-2799967106-1615800342-500 - Administrator - Enabled) => C:\Users\Administrateur Cindy (S-1-5-21-1763256067-2799967106-1615800342-1005 - Administrator - Enabled) => C:\Users\Cindy Doudou (S-1-5-21-1763256067-2799967106-1615800342-1000 - Administrator - Enabled) => C:\Users\Doudou HomeGroupUser$ (S-1-5-21-1763256067-2799967106-1615800342-1007 - Limited - Enabled) Invité (S-1-5-21-1763256067-2799967106-1615800342-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Pare-feu personnel G DATA (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Amazon MP3 Downloader 1.0.18 (HKU\S-1-5-21-1763256067-2799967106-1615800342-1000\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC) Amazon Music (HKU\S-1-5-21-1763256067-2799967106-1615800342-1000\...\Amazon Amazon Music) (Version: 3.1.0.570 - Amazon Services LLC) Bing Bureau (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation) BleachBit (HKLM-x32\...\BleachBit) (Version: 1.8 - BleachBit) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden C309g-m (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Centre Souris et Claviers Microsoft (Version: 2.3.188.0 - Microsoft Corporation) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Diaporama Photos Facile (HKLM-x32\...\{636E34EC-8BF5-4350-8C68-57DC8C9C1E29}) (Version: 7.81 - Avanquest) Downloader (HKLM-x32\...\Downloader) (Version: - ) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden Easy Slideshow Creator WE (x32 Version: 7.081.000 - Avanquest) Hidden Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.) G DATA INTERNET SECURITY (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.7 - G DATA Software AG) Glary Utilities 5.30 (HKLM-x32\...\Glary Utilities 5) (Version: 5.30.0.50 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Grand Theft Auto(TM): San Andreas (HKLM-x32\...\{77B07EA9-570E-472B-8B5A-1C8D5232D328}_is1) (Version: - Rockstar) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{5A1FBC15-2DE2-4B71-809F-33E746908CE4}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden IdeaCom Touch Driver (HKLM-x32\...\{7CD420AB-19D0-4D7F-8D9A-AD9061925F12}) (Version: 1.00.0000 - Acer Incorporated) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.02.0013 - ITE) Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation) Ma-Config.com (64 bits) (HKLM\...\{9A3C5DC9-EEA9-4FB2-855A-26FE6DA733EA}) (Version: 7.1.3.1 - Cybelsoft) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft Office Famille et Étudiant 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) MyDriveConnect 4.0.3.2180 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.3.2180 - TomTom) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden Nielsen (HKLM-x32\...\NetSight) (Version: - ) PS_AIO_06_C309g-m_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Nom de votre société) QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Rapport (x32 Version: 3.5.1412.176 - Trusteer) Hidden Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SFR Cloud (HKU\S-1-5-21-1763256067-2799967106-1615800342-1000\...\SFR Cloud) (Version: 2.1.2963 - F-Secure Corporation) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.) Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.45 - Stardock Software, Inc.) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Trusteer Sécurité des points d'accès (HKLM-x32\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer) Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - ) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Warcraft III (HKLM-x32\...\Warcraft III) (Version: - ) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 07-07-2015 14:39:59 Windows Update 16-07-2015 10:26:17 Windows Update 22-07-2015 13:52:12 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2014-07-29 11:48 - 2015-04-22 21:30 - 00000089 _RASH C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0CC6BCB8-ECBE-4548-A1E3-93B56E8659B3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {2A4FADE8-A7BB-4EC6-B211-AE0AD28A38C2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-03] (Dropbox, Inc.) Task: {3356E55F-20F8-4419-B2F7-AE54FFC4939C} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-07-20] (Glarysoft Ltd) Task: {56C676D0-E65F-41C2-AA4B-04DC33F9B992} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {5A290DDB-75DB-45B2-B224-8E57EEDC699E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {5F58C399-AB27-4871-B623-CDAA2EE369AF} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7a6952e5400 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08] (Google Inc.) Task: {62C8A7DB-A7B9-4C0E-881D-2E7C391C3CE1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\flashplayerupdateservice.exe [2015-07-15] (Adobe Systems Incorporated) Task: {655737A3-91BA-480C-85CB-054A922E311F} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe Task: {7E324047-2F7D-4B1A-BCC9-3143C0DECC48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08] (Google Inc.) Task: {87C3E3EC-050F-4B00-AD45-1965C809F0F1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-03] (Dropbox, Inc.) Task: {8B70934A-7D3E-4D8D-BF75-7EE56CEC0927} - System32\Tasks\{CF5695C9-AA62-4C78-92AC-6B69B15E1E66} => Iexplore.exe http://ui.skype.com/ui/0/6.1.60.129/fr/go/help.faq.installer?LastError=1618 Task: {9697992E-5B13-418B-A077-28A37D73C346} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {9C6A7A97-C6F2-43ED-8CEA-2127A518AD9E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {A78C1EAD-B464-49B4-8634-A29FF392EF4A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-07-20] (Glarysoft Ltd) Task: {CB424F16-896F-46E4-86D1-35CDC831E617} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {CD581DA6-7E37-4200-8354-DBACA55F3CF2} - System32\Tasks\GoogleUpdateTaskMachineUA1ce7a698628845 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08] (Google Inc.) Task: {E849CD0D-FF16-417F-8B87-882EF954E165} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {F01D103E-5AB7-4C4C-ABE2-CD400335B5C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\flashplayerupdateservice.