cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2017
Ran by PC-ABDERRAHMEN (28-07-2017 00:05:23)
Running from C:\Users\PC-ABDERRAHMEN\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-02 03:40:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-256474428-2574812502-1661256676-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-256474428-2574812502-1661256676-503 - Limited - Disabled)
Guest (S-1-5-21-256474428-2574812502-1661256676-501 - Limited - Disabled)
PC-ABDERRAHMEN (S-1-5-21-256474428-2574812502-1661256676-1001 - Administrator - Enabled) => C:\Users\PC-ABDERRAHMEN

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-256474428-2574812502-1661256676-1001\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_1) (Version: 13.8.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Photoshop Elements 15 (HKLM-x32\...\{E2D8F773-2E59-45CA-B0EA-CFFA5354A9E7}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 15 (HKLM-x32\...\{FD45A9C9-02BE-4E62-8629-78DF29A10FF5}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Shockwave Player + Authorware Web Player (HKLM-x32\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.2.0.162 - Adobe Systems, Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
Assassin's Creed Unity version 1.4.0 (HKLM-x32\...\{5CF3C6FD-33E1-46B6-870F-89478DEFF185}_is1) (Version: 1.4.0 - UBISoft)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Canon LBP6020 (HKLM\...\Canon LBP6020) (Version: - )
EVGA Precision XOC (HKLM-x32\...\{C4FD6CD6-61FB-46D9-BAA2-7E6FD4B40A78}) (Version: 6.1.10 - EVGA Corporation)
FastReport 5 Embarcadero edition (HKLM-x32\...\{45FF9095-12DA-42c0-B68B-F40268321789}) (Version: Embarcadero Edition - FastReports)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts)
Foxit PhantomPDF Business (HKLM-x32\...\{07396229-2F49-48AC-B275-F95228EC1E95}) (Version: 7.3.4.311 - Foxit Software Inc.)
Gaming Assistant (HKLM-x32\...\{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}) (Version: 1.0.3 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GTA Save Editor (HKLM-x32\...\GTA Save Editor) (Version: 2.2.0.1 - XB36Hazard)
Hide ALL IP 2017.07.09 (HKLM-x32\...\{02FC1980-2123-451F-8CB7-C9B60BE40717}_is1) (Version: - www.hideallip.com)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - اسم شركتك)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
KB4023057 (HKLM\...\{27C6D60B-CAD4-4C70-A1F2-299C731EA8F7}) (Version: 2.0.0.0 - Microsoft Corporation)
Kodi (HKU\S-1-5-21-256474428-2574812502-1661256676-1001\...\Kodi) (Version: - XBMC-Foundation)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 1.6.4882.94 - Waves Audio Ltd.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.8229.2103 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Windows 10 SDK Installer (HKLM-x32\...\Microsoft Windows 10 SDK Installer) (Version: 17.0 - Embarcadero Technologies Inc.)
Mozilla Firefox 54.0.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 fr)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.8.2.0 - Duodian Technology Co. Ltd.)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2103 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2103 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.14.21968 - Electronic Arts, Inc.)
PES Professionals Patch 2017 FIX V1 (HKLM-x32\...\PES Professionals Patch 2017 FIX V1) (Version: V1 - PES Professionals)
PES Professionals Patch 2017 Fix V3 (HKLM-x32\...\PES Professionals Patch 2017 Fix V3) (Version: V3 - PES Professionals)
PES Professionals Patch 2017 V1 V1 (HKLM-x32\...\PES Professionals Patch 2017 V1 V1) (Version: V1 - PES Professionals)
PES Professionals Patch 2017 V2 V2 (HKLM-x32\...\PES Professionals Patch 2017 V2 V2) (Version: V2 - PES Professionals)
PES Professionals Patch 2017 V2.1 Fix V2.1 (HKLM-x32\...\PES Professionals Patch 2017 V2.1 Fix V2.1) (Version: V2.1 - PES Professionals)
PES Professionals Patch 2017 V2.1 V2.1 (HKLM-x32\...\PES Professionals Patch 2017 V2.1 V2.1) (Version: V2.1 - PES Professionals)
PES Professionals Patch 2017 V3 V3 (HKLM-x32\...\PES Professionals Patch 2017 V3 V3) (Version: V3 - PES Professionals)
PES Professionals Patch 2017 V3.1 (HKLM-x32\...\PES Professionals Patch 2017 V3.1) (Version: V3.1 - PES Professionals)
PES Professionals Patch 2017 V3.2 (HKLM-x32\...\PES Professionals Patch 2017 V3.2) (Version: V3.2 - PES Professionals)
PES Professionals Patch 2017 VuVuzela Sound V2.1 (HKLM-x32\...\PES Professionals Patch 2017 VuVuzela Sound V2.1) (Version: V2.1 - PES Professionals)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.2.12.485 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7409 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
R-Studio 8.1 (HKLM-x32\...\R-Studio 8.1NSIS) (Version: 8.1.165145 - R-Tools Technology Inc.)
