cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x86) Version:06-08-2015
Ran by Laurent (2015-08-07 17:02:11)
Running from C:\Users\Laurent\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-1558589277-265320636-2682692885-500 - Administrator - Disabled)
Invité (S-1-5-21-1558589277-265320636-2682692885-501 - Limited - Disabled)
Laurent (S-1-5-21-1558589277-265320636-2682692885-1001 - Administrator - Enabled) => C:\Users\Laurent

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Rising Antivirus (Enabled - Up to date) {DBC966C2-BD90-87CD-5A01-4DFB1D2EC867}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Rising Antivirus (Enabled - Up to date) {60A88726-9BAA-8843-60B1-768966A982DA}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"FIFA 14" (HKLM\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.4.0.0 - )
µTorrent (HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AnyProtect (HKLM\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Ballance (HKLM\...\{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}) (Version: - )
Bandizip (HKLM\...\Bandizip) (Version: 5.06 - Bandisoft.com)
Belfius Smart Card Reader Chrome-App (HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\{22723509-aab9-4276-8b57-734560faf359}) (Version: 2.3.2.0 - VASCO Data Security)
Belfius Smart Card Reader Chrome-App (Version: 2.3.2.0 - VASCO Data Security) Hidden
Bing Bureau (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.322.0 - Microsoft Corporation)
Cake Mania 2 Deluxe (HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\Cake Mania 2 Deluxe) (Version: 1.0.0 - Zylom Games)
Cake Mania 3 Deluxe (HKLM\...\ac01abb5591fe3b08e79b6c7a1752278) (Version: - Zylom)
Cake Mania 3 Deluxe (HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\Cake Mania 3 Deluxe) (Version: 1.0.0 - Zylom Games)
Cake Mania Deluxe (HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\Cake Mania Deluxe) (Version: 1.0.0 - Zylom Games)
Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Centre Souris et Claviers Microsoft (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Europa Universalis IV version 1.9.2 (HKLM\...\{99738B45-8F6C-4975-90FB-064867063BFB}_is1) (Version: 1.9.2 - REVOLUTiONiT)
FIFA 14 Ultimate Edition version 1.4 (HKLM\...\FIFA 14 Ultimate Edition_is1) (Version: 1.4 - Alucard2)
Fitness Dash FINAL 1.0.0.127 (HKLM\...\Fitness Dash FINAL 1.0.0.127) (Version: - )
FMRTE 15.3.2.16 (HKLM\...\{6D986DE6-CA9D-4E83-B49C-18C0BFEB6AD6}_is1) (Version: 15.3.2.16 - FMRTE)
Football Manager 2015 version 15.3.2 (HKLM\...\{BD2F10CE-5561-4A0A-BD82-EB56E87D4FFB}_is1) (Version: 15.3.2 - SEGA)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Guitar Hero III (HKLM\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.00.0000 - Aspyr)
Guitar Hero World Tour (HKLM\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
Hitman Blood Money (HKLM\...\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}) (Version: 1.00.0000 - Eidos)
Hotel Dash Suite Success (HKLM\...\Hotel Dash Suite Success1.0) (Version: 1.0 - AllSmartGames)
iNet Parchis version 2.0 (HKLM\...\iNet Parchis_is1) (Version: 2.0 - Nosfe)
istartsurf uninstall (HKLM\...\istartsurf uninstall) (Version: - istartsurf) <==== ATTENTION
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LEGO® Harry Potter™: Années 1 à 4 (HKLM\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Luxor (HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\Luxor) (Version: - )
LUXOR HD Deluxe (HKLM\...\LUXOR HD Deluxe) (Version: - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Medal of Honor débarquement allié (HKLM\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - )
Medal of Honor Débarquement allié En Formation (HKLM\...\{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}) (Version: - )
Medal of Honor Débarquement allié(tm) En Formation (HKLM\...\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}) (Version: - )
Medal of Honor Débarquement Allié(tm) l'Offensive (HKLM\...\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}) (Version: - )
Medal of Honor Débarquement Allié(tm) l'Offensive v2.40 Patch (HKLM\...\{DF9046D6-5F1F-40B6-9782-3DC2D902D391}) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mises à jour NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
MOH Débarquement allié En Formation Patch 2.15 (HKLM\...\{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}) (Version: - )
Need For Speed Underground (HKLM\...\{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version: - )
Need for Speed Underground 2 (HKLM\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Need for Speed™ Carbon (HKLM\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Pilote graphique 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM\...\{8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Panneau de configuration NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden
Pokémon Trading Card Game Online (HKLM\...\{73550466-AE32-47D0-9868-C6066BDC0A3D}) (Version: 1.0.0 - The Pokémon Company International)
PPruiaceLess (HKLM\...\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}) (Version: - ) <==== ATTENTION
RaNdomPriicea (HKLM\...\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}) (Version: - "") <==== ATTENTION
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.35.716.2014 - Realtek)
Rising Antivirus (HKLM\...\RAV) (Version: 24.00.45.22 - Beijing Rising Information Technology, Inc.)
RomStation (HKLM\...\{223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1) (Version: - RomStation)
Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Silver Bird (HKLM\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SmartWeb (HKLM\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION
SolSuite 2013 v13.0 (HKLM\...\SolSuite_is1) (Version: 13.0 - TreeCardGames)
Star Wars - Knights of the Old Republic 2 version Star Wars - Knights of the Old Republic 2 (HKLM\...\Star Wars - Knights of the Old Republic 2_is1) (Version: Star Wars - Knights of the Old Republic 2 - Alucard2)
Star Wars Jedi Knight Jedi Academy (HKLM\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version: - )
Star Wars JK II Jedi Outcast (HKLM\...\{576E71DA-3000-48F6-9B21-B9A70D47DFCF}) (Version: - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support PL 1.1 (HKLM\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5b9f95c1}) (Version: - riceLes) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TSLRCM 1.8.3 (HKLM\...\The Sith Lords Restored Content Mod_is1) (Version: - )
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.4000.250 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.4000.250 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (fr-FR) (Version: 13.0.4000.250 - TuneUp Software) Hidden
VASCO Card Reader Plug-In (32-Bit) (Version: 3.2.3.4 - VASCO Data Security) Hidden
VASCO Smart Card Reader Plug-In (User) (HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\{c77cb28d-ddd3-46f7-b51a-14a599127ba7}) (Version: 3.2.3.4 - VASCO Data Security)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Youda Farmer Premium Pack (HKLM\...\{FEEDBC3B-A09C-471A-8A43-EB8B6AC82D5F}) (Version: 1.0.0 - LeeGT-Games)
youtubeadblocker (HKLM\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{00b7e0ab-817a-44ad-a04b-d1148d524136}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Laurent\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Laurent\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Users\Laurent\AppData\Local\Bandizip\bdzshl32.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{7c6e29bc-8b8b-4c3d-859e-af6cd158be0f}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Laurent\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969c0-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969c1-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969c2-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969c3-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969c4-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969c5-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969c6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969c8-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969c9-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969ca-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{88d969d6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\Laurent\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{9E436272-69C3-5FBA-9C1D-15694337F4AC}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll (VASCO Data Security)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Laurent\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{B3A59759-E1D9-D186-FC0D-B121A947055B}\InprocServer32 -> C:\Windows\System32\bthprops.cpl (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{B3E7BC5B-0044-7034-2E22-4D2E483B2060}\InprocServer32 -> C:\Windows\System32\bthprops.cpl (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Laurent\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Laurent\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{C5391713-3806-A9AD-B01E-967CD2747BDB}\InprocServer32 -> C:\Windows\System32\bthprops.cpl (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{D31F93D2-E315-73E1-ACC7-AB1F727D073E}\InprocServer32 -> C:\Windows\System32\bthprops.cpl (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurent\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1558589277-265320636-2682692885-1001_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Laurent\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Restore Points =========================