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce7a6952e5400.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce7a698628845.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-06-16 11:17 - 2015-06-16 11:17 - 00382584 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2012-12-14 02:42 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-07-11 07:27 - 2014-07-01 20:58 - 03162944 _____ () C:\Users\Doudou\AppData\Local\Amazon Music\Amazon Music Helper.exe 2015-06-04 13:19 - 2015-06-04 13:19 - 00140288 _____ () C:\Program Files (x86)\MyDrive Connect\quazip.dll 2014-09-11 17:06 - 2014-09-11 17:06 - 00878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 00036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll 2014-09-11 17:06 - 2014-09-11 17:06 - 00038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 00032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 00027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 00381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 00204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 00218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll 2014-09-11 17:08 - 2014-09-11 17:08 - 00015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 00015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll 2014-09-11 17:15 - 2014-09-11 17:15 - 00307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll 2014-09-11 17:15 - 2014-09-11 17:15 - 00014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll 2014-09-11 17:15 - 2014-09-11 17:15 - 00252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll 2015-04-23 14:10 - 2015-01-16 09:34 - 00505344 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\communication.dll 2014-03-29 08:41 - 2015-01-16 09:40 - 00504832 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\nsmmc.dll 2014-09-11 17:07 - 2014-09-11 17:07 - 00119296 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\accessible\qtaccessiblewidgets.dll 2015-04-23 14:10 - 2015-01-16 09:35 - 00595968 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\npchromeinstaller.dll 2015-04-23 14:10 - 2015-01-16 09:35 - 00851968 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\npfirefoxprocessor.dll 2015-04-23 14:10 - 2015-01-16 09:37 - 00150528 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\npsp1.dll 2015-04-23 14:10 - 2015-01-16 09:34 - 00228864 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\npsurvey.dll 2015-04-23 14:10 - 2015-01-16 09:34 - 00224768 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter7\npwmi.dll 2015-07-24 21:40 - 2015-07-24 21:40 - 00043008 _____ () c:\users\doudou\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphisbsg.dll 2015-06-29 10:51 - 2015-03-19 09:15 - 00750080 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2015-06-29 10:51 - 2015-03-19 09:15 - 00047616 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2015-06-29 10:51 - 2015-03-19 09:15 - 00865280 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll 2015-06-29 10:51 - 2015-03-19 09:15 - 00200704 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll 2015-07-23 19:01 - 2015-03-19 09:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll 2015-07-23 19:01 - 2015-03-19 09:15 - 00726016 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-23 19:01 - 2015-03-19 09:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll 2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2015-07-20 09:09 - 2015-07-20 09:09 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Administrateur\Downloads\MaConfig_win.exe:BDU AlternateDataStreams: C:\Users\Administrateur\Downloads\Win64_152820.exe:BDU AlternateDataStreams: C:\Users\Cindy\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Doudou\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Doudou\SkyDrive.old:ms-properties AlternateDataStreams: C:\Users\Doudou\Desktop\War3ROC_124e_Francais_JeuxVideo.com_14550.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\AdbeRdr11008_en_US.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Adobe_Air_v14.0.0.178(1).exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Adobe_Air_v14.0.0.178.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Adobe_Flash_Player_(Non_IE)_v14.0.0.179.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Glary_Utilities_v5.2.0.5.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Glary_Utilities_v5.3.0.8(1).exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Glary_Utilities_v5.3.0.8.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Glary_Utilities_v5.4.0.11.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Glary_Utilities_v5.5.0.12.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Glary_Utilities_v5.6.0.13.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\jdk-8u11-windows-x64.exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Spybot_Search_Destroy_v2.4(1).exe:BDU AlternateDataStreams: C:\Users\Doudou\Downloads\Spybot_Search_Destroy_v2.4.exe:BDU ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7869 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1763256067-2799967106-1615800342-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Doudou\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\fond d'écran.bmp DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "BingDesktop" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKU\S-1-5-21-1763256067-2799967106-1615800342-1000\...\StartupApproved\StartupFolder: => "OneNote 2010 - Capture d’écran et lancement.lnk" HKU\S-1-5-21-1763256067-2799967106-1615800342-1000\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper" HKU\S-1-5-21-1763256067-2799967106-1615800342-1000\...\StartupApproved\Run: => "KiesPreload" HKU\S-1-5-21-1763256067-2799967106-1615800342-1000\...\StartupApproved\Run: => "" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [{E0520083-2B7E-4624-BD12-4BE9E75A485D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{D0999F88-6AC2-4DA2-B56F-C520AD9F2578}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{CFE1330B-2251-4B57-A2DB-A27BA13F3406}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{F46312A2-F88A-4290-97E2-9F1B49DD4B5F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{627A2DAF-640D-4A59-B170-2E10BAE62216}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{6407DB02-B9B9-4045-8BD8-D474D2E1F719}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{D5047E2C-50A1-4764-8B66-D6F6F4074C1E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{E2DEEDE9-EE7D-4388-9017-AC1F1FFF55BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{F5D5FE9B-92B9-4F28-A3B4-4E73161C42A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{F1F8C64E-DE7D-4262-9B16-76AF36186577}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{30FF987D-EDBC-48F8-BC0B-448265ACC9B8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{87BE6E9E-BD25-417B-A253-D81F9B7536E4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{D7FB709D-F6B7-445A-839B-0BD519592A2C}] => (Allow) LPort=48113 FirewallRules: [{D0FBE64B-1A53-4146-A63D-489DCEBDEC91}] => (Allow) LPort=48114 FirewallRules: [{D0812F62-B27A-45A1-A7D1-D4E526213326}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{0A7DAC64-2537-42B0-A120-CE5ED2E3E140}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{5326E747-DCC3-4EBF-9F3F-5FCE004263AC}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{2E0294C2-E2FC-4978-999E-EF9E96656E69}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{D294BF8E-797E-4FD7-BB73-71BFD95192DE}] => (Allow) %ProgramFiles% (x86)\Samsung\Kies3\Kies3.exe FirewallRules: [{7397715D-F080-4B36-A008-5E147EF3D018}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C761F30F-8CAF-493A-9AE7-97A5AEC94362}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EA59D709-F65F-4059-ACCC-1688D76AFD4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{DAF196DC-3EBC-411D-BE0E-79993118AA4F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Faulty Device Manager Devices ============= Name: A373 Description: A373 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/24/2015 08:02:40 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme firefox.exe version 39.0.0.5659 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 16f0 Heure de début : 01d0c5d5486aa305 Heure de fin : 15 Chemin d’accès de l’application : C:\Program Files (x86)\Mozilla Firefox\firefox.exe ID de rapport : 9234dd96-31c9-11e5-814b-446d574cfb91 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (07/24/2015 07:51:53 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme chrome.exe version 43.0.2357.134 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 684 Heure de début : 01d0c5d3bd727224 Heure de fin : 18 Chemin d’accès de l’application : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ID de rapport : 0e8d21ef-31c8-11e5-814b-446d574cfb91 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (07/24/2015 07:50:33 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme wwahost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1660 Heure de début : 01d0c5d3e99804ed Heure de fin : 4294967295 Chemin d’accès de l’application : C:\WINDOWS\syswow64\wwahost.exe ID de rapport : e34a4a75-31c7-11e5-814b-446d574cfb91 Nom complet du package défaillant : Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c ID de l’application relative au package défaillant : App Error: (07/24/2015 07:43:59 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante plugin-container.exe, version : 39.0.0.5659, horodatage : 0x55934d06 Nom du module défaillant : mozalloc.dll, version : 39.0.0.5659, horodatage : 0x55933a83 Code d’exception : 0x80000003 Décalage d’erreur : 0x00001aa1 ID du processus défaillant : 0xc8c Heure de début de l’application défaillante : 0xplugin-container.exe0 Chemin d’accès de l’application défaillante : plugin-container.exe1 Chemin d’accès du module défaillant: plugin-container.exe2 ID de rapport : plugin-container.exe3 Nom complet du package défaillant : plugin-container.exe4 ID de l’application relative au package défaillant : plugin-container.exe5 Error: (07/23/2015 09:19:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 284c Heure de début : 01d0c57b16e8b098 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : c3364d58-316f-11e5-814a-446d574cfb91 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/23/2015 09:14:59 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme wwahost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 2bc0 Heure de début : 01d0c57b20ebbda1 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\WINDOWS\syswow64\wwahost.exe ID de rapport : 0f67b5d8-316f-11e5-814a-446d574cfb91 Nom complet du package défaillant : Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c ID de l’application relative au package défaillant : App Error: (07/23/2015 09:14:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1d28 Heure de début : 01d0c575faa5229b Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : f7316bd2-316e-11e5-814a-446d574cfb91 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/23/2015 09:09:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DOUDOU-PC) Description: Échec de l’activation de l’application Microsoft.SkypeApp_kzf8qxf38zg5c!App avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (07/23/2015 09:09:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DOUDOU-PC) Description: Échec de l’activation de l’application Microsoft.SkypeApp_kzf8qxf38zg5c!App avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (07/23/2015 09:09:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DOUDOU-PC) Description: Échec de l’activation de l’application TODAEMEDIA.RadiosFrancaises_3dbn6fkmxyps2!App avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. System errors: ============= Error: (07/24/2015 09:47:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Rapport Management Service s’est terminé de façon inattendue pour la 1ème fois. Error: (07/24/2015 09:45:27 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {10DA4F3C-CC99-4190-BE4D-58330754E882} Error: (07/24/2015 09:43:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service HP Network Devices Support s’est arrêté avec l’erreur : %%126 Error: (07/24/2015 09:43:27 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {10DA4F3C-CC99-4190-BE4D-58330754E882} Error: (07/24/2015 09:41:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service HP Network Devices Support s’est arrêté avec l’erreur : %%126 Error: (07/24/2015 09:41:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service HP Network Devices Support s’est arrêté avec l’erreur : %%126 Error: (07/24/2015 09:41:27 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {10DA4F3C-CC99-4190-BE4D-58330754E882} Error: (07/24/2015 09:39:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service HP Network Devices Support s’est arrêté avec l’erreur : %%126 Error: (07/24/2015 06:02:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Rapport Management Service s’est terminé de façon inattendue pour la 1ème fois. Error: (07/24/2015 06:01:51 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {10DA4F3C-CC99-4190-BE4D-58330754E882} Microsoft Office: ========================= Error: (07/24/2015 08:02:40 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: firefox.exe39.0.0.565916f001d0c5d5486aa30515C:\Program Files (x86)\Mozilla Firefox\firefox.exe9234dd96-31c9-11e5-814b-446d574cfb91 Error: (07/24/2015 07:51:53 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: chrome.exe43.0.2357.13468401d0c5d3bd72722418C:\Program Files (x86)\Google\Chrome\Application\chrome.exe0e8d21ef-31c8-11e5-814b-446d574cfb91 Error: (07/24/2015 07:50:33 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.17415166001d0c5d3e99804ed4294967295C:\WINDOWS\syswow64\wwahost.exee34a4a75-31c7-11e5-814b-446d574cfb91Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp Error: (07/24/2015 07:43:59 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1c8c01d0c5d3a1d50070C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllfadc3b61-31c6-11e5-814b-446d574cfb91 Error: (07/23/2015 09:19:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911284c01d0c57b16e8b0984294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exec3364d58-316f-11e5-814a-446d574cfb91microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/23/2015 09:14:59 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.174152bc001d0c57b20ebbda14294967295C:\WINDOWS\syswow64\wwahost.exe0f67b5d8-316f-11e5-814a-446d574cfb91Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp Error: (07/23/2015 09:14:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.209111d2801d0c575faa5229b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exef7316bd2-316e-11e5-814a-446d574cfb91microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/23/2015 09:09:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DOUDOU-PC) Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2147023170 Error: (07/23/2015 09:09:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DOUDOU-PC) Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2147023170 Error: (07/23/2015 09:09:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DOUDOU-PC) Description: TODAEMEDIA.RadiosFrancaises_3dbn6fkmxyps2!App-2144927141 CodeIntegrity Errors: =================================== Date: 2015-04-22 03:32:00.219 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-22 03:31:27.218 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-23 09:33:34.077 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Doudou\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-23 09:33:34.061 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Doudou\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-23 09:17:00.591 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Doudou\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-23 09:17:00.569 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Doudou\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-23 09:11:09.448 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Doudou\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU G630 @ 2.70GHz Percentage of memory in use: 53% Total physical RAM: 3981.49 MB Available physical RAM: 1856.72 MB Total Virtual: 5325.49 MB Available Virtual: 2640.44 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:457.71 GB) (Free:318.26 GB) NTFS Drive d: (DATA) (Fixed) (Total:457.71 GB) (Free:457.42 GB) NTFS Drive f: (UT2004_DVDGERMAN) (CDROM) (Total:3.65 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: ED3B50D6) Partition 1: (Not Active) - (Size=16 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=457.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=457.7 GB) - (Type=07 NTFS) ==================== End of log ============================