SAM CoDeC Pack (HKLM\...\SAM CoDeC Pack) (Version: 5.85 - www.SamLab.ws)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SMADAV version 11.1 (HKLM-x32\...\{8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1) (Version: 11.1 - Smadsoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.9.0 - Synaptics Incorporated)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
UpdateAssistant (HKLM-x32\...\{139493B2-F1BC-4F05-A974-B49297C1EB04}) (Version: 1.1.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
USB Network Joystick (BM) (HKLM-x32\...\{2D8DCCA2-2339-4155-A29B-46041362DFDD}) (Version: 1.00.0000 - )
Viber (HKLM-x32\...\{7E4DB6F5-C18D-4808-B8A1-9E6845820DDF}) (Version: 6.5.4.461 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-256474428-2574812502-1661256676-1001\...\{644eebdd-04e8-4c17-9eb2-1e0d7023b73f}) (Version: 6.5.4.461 - Viber Media Inc.)
Watch_Dogs 2 (HKLM-x32\...\{B0E33297-78B1-4B37-B8C1-39150F2DEE43}_is1) (Version: - Ubisoft)
Windows 10 Manager (HKU\S-1-5-21-256474428-2574812502-1661256676-1001\...\Windows 10 Manager 2.1.0) (Version: 2.1.0 - Yamicsoft)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.50 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.4 - win.rar GmbH)
Wondershare Filmora(Build 8.2.3) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
ZenVPN (HKLM-x32\...\ZenVPN) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2014-08-28] (Qualcomm®Atheros®)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2016-03-09] (Foxit Software Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-06-16] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-06-16] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers3: [SmadExt] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => C:\Program Files (x86)\SMADAV\SmadExtc64.dll [2013-11-27] (Smadsoft)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-08] (NVIDIA Corporation)
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [SmadExt] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => C:\Program Files (x86)\SMADAV\SmadExtc64.dll [2013-11-27] (Smadsoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-06-16] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-06-16] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06A70560-4CB9-4DF8-AE82-F1332C696E44} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-08] (NVIDIA Corporation)
Task: {0C6F5DE6-D164-463E-B303-4171555E434A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-08] (NVIDIA Corporation)
Task: {1F21FD6A-187B-4960-8164-C4C5022AD9CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-04] (Google Inc.)
Task: {28285133-7E3E-44E9-BAE1-CBA6D2395BD8} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {297BA399-EF14-4AA7-BC8E-06CC6D1D6296} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-19] (Realtek Semiconductor)
Task: {3B9F1077-2FC6-45E7-9957-E2559940B2BA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-08] (NVIDIA Corporation)
Task: {477AE1F3-A8EE-43DE-8867-A1CED2943EC2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-25] ()
Task: {478B5CAE-0DC0-4A52-869D-ABD6DA332AF2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-08] (NVIDIA Corporation)
Task: {4BF4FD70-B592-4828-9630-1ADB011F0315} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-19] (Realtek Semiconductor)
Task: {55BE1AC8-3C2F-4AAE-98AB-44CD6C89B515} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-08] (NVIDIA Corporation)
Task: {62F88E61-EE7A-44A2-A708-2537A430DEB3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-08] (NVIDIA Corporation)
Task: {633ADCDB-092C-426B-9219-A27940FE6B21} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {67C3F1FA-D4A3-4650-AE56-75C5BF1DAFB2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-13] (Adobe Systems Incorporated)
Task: {7AB56878-9B80-4003-BC93-C87910517E83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-04] (Google Inc.)
Task: {7C5556C8-A5F5-40D2-BD53-8055C7A79B75} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-12] (ASUSTek Computer Inc.)