05-08-2015 09:23:20 Removed Oracle VM VirtualBox 4.3.26
05-08-2015 10:08:06 Revo Uninstaller's restore point - 爱奇艺影音
05-08-2015 10:09:48 Revo Uninstaller's restore point - Snap.Do
05-08-2015 10:27:36 Revo Uninstaller's restore point - 爱奇艺影音
05-08-2015 11:07:52 Revo Uninstaller's restore point - Snap.Do
05-08-2015 16:11:21 Revo Uninstaller's restore point - TampaRunner
05-08-2015 16:21:43 Software Removal Tool

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:17 - 2015-04-25 16:05 - 00000952 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 mp02.maniaplanet.com
127.0.0.1 mp01.maniaplanet.com
127.0.0.1 mp03.maniaplanet.com
127.0.0.1 GAME.maniaplanet.com


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {134B73B5-112F-4343-A9C9-AD17A5CCD6DC} - System32\Tasks\{2EFD29C2-D7D9-44F1-BA6C-A5D56AE4B2BA} => pcalua.exe -a E:\SetupUbi.exe -d E:\
Task: {1B6527BA-963F-4930-BD95-807423DC7544} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Laurent\AppData\Roaming\~sogwghs.exe
Task: {35805EFD-D6B2-49F4-81F7-5076280EFEB6} - System32\Tasks\{39857F90-4608-487E-9E68-26FA6E36D5AD} => pcalua.exe -a "D:\Program Files(x86)\Jeux\Jeux de restaurant,spa,garages,archeologues\Diner Dash Series.exe" -d "D:\Program Files(x86)\Jeux\Jeux de restaurant,spa,garages,archeologues"
Task: {36D2B62B-E5FD-4B92-943A-19F5ACAC0650} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {3C8926AE-3F53-4CB4-9A6C-B46CB747CD7E} - System32\Tasks\{0C406FF4-DE2F-4FD8-A042-565EADC8C27A} => pcalua.exe -a "C:\Users\Laurent\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe"
Task: {3F3040ED-58D3-46B8-854F-E7F18DBC2E16} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {4247120A-C963-40B7-97EF-6D828C8DEE0D} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {426D7CCB-8506-4A71-9395-55457AD22CE5} - System32\Tasks\{14FAE57E-A54F-4155-B8C9-A24F15F458F4} => pcalua.exe -a E:\startup.exe -d E:\
Task: {4DCF3047-FC46-40C1-B136-BA7B29E0B88C} - System32\Tasks\3t75CSxq3MBkKsa => C:\Users\Laurent\AppData\Roaming\NEzyvOf\qLlYhjk.exe
Task: {56F3ACE7-C55C-4215-99F1-42D53859B7CA} - System32\Tasks\{FF76614A-14B6-4171-9C12-ED1FCFB59F5A} => pcalua.exe -a "D:\Program Files(x86)\Jeux\Jeux de restaurant\Diner Dash Series.exe" -d "D:\Program Files(x86)\Jeux\Jeux de restaurant"
Task: {5887EEAA-3DAB-4C50-96F9-67B1EE225164} - System32\Tasks\{0D853177-3C96-41F1-B392-331DDC35F856} => pcalua.exe -a "D:\Program Files(x86)\Jeux\Jeux de restaurant,spa,garages,archeologues\Diner Dash Series.exe" -d "D:\Program Files(x86)\Jeux\Jeux de restaurant,spa,garages,archeologues"
Task: {5D1912C8-3DC4-4BA1-98EF-72A004F3A36D} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Laurent\AppData\Roaming\~wxbbmjl.exe
Task: {644D617D-85A4-4097-8ABB-BB295BE70B0F} - System32\Tasks\{8294182B-8885-4EE0-83B1-D1451C1725C5} => pcalua.exe -a "D:\Program Files(x86)\Jeux\Jeux d'action-aventures\Hitman\RegSetup.exe" -d "D:\Program Files(x86)\Jeux\Jeux d'action-aventures\Hitman"
Task: {653137B5-582C-484F-96AA-5EB23B5BF994} - System32\Tasks\{DA0A4F96-C0B8-46FD-9EAD-DC86477DE336} => pcalua.exe -a E:\steambackup.exe -d E:\
Task: {6CD8D865-450C-4DB1-8A4B-32959E26D052} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {771F2CD0-64FB-4296-A62B-42C355A7DEEA} - System32\Tasks\kP7rGZWCq0A0XPY => C:\Users\Laurent\AppData\Roaming\dDWGR0X\V8YuD4u.exe
Task: {7ADA45C1-946C-408B-BE19-71A719AD2202} - System32\Tasks\WIN-statsSystem => C:\Users\Laurent\AppData\Local\Microsoft\WinU\~rdhdjet.exe
Task: {7C3E7DBB-7D99-42D2-9DB8-A7C562A67561} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {8A7EAB1F-689C-4D8A-BD4C-B303DDC01C28} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8BD3033E-2929-4C29-937D-8AAC6AEED3B4} - \Oxy Updater No Task File <==== ATTENTION
Task: {92285879-275E-40AB-B4BD-1C3C6D56A7BD} - System32\Tasks\{CE3799B4-744A-4A19-94A4-61AE8D67A9AA} => pcalua.exe -a C:\Users\Laurent\Downloads\of1108.exe -d C:\Users\Laurent\Downloads
Task: {A6C67DD5-4C57-45A8-853C-BBA238A08D02} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {B38D038D-4AD9-45E3-9B6B-8157A4928133} - System32\Tasks\{1A76D823-0D3D-4D5F-914B-B59A3E8713F6} => pcalua.exe -a "D:\Program Files(x86)\Jeux\Jeux d'action-aventures\Hitman Codename 47\RegSetup.exe" -d "D:\Program Files(x86)\Jeux\Jeux d'action-aventures\Hitman Codename 47"
Task: {B63F3BED-B223-4307-B265-F0CA039D11EE} - System32\Tasks\Software Removal Tool post reboot run => C:\Users\Laurent\AppData\Local\Temp\4D26.exe <==== ATTENTION
Task: {B9A0B200-DFC8-49E7-8425-C74C1C020868} - System32\Tasks\{98AE0E78-9A0B-49AB-8152-6382868E5A76} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {BF70527F-497E-48F4-832B-7943D588239C} - System32\Tasks\9cj2loE2yE23TOp => C:\Users\Laurent\AppData\Roaming\GbW8RaD\2x3dPZQ.exe
Task: {DD6E5A49-E6F5-43E8-9AA0-D164D4A4367A} - System32\Tasks\{07AA6FB7-8C39-4503-A38E-6E7A43B4E9AE} => pcalua.exe -a "D:\Program Files(x86)\Jeux\Hotel Dash 2 Lost Luxuries\Hotel Dash 2 - Lost Luxuries.exe" -d "D:\Program Files(x86)\Jeux\Hotel Dash 2 Lost Luxuries"
Task: {E57590A7-DD98-492C-9863-1A686263AF51} - System32\Tasks\WIN-statsAdmin => C:\Users\Laurent\AppData\Local\Microsoft\WinU\~jbkfquy.exe <==== ATTENTION
Task: {ED2C09E4-8BE1-4F87-B478-6224D4B5EBCA} - System32\Tasks\{0B1B65AD-1457-434F-9013-2A0BFB9DDAF6} => pcalua.exe -a "C:\Program Files\GreyGray\GreyGrayuninstall.exe"
Task: {FED3B1F4-D1C8-42E2-B8C4-8C99FF54FAF3} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\PROGRAM FILES\RISING\RAV\rsdelaylauncher.exe [2014-05-15] (Beijing Rising Information Technology Co., Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1558589277-265320636-2682692885-1001Core1d0c5e192676c4c.job => C:\Users\Laurent\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HandyLogs.job => c:\programdata\{ec6e8280-eeec-824d-ec6e-e8280eee0a03}\priceless_p_soft_partner.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2013-07-15 13:42 - 2015-02-04 04:05 - 00106640 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-08-07 11:55 - 2015-08-07 11:55 - 02638336 _____ () c:\Program Files\StatMonitor\StatMonitor.dll
2015-08-07 11:52 - 2015-08-07 11:52 - 00066048 _____ () C:\Users\Laurent\AppData\Roaming\Startled Promise\Startled Promise.exe
2014-01-28 11:33 - 2014-01-28 11:33 - 00607032 _____ () C:\Program Files\TuneUp Utilities 2013\avgreplibx.dll
2015-04-15 13:20 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Laurent:zylomtest
AlternateDataStreams: C:\Users\Laurent:zylomtr{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VU0}
AlternateDataStreams: C:\Users\Laurent:zylomtr{000HQ7FF-AD7A-3FG2-CB1H-264U84BSAVVI}
AlternateDataStreams: C:\Users\Laurent:zylomtr{000HQ7FF-AD7A-3FG4-RLQO-285DUDG5UVVB}
AlternateDataStreams: C:\ProgramData\TEMP:14CCB222
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:33384BC0
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:3A6BC948
AlternateDataStreams: C:\ProgramData\TEMP:4B244549
AlternateDataStreams: C:\ProgramData\TEMP:5A8F8A0C
AlternateDataStreams: C:\ProgramData\TEMP:708BB0FA
AlternateDataStreams: C:\ProgramData\TEMP:80B291A7
AlternateDataStreams: C:\ProgramData\TEMP:9C5EEE30
AlternateDataStreams: C:\ProgramData\TEMP:B12D1A7D
AlternateDataStreams: C:\ProgramData\TEMP:C86B29EB
AlternateDataStreams: C:\ProgramData\TEMP:CEE4A457
AlternateDataStreams: C:\ProgramData\TEMP:D2A5A561
AlternateDataStreams: C:\ProgramData\TEMP:D4D38596
AlternateDataStreams: C:\ProgramData\TEMP:E5DE9C8F
AlternateDataStreams: C:\ProgramData\TEMP:E937120C
AlternateDataStreams: C:\ProgramData\TEMP:FACB65E7

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\ma-config.com -> hxxp://ma-config.com
IE trusted site: HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\touslesdrivers.com -> hxxp://touslesdrivers.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1558589277-265320636-2682692885-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Laurent\AppData\Local\Microsoft\BingDesktop\themes\2015-04-12.jpg
DNS Servers: 195.130.130.129 - 195.130.131.129
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "ApnTBMon"
HKLM\...\StartupApproved\Run: => "BingDesktop"
HKLM\...\StartupApproved\Run: => "Steam"
HKLM\...\StartupApproved\Run: => "uTorrent"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Salus"
HKLM\...\StartupApproved\Run: => "gmsd_be_153"
HKLM\...\StartupApproved\Run: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run: => "RSDTRAY"
HKLM\...\StartupApproved\Run: => "RavTRAY"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\StartupFolder: => "Logitech . Enregistrement du produit.lnk"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "Cracked Steam Service"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "Twoo"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "Browser Infrastructure Helper"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4C0B8624EA365B4F6304B5DF2BBE0388"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "SwvUpdtr"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1558589277-265320636-2682692885-1001\...\StartupApproved\Run: => "apphide"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{646773C2-D038-4310-A99E-AAC487F18D89}] => (Allow) LPort=48113
FirewallRules: [{671218C3-E2B9-489A-9523-C51231790D0F}] => (Allow) LPort=48114
FirewallRules: [{3779A02D-89D1-414B-96CD-F8FEA556C5DE}] => (Allow) C:\Program Files\Origin\Origin.exe
FirewallRules: [{6CB5B8B7-2ECA-48D3-8B31-6469B71C3B5C}] => (Allow) C:\Program Files\Origin\Origin.exe
FirewallRules: [{090B3BFD-5C39-4643-99E7-0E9286BB5649}] => (Allow) C:\Program Files\Origin\Origin.exe
FirewallRules: [{1BAC9E9B-0C50-4391-A522-F5DAE90E1BF9}] => (Allow) C:\Program Files\Origin\Origin.exe
FirewallRules: [{5F4D9AA5-7AF0-4E43-985D-C29F88F9A732}] => (Allow) C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8D8FD5A5-A2F0-4DC8-8429-BF4FD19A9BB2}] => (Allow) C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{00B27204-6D8F-432A-BAB5-6DD44104C465}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{ACA2FF18-0807-41AC-B242-E0799348B626}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{38EB91B3-2DF0-4F65-998D-D8B3336685E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5567E156-49BF-4B8E-B56F-D2A63B1BBE36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7291CEAB-2847-4A38-B96E-B6594713C95D}] => (Allow) LPort=9091
FirewallRules: [TCP Query User{378DF372-EB27-41C6-8587-69D99AE8EAE8}D:\program files(x86)\jeux\romstation\emulation\gameboy advance\visualboyadvance link\visualboyadvance.exe] => (Allow) D:\program files(x86)\jeux\romstation\emulation\gameboy advance\visualboyadvance link\visualboyadvance.exe
FirewallRules: [UDP Query User{3DE3B054-769B-462C-885A-66F17DAC594E}D:\program files(x86)\jeux\romstation\emulation\gameboy advance\visualboyadvance link\visualboyadvance.exe] => (Allow) D:\program files(x86)\jeux\romstation\emulation\gameboy advance\visualboyadvance link\visualboyadvance.exe
FirewallRules: [{4E1D3FA4-0F1B-4BDB-A0F7-18C6126B270D}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1C518498-5875-4C5A-A580-F77EAD2E6258}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F7959700-9BF8-4F49-A745-A126565AB68A}] => (Allow) C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BD0CD954-7FD5-4D7C-A8DA-09A670C8B0E3}] => (Allow) C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E31A949A-CAD0-4A81-AB30-A513C4B0FD3C}] => (Allow) C:\Users\Laurent\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FE5B3506-3D44-4EE7-BE29-EF43DA1FA7E7}] => (Allow) C:\Users\Laurent\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A3DD181F-6856-4D66-9D99-4EE8B7E2597C}C:\users\laurent\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\laurent\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{23993482-B8A1-4452-AD4F-5FAB7C5873C9}C:\users\laurent\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\laurent\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{F0C8EA82-5850-44D9-9B56-BE5CDA2627DA}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{E811E395-2222-4406-A3D6-AA093B3935DD}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{2A9A180C-BA8F-40CB-A6B4-6288BB713C70}D:\program files(x86)\jeux\fifa 14 ultimate edition\game\fifa14.exe] => (Allow) D:\program files(x86)\jeux\fifa 14 ultimate edition\game\fifa14.exe
FirewallRules: [UDP Query User{53EC62E5-DA83-4829-BC6D-69DEEB716E59}D:\program files(x86)\jeux\fifa 14 ultimate edition\game\fifa14.exe] => (Allow) D:\program files(x86)\jeux\fifa 14 ultimate edition\game\fifa14.exe
FirewallRules: [{AADD0A61-DC51-4A5C-BFEB-DACF502E0EB5}] => (Allow) D:\FIFA 14\Game\fifa14.exe
FirewallRules: [{B468F90D-B7AF-4C44-B456-7162F375879B}] => (Allow) D:\FIFA 14\Game\fifa14.exe
FirewallRules: [TCP Query User{B2029BBA-B02A-4FDC-8323-D24B2692E9ED}C:\program files\ea games\mohda\mohaa.exe] => (Allow) C:\program files\ea games\mohda\mohaa.exe
FirewallRules: [UDP Query User{FE14E6B8-C62C-426F-A5EF-E97DEC68FB41}C:\program files\ea games\mohda\mohaa.exe] => (Allow) C:\program files\ea games\mohda\mohaa.exe
FirewallRules: [TCP Query User{0891AD2D-E7A1-4DBA-85F6-23BF9C84C22C}C:\program files\ea games\mohda\moh_spearhead.exe] => (Allow) C:\program files\ea games\mohda\moh_spearhead.exe
FirewallRules: [UDP Query User{74B75AA0-C207-403F-8854-0259B73AB9AC}C:\program files\ea games\mohda\moh_spearhead.exe] => (Allow) C:\program files\ea games\mohda\moh_spearhead.exe
FirewallRules: [TCP Query User{F0D4C3AC-DBC8-41F3-9D61-F432C56BE4E7}C:\program files\ea games\mohda\moh_breakthrough.exe] => (Allow) C:\program files\ea games\mohda\moh_breakthrough.exe
FirewallRules: [UDP Query User{B3064D4B-100F-49DF-A797-D5CC244CCDF9}C:\program files\ea games\mohda\moh_breakthrough.exe] => (Allow) C:\program files\ea games\mohda\moh_breakthrough.exe
FirewallRules: [{F378EEE2-37A8-451B-9DE4-703BE9ACE914}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{AEDD080A-5C1B-477E-B429-7EF02D819876}] => (Allow) C:\Users\Laurent\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
FirewallRules: [{3FEDC076-E11B-4DD8-8A5B-1D7EF22016DD}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{938B58F0-2246-4A7D-92EC-8352D6B907D3}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{20B9345E-A76A-4D85-899E-6567459D83EE}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{D9EC6C8C-565E-4FAB-9E3D-86E2935DFFBD}] => (Allow) C:\Program Files\Rising\RAV\ravmond.exe
FirewallRules: [{B4BE9403-EDB2-434D-BAB5-C1DAFFC880DD}] => (Allow) C:\Program Files\Rising\RAV\ravmond.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2015 04:55:00 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (368) WindowsMail0: La sauvegarde a été arrêtée car elle a été interrompue par le client ou la connexion avec le client a échoué.

Error: (08/07/2015 12:51:45 PM) (Source: ) (EventID: 0) (User: )
Description: 7

Error: (08/07/2015 12:51:45 PM) (Source: ) (EventID: 0) (User: )
Description: 6

Error: (08/07/2015 12:51:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante moh_Breakthrough.exe, version : 1.0.0.1, horodatage : 0x3fcc273c
Nom du module défaillant : mss32.dll, version : 3.0.0.0, horodatage : 0x3bccbaf7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00014c6c
ID du processus défaillant : 0x7a4
Heure de début de l’application défaillante : 0xmoh_Breakthrough.exe0
Chemin d’accès de l’application défaillante : moh_Breakthrough.exe1
Chemin d’accès du module défaillant: moh_Breakthrough.exe2
ID de rapport : moh_Breakthrough.exe3
Nom complet du package défaillant : moh_Breakthrough.exe4
ID de l’application relative au package défaillant : moh_Breakthrough.exe5

Error: (08/07/2015 11:45:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AnyProtect.exe, version : 1.0.0.4, horodatage : 0x54f88f35
Nom du module défaillant : Flash.ocx, version : 18.0.0.209, horodatage : 0x55a1f0b1
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0023a9a7
ID du processus défaillant : 0xa64
Heure de début de l’application défaillante : 0xAnyProtect.exe0
Chemin d’accès de l’application défaillante : AnyProtect.exe1
Chemin d’accès du module défaillant: AnyProtect.exe2
ID de rapport : AnyProtect.exe3
Nom complet du package défaillant : AnyProtect.exe4
ID de l’application relative au package défaillant : AnyProtect.exe5

Error: (08/07/2015 10:10:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante explorer.exe, version : 6.2.9200.16628, horodatage : 0x51a942ac
Nom du module défaillant : USER32.dll, version : 6.2.9200.17313, horodatage : 0x5507a267
Code d’exception : 0xc0000142
Décalage d’erreur : 0x000a477c
ID du processus défaillant : 0xe70
Heure de début de l’application défaillante : 0xexplorer.exe0
Chemin d’accès de l’application défaillante : explorer.exe1
Chemin d’accès du module défaillant: explorer.exe2
ID de rapport : explorer.exe3
Nom complet du package défaillant : explorer.exe4
ID de l’application relative au package défaillant : explorer.exe5

Error: (08/06/2015 03:47:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante RsMgrSvc.exe, version : 1.0.0.57, horodatage : 0x55c164d1
Nom du module défaillant : RsMgrSvc.exe, version : 1.0.0.57, horodatage : 0x55c164d1
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00013ff2
ID du processus défaillant : 0x1780
Heure de début de l’application défaillante : 0xRsMgrSvc.exe0
Chemin d’accès de l’application défaillante : RsMgrSvc.exe1
Chemin d’accès du module défaillant: RsMgrSvc.exe2
ID de rapport : RsMgrSvc.exe3
Nom complet du package défaillant : RsMgrSvc.exe4
ID de l’application relative au package défaillant : RsMgrSvc.exe5

Error: (08/06/2015 03:47:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante nvstreamsvc.exe, version : 4.1.1944.2762, horodatage : 0x5515f59e
Nom du module défaillant : KERNELBASE.dll, version : 6.2.9200.17313, horodatage : 0x5507a267
Code d’exception : 0xc0000142
Décalage d’erreur : 0x000a477c
ID du processus défaillant : 0xba4
Heure de début de l’application défaillante : 0xnvstreamsvc.exe0
Chemin d’accès de l’application défaillante : nvstreamsvc.exe1
Chemin d’accès du module défaillant: nvstreamsvc.exe2
ID de rapport : nvstreamsvc.exe3
Nom complet du package défaillant : nvstreamsvc.exe4
ID de l’application relative au package défaillant : nvstreamsvc.exe5

Error: (08/06/2015 12:18:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme InstallManager.exe version 0.0.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus : 15f4

Heure de début : 01d0d031388e6a9b

Heure de fin : 0

Chemin d’accès de l’application : C:\Users\Laurent\AppData\Local\Temp\is-9UH0V.tmp\InstallManager.exe

ID de rapport : 814c7504-3c24-11e5-b373-001fe254785f

Nom complet du package défaillant :

ID de l’application relative au package défaillant :

Error: (08/06/2015 12:18:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme s9849.exe version 3.1.40.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus : 1378

Heure de début : 01d0d030f5f091d1

Heure de fin : 4294967295

Chemin d’accès de l’application : C:\Users\Laurent\AppData\Local\Temp\n9849\s9849.exe

ID de rapport : 723b6360-3c24-11e5-b373-001fe254785f

Nom complet du package défaillant :

ID de l’application relative au package défaillant :


System errors:
=============
Error: (08/07/2015 04:56:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur :
%%2

Error: (08/07/2015 04:53:44 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: prodrv06.sys

Error: (08/07/2015 04:53:41 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: prohlp02.sys

Error: (08/07/2015 04:53:41 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: prosync1.sys

Error: (08/07/2015 04:53:41 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: sfhlp01.sys

Error: (08/07/2015 02:58:29 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Le service Client de stratégie de groupe ne s’est pas fermé correctement après avoir reçu une commande d’anticipation de fermeture.

Error: (08/07/2015 11:10:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Ctrl Log Off n’a pas pu démarrer en raison de l’erreur :
%%2

Error: (08/07/2015 11:10:13 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: prodrv06.sys

Error: (08/07/2015 11:10:10 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: prohlp02.sys

Error: (08/07/2015 11:10:10 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: prosync1.sys


Microsoft Office:
=========================
Error: (08/07/2015 04:55:00 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail368WindowsMail0:

Error: (08/07/2015 12:51:45 PM) (Source: ) (EventID: 0) (User: )
Description: 7

Error: (08/07/2015 12:51:45 PM) (Source: ) (EventID: 0) (User: )
Description: 6

Error: (08/07/2015 12:51:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: moh_Breakthrough.exe1.0.0.13fcc273cmss32.dll3.0.0.03bccbaf7c000000500014c6c7a401d0d0fcbd6d7199C:\Program Files\EA GAMES\MOHDA\moh_Breakthrough.exeC:\PROGRA~1\EAGAME~1\MOHDA\snddrivers\mss32.dll48eb5d2b-3cf2-11e5-b375-001fe254785f

Error: (08/07/2015 11:45:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AnyProtect.exe1.0.0.454f88f35Flash.ocx18.0.0.20955a1f0b1c00000050023a9a7a6401d0d0f5ceb0ae5eC:\Program Files\AnyProtectEx\AnyProtect.exeC:\Windows\System32\Macromed\Flash\Flash.ocx17c2bafc-3ce9-11e5-b375-001fe254785f

Error: (08/07/2015 10:10:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.2.9200.1662851a942acUSER32.dll6.2.9200.173135507a267c0000142000a477ce7001d0d0e87d8e7a88C:\WINDOWS\explorer.exeUSER32.dllbbed8cdd-3cdb-11e5-b374-001fe254785f

Error: (08/06/2015 03:47:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RsMgrSvc.exe1.0.0.5755c164d1RsMgrSvc.exe1.0.0.5755c164d1c000000500013ff2178001d0d04082d7021dC:\Program Files\Rising\RSD\RsMgrSvc.exeC:\Program Files\Rising\RSD\RsMgrSvc.exebaacf74c-3c41-11e5-b373-001fe254785f

Error: (08/06/2015 03:47:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.1.1944.27625515f59eKERNELBASE.dll6.2.9200.173135507a267c0000142000a477cba401d0d04e74029498C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeKERNELBASE.dllb2c5a11a-3c41-11e5-b373-001fe254785f

Error: (08/06/2015 12:18:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: InstallManager.exe0.0.0.015f401d0d031388e6a9b0C:\Users\Laurent\AppData\Local\Temp\is-9UH0V.tmp\InstallManager.exe814c7504-3c24-11e5-b373-001fe254785f

Error: (08/06/2015 12:18:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: s9849.exe3.1.40.0137801d0d030f5f091d14294967295C:\Users\Laurent\AppData\Local\Temp\n9849\s9849.exe723b6360-3c24-11e5-b373-001fe254785f


==================== Memory info ===========================

Processor: AMD Athlon(tm) Dual Core Processor 4850e
Percentage of memory in use: 32%
Total physical RAM: 2047.3 MB
Available physical RAM: 1390.88 MB
Total Virtual: 4223.3 MB
Available Virtual: 3422.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.67 GB) (Free:18.7 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:158.21 GB) (Free:10.01 GB) NTFS
Drive e: (MOHAAB) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 256E256D)
Partition 1: (Active) - (Size=74.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=158.2 GB) - (Type=OF Extended)

==================== End of log ============================

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !