Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01 Ran by petitstefmarie3 (2015-08-06 13:58:51) Running from C:\Users\petitstefmarie3\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-1468561344-554723036-469232721-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-1468561344-554723036-469232721-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1468561344-554723036-469232721-1004 - Limited - Enabled) Invité (S-1-5-21-1468561344-554723036-469232721-501 - Limited - Disabled) petitstefmarie3 (S-1-5-21-1468561344-554723036-469232721-1002 - Administrator - Enabled) => C:\Users\petitstefmarie3 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Protection antivirus et antispyware McAfee (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Protection antivirus et antispyware McAfee (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: Pare-feu McAfee (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrylic Wi-Fi Free v2.3 (HKU\S-1-5-21-1468561344-554723036-469232721-1002\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 2.3 - Tarlogic Security S.L.) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.0.22 - Dell Inc.) Dell Customer Connect (HKLM-x32\...\{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}) (Version: 1.2.1.0 - Dell Inc.) Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell) Dell System Detect (HKU\S-1-5-21-1468561344-554723036-469232721-1002\...\73f463568823ebbe) (Version: 6.4.0.7 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.) eMule (HKLM-x32\...\eMule) (Version: - ) EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation) Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden inSSIDer Office (HKLM-x32\...\{8C127DE3-EC36-4BA3-A6EE-6DC4A9B6C526}) (Version: 3.1.1.6 - MetaGeek, LLC) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation) Intel(R) Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1056 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.7.1000 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{EA904D67-DA3D-410D-82E4-1EADF4641BF7}) (Version: 4.2.40.2439 - Intel Corporation) K-Lite Mega Codec Pack 10.9.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.6 - ) Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{18a91b56-a919-4c87-b3bb-2dbcd9b7cc13}) (Version: 17.0.2 - Intel Corporation) McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.1076 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.356 - McAfee, Inc.) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 15.0.4737.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mises à jour NVIDIA 2.5.12.11 (Version: 2.5.12.11 - NVIDIA Corporation) Hidden Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 39.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA Pilote graphique 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Orange Plug-in messagerie vocale 888 (HKLM-x32\...\{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}) (Version: - ) Panneau de configuration NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.026 - Dell Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0046 - ST Microelectronics) TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Nom de votre société) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1468561344-554723036-469232721-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\petitstefmarie3\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 31-07-2015 10:04:50 Windows Update 31-07-2015 10:05:00 Windows Update 06-08-2015 00:00:32 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {100F760F-6624-457B-9D5D-024CEED0AB27} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-09] (Microsoft Corporation) Task: {111BDD44-2F28-4858-855B-9055B4BE2014} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION Task: {14DD5C55-A5B3-4F3D-B7EF-F312496CBB02} - System32\Tasks\Intel(R) Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-09-09] (Intel) Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {18865773-31DA-485E-986A-4531301793B6} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation) Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask Task: {2F2C8703-4457-4A5F-95D7-2E45A6504B21} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION Task: {32B71F98-762C-4865-A8C0-937A503CF341} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {3469FD6D-5E5E-4631-B342-0C4D9BBA705A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {41DCBF88-EAA6-4EE1-972A-0C862A88195E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-16] (Synaptics Incorporated) Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask Task: {4A72651F-A9D3-4DF0-8D70-757E89356BA6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd No Task File <==== ATTENTION Task: {51617D6B-33C5-4BD8-907C-C1BE54EE6F7A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {524039C8-4469-4402-B23C-88C99371A815} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION Task: {5C3E0A97-49F4-4614-82C4-847737E04EE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.) Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {69E2B518-24CB-4FB1-83D0-E446FC40D16D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.) Task: {6A37702E-6069-407D-A1AE-B382B3056BEB} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.) Task: {6EBAFBA0-1C6E-4395-90D5-AB2979EAF6F1} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.) Task: {6F9DBC25-0C96-47CC-94B4-A697400E8919} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask Task: {71845BA7-2D2B-4C31-AD92-B52CE3AF3790} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION Task: {718FFFEA-7FC8-4996-A174-D794F454988E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-07-31] (Microsoft Corporation) Task: {7F56787D-7CB9-47DB-99A7-66B85AC56106} - System32\Tasks\{9673DE20-58A1-465A-A5EF-D1913BB9DC6E} => pcalua.exe -a "C:\Program Files (x86)\Samsung\Samsung New PC Studio\FsAdmin64.exe" -d C:\WINDOWS\system32 Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-31] (Microsoft Corporation) Task: {88773AF7-4A4E-45A6-B11A-3A23329B9BED} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-31] (Microsoft Corporation) Task: {8F2E4025-79DA-41C5-A826-BF99985E51BE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION Task: {9511EC59-464C-4BD6-AE05-234FE2518F52} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation) Task: {9DE2B8C6-EFF2-4ECA-8193-BF6F885EC48B} - System32\Tasks\GoogleUpdateTaskMachineUA1d0427330ebdcbc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.) Task: {A0C9590D-FB09-4AB8-8B90-4385627C0E04} - System32\Tasks\Microsoft Office 15 Sync Maintenance for STEPHANE-petitstefmarie3 stephane => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation) Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {AA17A8CD-7407-4E5D-BBF3-7CCF730318C6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update Task: {B6B70C06-9FD4-4E90-9520-0D0E8670223D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.) Task: {B96ABDF0-FA65-49FD-888B-E6A58811E411} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor) Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation) Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation) Task: {E0C2B065-4F49-402D-8F45-B11ED3AB117F} - System32\Tasks\GoogleUpdateTaskMachineUA1d001e16307fdbd => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.) Task: {E5840720-9494-4DE9-AECE-CE667487A917} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION Task: {E9772DA0-0022-463A-9EDA-1ABCC0B30FEA} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-01-13] () Task: {E9BFA1A0-5E3B-46EA-B371-DCEB1EF5E2C6} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f325d735aae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.) Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-31] (Microsoft Corporation) Task: {F8D185E6-80ED-432D-BD1B-601D3BCE3D7F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {FC597208-C4E7-4F2B-A0CB-3D5FB76472C4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d001e16307fdbd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0427330ebdcbc.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08f325d735aae.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-31 01:51 - 2015-07-31 01:51 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-07-31 00:57 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-02-06 20:51 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-07-31 01:51 - 2015-07-31 01:51 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2013-08-12 20:06 - 2013-08-12 20:06 - 00198120 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-08-12 20:06 - 2013-08-12 20:06 - 00054760 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-08-12 20:06 - 2013-08-12 20:06 - 00034792 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2015-08-05 19:30 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-05 19:30 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-08-05 19:30 - 2015-08-02 03:35 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll 2015-08-05 19:30 - 2015-08-02 03:36 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll 2015-07-10 13:00 - 2015-07-10 18:28 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-07-31 01:51 - 2015-07-31 01:51 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll 2015-08-05 19:30 - 2015-08-02 03:34 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-08-05 19:30 - 2015-08-02 03:37 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-08-05 19:30 - 2015-08-02 03:40 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2015-08-05 19:30 - 2015-08-02 03:35 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 13:00 - 2015-07-10 18:28 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-07-31 09:27 - 2015-07-31 09:33 - 06831616 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.540.1.0_x86__kgqvnymyfvs32\candycrushsaga.exe 2015-08-05 08:43 - 2015-08-05 08:43 - 07824896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2015-08-05 08:43 - 2015-08-05 08:43 - 02062336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2015-08-05 19:13 - 2015-07-31 08:46 - 01763144 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll 2015-08-05 19:13 - 2015-07-31 08:46 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll 2015-03-31 22:19 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-02-05 10:07 - 2015-02-05 10:07 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2015-04-11 20:08 - 2013-09-12 03:37 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-07-31 17:29 - 2015-07-31 22:58 - 01608432 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll 2013-10-30 21:33 - 2012-11-26 00:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll 2015-02-26 18:07 - 2014-02-18 20:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll 2015-07-31 09:28 - 2015-07-31 09:33 - 01288192 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.540.1.0_x86__kgqvnymyfvs32\SB_LIBEAY32.dll 2015-07-31 09:27 - 2015-07-31 09:33 - 00080384 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.540.1.0_x86__kgqvnymyfvs32\libEGL.dll 2015-07-31 09:27 - 2015-07-31 09:33 - 02076672 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.540.1.0_x86__kgqvnymyfvs32\libGLESv2.dll 2015-07-31 09:27 - 2015-07-31 09:33 - 00257536 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.540.1.0_x86__kgqvnymyfvs32\curl.dll 2015-07-31 09:28 - 2015-07-31 09:33 - 00293888 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.540.1.0_x86__kgqvnymyfvs32\SB_SSLEAY32.dll 2015-07-31 09:28 - 2015-07-31 09:33 - 00066560 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.540.1.0_x86__kgqvnymyfvs32\zlib.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Syst0D5F2F50:$WIMMOUNTDATA AlternateDataStreams: C:\Users\petitstefmarie3\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1468561344-554723036-469232721-1002\...\dell.com -> dell.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1468561344-554723036-469232721-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Dell\XPS 15 Wallpaper Red Mum Flower WQHD.jpg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: ss_conn_service => 2 HKLM\...\StartupApproved\Run32: => "Start_HSSModule" HKLM\...\StartupApproved\Run32: => "Start_SMSNotifier" HKLM\...\StartupApproved\Run32: => "Start_Update" HKLM\...\StartupApproved\Run32: => "Start_Statistics" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKU\S-1-5-21-1468561344-554723036-469232721-1002\...\StartupApproved\Run: => "DellSystemDetect" HKU\S-1-5-21-1468561344-554723036-469232721-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000" HKU\S-1-5-21-1468561344-554723036-469232721-1002\...\StartupApproved\Run: => "TomTomHOME.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{FFD55EDF-0FB6-4900-9544-E3DCD2BBAB16}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{88415488-DECF-4C6D-A8DF-C97DF4AD0470}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{CF4D6811-2D2A-4F8F-A64B-464B9ED92A47}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EC707074-0174-4178-83D5-3F0DF320ABAC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1DBAE6C2-4B13-4F98-A799-4B6932D9354E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{28149BA2-6876-4E68-86CD-AE7C72C62972}] => (Allow) C:\Users\petitstefmarie3\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{7D27A233-A8A6-497B-9230-E2BB511BEC6C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{2D2662A0-AC72-49CF-8B20-D93A467E7122}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DEABB362-30A2-4A90-AB8E-6C24504EC179}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{C0EE18A6-9FC2-48DD-B951-AB44D2DC6981}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{D86C0F2D-1030-4167-9955-34A5CF1B79C3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{4BABE853-7509-4965-9311-F90659DC9069}] => (Allow) LPort=1900 FirewallRules: [{FA2E2AF4-8C08-4303-85A4-B06368724FEE}] => (Allow) LPort=2869 FirewallRules: [{E8267AE0-BE78-43E5-A0DE-736848D400C3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{62F55307-634D-47D5-BF2E-602FC9E9FAE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{5CF9602D-ECD2-41C0-A220-F31356F7B1F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{3B33CF3B-1786-417A-A05D-8316FBDD5E4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{A7442B11-9FA1-425D-BC44-E48A169C1CBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{691955A4-1319-469E-9AE1-6B1AA4108F60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{08A525B2-F632-42B9-9E80-CB48747C4449}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/06/2015 11:37:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Template.exe, version : 1.0.0.0, horodatage : 0x55b1292b Nom du module défaillant : msvcr120_app.dll, version : 12.0.21005.1, horodatage : 0x524f7cdd Code d’exception : 0xc0000005 Décalage d’erreur : 0x0005b92a ID du processus défaillant : 0x420 Heure de début de l’application défaillante : 0xTemplate.exe0 Chemin d’accès de l’application défaillante : Template.exe1 Chemin d’accès du module défaillant: Template.exe2 ID de rapport : Template.exe3 Nom complet du package défaillant : Template.exe4 ID de l’application relative au package défaillant : Template.exe5 Error: (08/06/2015 11:37:47 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : Template.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : code d'exception c0000005, adresse d'exception 577AB92A Pile : Error: (08/06/2015 09:41:22 AM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyLpmServiceHelper WinMain: CreateSharedMemory() failed. Session ID = 1 Error: (08/06/2015 09:41:22 AM) (Source: DptfEvent) (EventID: 3) (User: ) Description: DptfPolicyLpmServiceHelper CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed Last error = [0x00000102] Session ID = 1 Error: (08/06/2015 09:41:16 AM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (10012) Impossible de créer le fichier journal, car la base de données ne peut pas écrire sur le lecteur. Ce lecteur est probablement en lecture seule, mal configuré ou endommagé ou son espace disque est insuffisant. Erreur -1032. Error: (08/06/2015 09:41:16 AM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (10012) Une tentative de création du fichier « C:\WINDOWS\system32\edbtmp.log » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération de création de fichier échouera en indiquant l’erreur -1032 (0xfffffbf8). Error: (08/06/2015 09:41:06 AM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (10012) Impossible de créer le fichier journal, car la base de données ne peut pas écrire sur le lecteur. Ce lecteur est probablement en lecture seule, mal configuré ou endommagé ou son espace disque est insuffisant. Erreur -1032. Error: (08/06/2015 09:41:06 AM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (10012) Une tentative de création du fichier « C:\WINDOWS\system32\edbtmp.log » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération de création de fichier échouera en indiquant l’erreur -1032 (0xfffffbf8). Error: (08/06/2015 09:40:56 AM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (10012) Impossible de créer le fichier journal, car la base de données ne peut pas écrire sur le lecteur. Ce lecteur est probablement en lecture seule, mal configuré ou endommagé ou son espace disque est insuffisant. Erreur -1032. Error: (08/06/2015 09:40:56 AM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (10012) Une tentative de création du fichier « C:\WINDOWS\system32\edbtmp.log » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération de création de fichier échouera en indiquant l’erreur -1032 (0xfffffbf8). System errors: ============= Error: (08/06/2015 09:37:35 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/06/2015 09:37:34 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/06/2015 09:37:33 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/06/2015 09:37:33 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/06/2015 09:37:32 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/06/2015 09:37:30 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/06/2015 09:37:29 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/06/2015 09:37:28 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/06/2015 09:37:27 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/06/2015 09:37:26 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Microsoft Office: ========================= Error: (08/06/2015 11:37:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Template.exe1.0.0.055b1292bmsvcr120_app.dll12.0.21005.1524f7cddc00000050005b92a42001d0d02b8829d432C:\Program Files\WindowsApps\Disney.FrozenFreeFall_2.9.0.2_x86__6rarf9sa4v8jt\Template.exeC:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x86__8wekyb3d8bbwe\msvcr120_app.dll4a40ff63-f2a3-4bbe-9dc1-2278e243e241Disney.FrozenFreeFall_2.9.0.2_x86__6rarf9sa4v8jtApp Error: (08/06/2015 11:37:47 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : Template.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : code d'exception c0000005, adresse d'exception 577AB92A Pile : Error: (08/06/2015 09:41:22 AM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.Session ID = 1 Error: (08/06/2015 09:41:22 AM) (Source: DptfEvent) (EventID: 3) (User: ) Description: DptfPolicyLpmServiceHelperCreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failedLast error = [0x00000102]Session ID = 1 Error: (08/06/2015 09:41:16 AM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost10012-1032 Error: (08/06/2015 09:41:16 AM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost10012C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Accès refusé. Error: (08/06/2015 09:41:06 AM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost10012-1032 Error: (08/06/2015 09:41:06 AM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost10012C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Accès refusé. Error: (08/06/2015 09:40:56 AM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost10012-1032 Error: (08/06/2015 09:40:56 AM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost10012C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Accès refusé. CodeIntegrity: =================================== Date: 2015-08-05 17:36:46.889 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-05 17:36:45.191 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-05 17:36:43.319 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-05 17:36:41.748 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-03 17:27:29.003 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-03 17:27:27.346 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-03 17:27:25.551 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-03 17:27:24.041 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4702HQ CPU @ 2.20GHz Percentage of memory in use: 21% Total physical RAM: 16287.05 MB Available physical RAM: 12713.75 MB Total Virtual: 18719.05 MB Available Virtual: 14834.41 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:460.39 GB) (Free:266.09 GB) NTFS Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32 Drive x: (PBR Image) (Fixed) (Total:6.95 GB) (Free:0.76 GB) NTFS Drive y: () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 4BB3A282) Partition: GPT Partition Type. ==================== End of log ============================