Task: {7C984EB8-2FDB-4A20-AFB6-A2987CE23950} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2016-06-21] (Microsoft Corporation)
Task: {856E84A8-6533-4B24-978D-8F50035074F9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-18] (Microsoft Corporation)
Task: {863EFA00-4406-4118-B5ED-EDE73D1F9484} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-18] (Microsoft Corporation)
Task: {8CB5A50E-F504-4746-87D3-E6324214A96F} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe [2017-07-12] (Microsoft Corporation)
Task: {8F7E1396-CCA2-4D1D-B27A-98B908597CCF} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {90B483B6-E79F-4EE0-9BDF-3B8EF4E7AD53} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-13] (Adobe Systems Incorporated)
Task: {AA77E912-207B-41F2-A97D-20519E69F8BE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-19] (Realtek Semiconductor)
Task: {AC4DD9E3-3A04-4F6E-BBFD-A4C0DF4E77FF} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\remsh.exe [2017-07-12] (Microsoft Corporation)
Task: {AF73AC2C-606C-4536-90E7-A756AAEBC313} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {C2382204-E45A-4321-808B-8ABF4546A6BB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-25] ()
Task: {C85310CB-D841-4620-A659-5BCBA1891B07} - System32\Tasks\Windows 10 Manager - Privacy Protector => C:\Program Files\Yamicsoft\Windows 10 Manager\PrivacyProtector.exe [2017-04-25] (Yamicsoft)
Task: {CC6A9943-0CFC-4C1D-89FC-F4C37083C644} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-27] (Microsoft Corporation)
Task: {D0F4E609-CEE8-4E9F-9C33-6C871E384EC5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-08] (NVIDIA Corporation)
Task: {DB207A20-B328-4807-88E5-153CB4230F74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-27] (Microsoft Corporation)
Task: {E781BA7E-DA90-406E-BFFD-65F949374499} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-12] (ASUSTek Computer Inc.)
Task: {E8803A52-BEEF-46A4-BFF0-8D4858ECDFAB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-08] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Windows 10 Manager - Privacy Protector.job => C:\Program Files\Yamicsoft\Windows 10 Manager\PrivacyProtector.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\PC-ABDERRAHMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Fair AdBlocker App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=dcnofaichneijfbkdkghmhjjbepjmble
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-03 23:51 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-14 17:42 - 2017-06-08 02:45 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-08-28 03:45 - 2014-08-28 03:45 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-28 03:41 - 2014-08-28 03:41 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-28 03:47 - 2014-08-28 03:47 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2016-10-02 04:49 - 2016-10-02 04:49 - 00959168 _____ () C:\Users\PC-ABDERRAHMEN\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-10-03 23:47 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 13:02 - 2016-10-05 10:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-12 13:02 - 2016-10-05 10:34 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-10-28 16:36 - 2016-10-15 04:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-28 16:36 - 2016-10-15 04:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-28 16:36 - 2016-10-15 04:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-28 16:36 - 2016-10-15 04:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-28 16:36 - 2016-10-15 04:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-06-26 20:14 - 2017-06-23 04:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-26 20:14 - 2017-06-23 04:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2017-02-19 01:01 - 2017-02-19 01:01 - 00174448 _____ () C:\Program Files (x86)\ZenVPN OpenVPN bundle\bin\liblzo2-2.dll
2017-02-19 01:01 - 2017-02-19 01:01 - 00112040 _____ () C:\Program Files (x86)\ZenVPN OpenVPN bundle\bin\libpkcs11-helper-1.dll
2017-07-14 17:42 - 2017-06-08 02:45 - 01040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-29 08:20 - 2016-10-08 16:48 - 01506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2017-06-29 08:20 - 2016-07-21 10:54 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2017-07-14 16:23 - 00000928 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 l.heouts.com
127.0.0.1 platform.wondershare.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-256474428-2574812502-1661256676-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AGSService => 2
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "CNAP2 Launcher"
HKLM\...\StartupApproved\Run32: => "YouCam Service7"
HKLM\...\StartupApproved\Run32: => "zenvpn"
HKU\S-1-5-21-256474428-2574812502-1661256676-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-256474428-2574812502-1661256676-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-256474428-2574812502-1661256676-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-256474428-2574812502-1661256676-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-256474428-2574812502-1661256676-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{EBEE4725-74F4-4CBC-9536-006F68E213BC}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{1157C19A-18CB-4418-BAD7-F8B1ABA4F63C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{75ED96B4-0836-498C-A313-66685F86C832}] => (Allow) C:\Users\PC-ABDERRAHMEN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4F0BAAAD-3A9B-4BB7-B513-0EEA3D7E1477}] => (Allow) C:\Users\PC-ABDERRAHMEN\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3186DD00-6271-4A95-8B9A-3EF11CA78816}] => (Allow) C:\Program Files\steam\Steam.exe
FirewallRules: [{FF6B74B0-C764-4F14-B74A-6F5BA2610DB4}] => (Allow) C:\Program Files\steam\Steam.exe
FirewallRules: [{5F39B7C8-A506-4B6B-8259-64BAC0E5A128}] => (Allow) LPort=1688
FirewallRules: [{87A63A6E-A466-4466-A998-AAC6F5269FB4}] => (Allow) D:\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{35A3443A-E56F-4576-9A3A-B8DA12BF83E8}] => (Allow) D:\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [TCP Query User{38BCF138-1783-43F7-B5E6-FCB5360C2DA3}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{78936421-C2AC-4515-BB96-2B8CE7C7D309}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{9672715E-67A3-4AC8-8EC3-714D4DB1B26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2A58AC7E-D267-495C-9BDF-569C855D2899}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{030792C1-E812-406B-B120-6A3239412703}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{C094C256-21D2-459E-9359-2E5CA4EE8FB5}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{66159B56-22C0-413D-BD99-7314544C242C}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe
FirewallRules: [TCP Query User{4BA9EBD7-CDC9-4469-83B7-217157E5C1C8}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{40D2A55A-81EB-43A9-BAA0-71A0CE97DED2}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [TCP Query User{30E0770B-2EFF-4049-8D38-D3C5FF763938}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{C5405A38-3D38-4C3D-84C0-AFB9B49AE87E}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{7E6E1103-49F4-45D4-8221-17DB2FF10308}] => (Allow) LPort=5000
FirewallRules: [{443A12DA-5D8E-4BE0-8625-80676B452CA1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0B77B4C7-293E-4143-B2B0-ABBA20B90FD9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C7D746AF-AFF9-4DF2-849D-EEDE9EF3540B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A244FC84-779D-4A2B-995F-481CA34CD7C6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E2818C91-4CEC-43BA-9DD6-D1D7ADC7879C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D900B7FB-59A6-427A-A5B5-B3FF48919E7C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E8D9FA9C-2C1C-4297-A591-344BB77CC990}] => (Allow) C:\Users\PC-ABDERRAHMEN\Desktop\EmbratoriaG6.5.1\libs.exe
FirewallRules: [{7F85FDB3-635F-4508-B609-30F3B36E7CC8}] => (Allow) C:\Users\PC-ABDERRAHMEN\Desktop\EmbratoriaG6.5.1\libs.exe
FirewallRules: [{80D36366-4CC5-4C15-9C32-654590333895}] => (Allow) C:\Users\PC-ABDERRAHMEN\Desktop\EmbratoriaG6.5.1\libs.exe
FirewallRules: [{4F2D20B9-10FE-4D35-A2DD-47BED023BBC7}] => (Allow) C:\Users\PC-ABDERRAHMEN\Desktop\EmbratoriaG6.5.1\libs.exe
FirewallRules: [{65CBA5F4-2150-438C-8606-2A9F333B80D0}] => (Allow) LPort=5000
FirewallRules: [{54ACB2D3-958F-4811-BB95-E462EDE8888D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2613652F-E410-4EB4-827C-AA299AE3A95D}] => (Allow) C:\Program Files\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3F353D79-B149-4CB4-9705-DBCE56E1EDD8}] => (Allow) C:\Program Files\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E30FC18B-6227-4832-9798-5588FFABB572}] => (Allow) C:\Users\PC-ABDERRAHMEN\Desktop\EmbratoriaG6.5.1\EmbratoriaG6.5.2\libs.exe
FirewallRules: [{1B17D48E-FA59-4973-BF97-002F95C98F2E}] => (Allow) C:\Users\PC-ABDERRAHMEN\Desktop\EmbratoriaG6.5.1\EmbratoriaG6.5.2\libs.exe
FirewallRules: [{BCBD9092-76AB-401C-BB54-6696BC360FFE}] => (Allow) C:\Users\PC-ABDERRAHMEN\Desktop\EmbratoriaG7\libs.exe
FirewallRules: [{E542DCFA-C9AB-49C9-94FB-29D684E4784E}] => (Allow) C:\Users\PC-ABDERRAHMEN\Desktop\EmbratoriaG7\libs.exe
FirewallRules: [{34FC7F4E-E236-48EF-94C7-68A21F438C04}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F277AB19-368B-453F-8B49-C6045CC911F4}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
FirewallRules: [{95CF7262-CFE3-4735-A9AD-27283F206E23}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{6D5E7636-A7FE-49C3-9E07-E35C5816ED0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BA956E3D-5184-4B86-B871-961FABF28742}] => (Allow) D:\Games\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [{E52997FD-CD85-40CD-BA62-CCBD9BC07DA3}] => (Allow) E:\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{383612B4-AC8C-463E-81E0-CF996605345D}] => (Allow) E:\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{BCD42DEA-A24C-4553-A830-06ED50809F8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F7393FA9-CA1C-4187-B83A-1DD5B2DA07E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{58A654E8-CD15-40E6-98F5-38D09343F432}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{99E497C4-89AE-4D54-A874-909FAC342066}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

27-07-2017 04:44:03 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2017 12:02:10 AM) (Source: ESENT) (EventID: 474) (User: )
Description: Catalog Database (1988) Catalog Database: The database page read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" at offset 34418688 (0x00000000020d3000) (database page 8402 (0x20D2)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [1dd76228fe32d7cc] and the computed checksum was [1dd76228fe32f7fb]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Error: (07/28/2017 12:00:16 AM) (Source: ESENT) (EventID: 474) (User: )
Description: Catalog Database (1988) Catalog Database: The database page read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" at offset 34410496 (0x00000000020d1000) (database page 8400 (0x20D0)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [3b893b893914cb80] and the computed checksum was [3b893b893914eba3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Error: (07/27/2017 11:56:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ABDERRAHMEN)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/27/2017 11:55:46 PM) (Source: ESENT) (EventID: 474) (User: )
Description: Catalog Database (1988) Catalog Database: The database page read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" at offset 34430976 (0x00000000020d6000) (database page 8405 (0x20D5)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [33b333b3b4257b9d] and the computed checksum was [33b333b3b4255ba0]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Error: (07/27/2017 11:33:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ABDERRAHMEN)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/27/2017 11:23:12 PM) (Source: ESENT) (EventID: 474) (User: )
Description: Catalog Database (1916) Catalog Database: The database page read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" at offset 34418688 (0x00000000020d3000) (database page 8402 (0x20D2)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [1dd76228fe32d7cc] and the computed checksum was [1dd76228fe32f7fb]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Error: (07/27/2017 11:14:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\adobe\adobe premiere elements 15\MPEGHDVExport.exe".
Dependent Assembly Plug-ins\Common\TSStrider,type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/27/2017 11:10:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/27/2017 11:03:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-ABDERRAHMEN)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/27/2017 10:44:12 PM) (Source: ESENT) (EventID: 474) (User: )
Description: Catalog Database (1916) Catalog Database: The database page read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" at offset 34410496 (0x00000000020d1000) (database page 8400 (0x20D0)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [3b893b893914cb80] and the computed checksum was [3b893b893914eba3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.


System errors:
=============
Error: (07/27/2017 11:57:14 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/27/2017 11:57:14 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/27/2017 11:53:57 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/27/2017 11:53:57 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/27/2017 11:51:51 PM) (Source: DCOM) (EventID: 10010) (User: PC-ABDERRAHMEN)
Description: The server {21F282D1-A881-49E1-9A3A-26E44E39B86C} did not register with DCOM within the required timeout.

Error: (07/27/2017 11:50:59 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/27/2017 11:50:59 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (07/27/2017 11:49:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/27/2017 11:49:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (07/27/2017 11:49:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.


CodeIntegrity:
===================================
Date: 2017-01-25 19:33:08.926
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-01-25 19:33:08.619
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-01-21 00:30:05.044
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\PC-ABDERRAHMEN\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 56%
Total physical RAM: 8091.78 MB
Available physical RAM: 3481.52 MB
Total Virtual: 10075.78 MB
Available Virtual: 4834.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:159.54 GB) (Free:72.33 GB) NTFS
Drive d: () (Fixed) (Total:292.97 GB) (Free:117.08 GB) NTFS
Drive e: () (Fixed) (Total:478.51 GB) (Free:41.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 741D2ACD)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=159.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=478.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=293 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité