Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015 Ran by Trotobas at 2015-06-03 13:44:52 Running from C:\Users\Trotobas\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-3333455976-1723792930-3989610294-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-3333455976-1723792930-3989610294-1003 - Limited - Enabled) Invité (S-1-5-21-3333455976-1723792930-3989610294-501 - Limited - Disabled) Trotobas (S-1-5-21-3333455976-1723792930-3989610294-1001 - Administrator - Enabled) => C:\Users\Trotobas ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3333455976-1723792930-3989610294-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe CS6 Master Collection Patch 64bit (HKLM-x32\...\Adobe CS6 Master Collection Patch 64bit) (Version: - ) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.142.60386 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.1.142.60386 - Alcor Micro Corp.) Hidden Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS Fan Filter Checker (HKLM-x32\...\{2B0E8920-47D0-4F4D-BE03-76397409B837}) (Version: 1.0.0001 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.115 - Atheros) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0016 - ASUS) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd) Dead Rising 3 (HKLM-x32\...\{980F1477-45EF-4D46-9066-F6129E027418}) (Version: 1.0.0.0 - CAPCOM) DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden Dropbox (HKU\S-1-5-21-3333455976-1723792930-3989610294-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden GoPro Studio 2.5.3 (HKLM-x32\...\GoPro Studio) (Version: 2.5.3 - GoPro, Inc.) Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.2.0 - ASUS) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Logiciel de base du périphérique HP Deskjet 1050 J410 series (HKLM\...\{635F63A6-9FC8-4101-B109-00698C6F3A91}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) Logiciel de base du périphérique HP Deskjet 3050A J611 series (HKLM\...\{2728177B-FBEC-415F-A9F5-83CD6CBD4816}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) Mises à jour NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden Mozilla Firefox 32.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 fr)) (Version: 32.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nero 2014 (HKLM-x32\...\{CFF19D4A-F26D-4C6C-8535-A7C9107C9027}) (Version: 15.0.07100 - Nero AG) Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG) New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA Pilote graphique 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation) Panneau de configuration NVIDIA 353.06 (Version: 353.06 - NVIDIA Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version: - Roccat GmbH) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer) Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS) WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS) ZHPDiag 2015 (HKLM-x32\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman) Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation) גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation) بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation) معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden 適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333455976-1723792930-3989610294-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 02-06-2015 17:22:35 Removed Le Seigneur des Anneaux® - L’Age des Conquêtes™ 02-06-2015 17:24:11 Middle Earth Shadow of Mordor a été supprimé 02-06-2015 19:03:39 AA11 02-06-2015 19:10:42 LavasoftWeCompanion ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-06-02 16:31 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B3022E3-1822-42D2-853B-060D9B16FE85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.) Task: {179C7058-9567-4A20-98C9-E853FBACF440} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-28] (Microsoft Corporation) Task: {184EF405-7AAA-401D-A6F8-10D7AE118EE4} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG) Task: {288204AA-91D6-4183-8AB9-F76471951C68} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {2F1AF1B7-017B-4C3E-B634-59622BC8CA63} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {398DD5F8-AA7F-425F-BAD6-1CF9109EC1A8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {3BAC5E7B-7FBD-4F6E-934E-3F2AB19F4FF6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {4F1DC630-BDB9-4CAD-8759-9FE3358D5B1E} - System32\Tasks\{E8D20FE1-4FAB-4850-938B-E18167769B24} => pcalua.exe -a C:\Users\Trotobas\Downloads\ZHPDiag2.exe -d C:\Users\Trotobas\Downloads Task: {8BDDB50A-894A-44C8-8F18-AC996B599520} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.) Task: {AA2F73B7-3C98-428D-B0DD-EE6C86805BDD} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {ABCDDF73-A64A-4424-AFF9-1B0FC28AF8A8} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-16] (ASUS) Task: {B56A7282-4DAA-4764-B1C8-C13AA4890808} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.) Task: {C6A1DF6F-1CC4-438A-95E1-258A8796F908} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {CA737876-EAF1-4F18-BFA9-78E4B272AE62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {CBAA1587-5A07-4495-9340-B35D310A81D3} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {D0F6527F-8806-4609-BA0E-B4E85198DA65} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.) Task: {DCDE6279-2832-4C7C-98D8-A089162CA8F4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {EFE9648D-3879-4ABE-8AF2-6BC44958FC43} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-14] (AVAST Software) Task: {F0E2761C-9779-442A-8414-4FE5D7330D88} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated) Task: {F814C7AA-F083-4571-92BC-303C8CF41837} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (Whitelisted) ============== 2014-06-28 08:50 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-06-28 08:53 - 2012-02-21 21:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2009-03-02 04:08 - 2009-03-02 04:08 - 00003584 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.PropSheetExtensionHelper_x64.dll 2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2014-06-28 08:53 - 2012-03-30 14:01 - 00078448 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2014-06-28 08:53 - 2012-03-30 14:01 - 00386160 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2014-08-14 22:38 - 2014-08-14 22:38 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2015-06-03 11:30 - 2015-06-03 11:30 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15060300\algo.dll 2014-06-28 14:45 - 2014-06-28 14:45 - 00107520 _____ () D:\Program Files\DAEMON Tools Pro\BRD.dll 2012-01-31 18:25 - 2012-01-31 18:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll 2014-08-14 22:38 - 2014-08-14 22:38 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2012-02-06 19:32 - 2012-02-06 19:32 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2014-07-01 09:39 - 2012-06-17 11:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll 2014-06-28 08:52 - 2012-02-21 21:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2012-01-12 17:17 - 2012-01-12 17:17 - 00204800 _____ () C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax 2015-05-25 19:32 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll 2015-05-25 19:32 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll 2015-05-25 19:32 - 2015-05-22 22:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:054203E4 AlternateDataStreams: C:\Users\Trotobas\Local Settings:AosNPNpfVnHjANy9DCFlhq AlternateDataStreams: C:\Users\Trotobas\Local Settings:GGsFf6Zc4Q2cTeG8ONoLqpvBC5GE9 AlternateDataStreams: C:\Users\Trotobas\AppData\Local:AosNPNpfVnHjANy9DCFlhq AlternateDataStreams: C:\Users\Trotobas\AppData\Local:GGsFf6Zc4Q2cTeG8ONoLqpvBC5GE9 AlternateDataStreams: C:\Users\Trotobas\AppData\Local\Application Data:AosNPNpfVnHjANy9DCFlhq AlternateDataStreams: C:\Users\Trotobas\AppData\Local\Application Data:GGsFf6Zc4Q2cTeG8ONoLqpvBC5GE9 AlternateDataStreams: C:\Users\Trotobas\AppData\Local\Temporary Internet Files:aFA0c6GvfEmQjeK30NZkkNDRxN6A AlternateDataStreams: C:\Users\Trotobas\AppData\Local\Temporary Internet Files:UlpY0gagFHvbNMZQc3WzXHbiOgKiOL ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7869 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3333455976-1723792930-3989610294-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Trotobas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.254 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GoPro Importer.lnk => C:\Windows\pss\GoPro Importer.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S MSCONFIG\startupreg: DAEMON Tools Pro Agent => "D:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: HP Deskjet 3050A J611 series (NET) => "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN17C4B2MH05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1 MSCONFIG\startupreg: KiesPreload => D:\Program Files\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => D:\Program Files\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{56048913-2EE4-4FB6-9B10-B11FD9535645}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A56F99CF-933B-4F79-9B77-D54139039647}] => (Allow) LPort=2869 FirewallRules: [{7200A232-CB9A-4548-89E0-CF072E6C2E3E}] => (Allow) LPort=1900 FirewallRules: [{B47DCE39-BD05-4FD0-BC5F-8FCE7C3FBB7F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{BE0EC94A-88B6-4356-B121-F67FE5BE0F40}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{1145F6B3-C7E9-4EF5-ADDD-0F03F22BFC37}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{94B11706-0740-49A0-A042-EF46DE317245}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{25BFC6C4-41E7-49F0-8C1C-E54ABE1C61EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{360EF0B6-44C8-453E-8967-56FB1D96EA32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{83A87874-DEAE-43B8-8233-783BD8DAAEAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{AD2BCF39-FA11-4458-9C9B-8D112558605E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F12F1F71-682A-4B1C-9A94-9C71634DDDAF}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe FirewallRules: [{522D027A-B59F-4F30-BDA4-91851FED20E7}] => (Allow) C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{7D5EF024-93FC-4F0C-9D6B-98ED0072014C}] => (Allow) C:\Users\Trotobas\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{22AAA5C8-4668-4EC4-BEA2-B8DFF58AC784}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe FirewallRules: [{4ADDFC69-5CC2-4BC1-A6D8-68E5B00BD461}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{834A4F27-6F49-4CC3-929F-C1E3B63B024F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{6512144B-F6B1-4D6B-A24B-7169337D2B3A}] => (Allow) D:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{B3D1BF80-3998-4122-B94C-0EC73A431BE2}] => (Allow) D:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{A7D75531-65EB-4E97-9F9E-421F8B72011F}] => (Allow) D:\Jeux\Steam\Steam.exe FirewallRules: [{A1295256-9B2E-4D45-82CD-EBF15D5EB9F8}] => (Allow) D:\Jeux\Steam\Steam.exe FirewallRules: [{6071CA1C-3C21-444E-B6FD-B1CFD6FE4DE8}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{C8EEAC94-787A-445F-8BB2-5CE32DDDC8A3}] => (Allow) D:\Jeux\Steam\bin\steamwebhelper.exe FirewallRules: [{615A99B2-BCA3-4ED2-BBB2-ACD6D49F8769}] => (Allow) D:\Jeux\Steam\bin\steamwebhelper.exe FirewallRules: [{D0E0D803-FF7E-425F-98AD-A615B75ECD5D}] => (Allow) D:\Jeux\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{F42D4096-BA13-48FD-B47A-9A88F3E72B82}] => (Allow) D:\Jeux\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [TCP Query User{6111DBE5-5387-482D-9E82-C220B1598F2C}D:\jeux\grandtheltautov\gta5.exe] => (Allow) D:\jeux\grandtheltautov\gta5.exe FirewallRules: [UDP Query User{CC9580EA-ACBD-49B6-9C51-A5B08DF33AAA}D:\jeux\grandtheltautov\gta5.exe] => (Allow) D:\jeux\grandtheltautov\gta5.exe FirewallRules: [{A29A2C9A-44D0-42D6-B7C6-C95F6459434C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{0D7FBF95-D011-47EE-87B8-5AA6B67A1D66}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{053D8BCF-DFDD-45B0-AD59-2113226A2CCC}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{58373961-BAA6-47C9-9448-CAF24B23786D}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{1731779D-D1E2-4146-94DB-A8A0370A53A5}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{63037880-A822-4375-8594-C08FBB93D8F5}D:\jeux\grandtheltautov\gta5.exe] => (Allow) D:\jeux\grandtheltautov\gta5.exe FirewallRules: [UDP Query User{9A71E5A9-A21F-4999-8A73-93C4EDB7827A}D:\jeux\grandtheltautov\gta5.exe] => (Allow) D:\jeux\grandtheltautov\gta5.exe FirewallRules: [{BF6A8CF6-A129-463E-905F-94D82B4F9639}] => (Allow) D:\Jeux\Battle.net\Battle.net.exe FirewallRules: [{ACAF2BA0-BF8E-4A76-B8F3-A033C4E97598}] => (Allow) D:\Jeux\Battle.net\Battle.net.exe FirewallRules: [{CB9E9B57-E490-4495-AF0E-2C9CE204A56E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Atheros Service: L1C Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/02/2015 06:35:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante svchost.exe_SysMain, version : 6.1.7600.16385, horodatage : 0x4a5bc3c1 Nom du module défaillant : sysmain.dll, version : 6.1.7601.17514, horodatage : 0x4ce7c9db Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000017ef1 ID du processus défaillant : 0x440 Heure de début de l’application défaillante : 0xsvchost.exe_SysMain0 Chemin d’accès de l’application défaillante : svchost.exe_SysMain1 Chemin d’accès du module défaillant: svchost.exe_SysMain2 ID de rapport : svchost.exe_SysMain3 Error: (06/02/2015 03:29:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Rasterise Key since QueryServiceConfig API failed System Error: Le fichier spécifié est introuvable. . Error: (06/02/2015 03:22:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Rasterise Key since QueryServiceConfig API failed System Error: Le fichier spécifié est introuvable. . Error: (06/01/2015 08:45:12 PM) (Source: Software Update) (EventID: 1) (User: AUTORITE NT) Description: Software Update has encountered a fatal error. ver=1.3.25.0.private;lang=fr;id=;is_machine=1;upload=0;minidump=C:\Program Files (x86)\Software\CrashReports\ab388239-bdf1-466d-a70e-aa34a6a9b9ed.dmp Error: (06/01/2015 08:44:50 PM) (Source: MsiInstaller) (EventID: 11316) (User: Trotobas-PC) Description: Product: Software Update Helper -- Error 1316. Le compte spécifié existe déjà. Error: (05/20/2015 11:13:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Photoshop.exe, version : 13.0.0.0, horodatage : 0x4f61c045 Nom du module défaillant : Photoshop.exe, version : 13.0.0.0, horodatage : 0x4f61c045 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000016a9fd1 ID du processus défaillant : 0xfa0 Heure de début de l’application défaillante : 0xPhotoshop.exe0 Chemin d’accès de l’application défaillante : Photoshop.exe1 Chemin d’accès du module défaillant: Photoshop.exe2 ID de rapport : Photoshop.exe3 Error: (05/20/2015 10:09:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (05/18/2015 04:05:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (05/17/2015 10:35:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (05/17/2015 09:24:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 System errors: ============= Error: (06/03/2015 11:29:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service McAfee SiteAdvisor Service n’a pas pu démarrer en raison de l’erreur : %%2 Error: (06/02/2015 08:16:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service McAfee SiteAdvisor Service n’a pas pu démarrer en raison de l’erreur : %%2 Error: (06/02/2015 07:24:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : scfd_1_10_0_16 Error: (06/02/2015 07:23:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service McAfee SiteAdvisor Service n’a pas pu démarrer en raison de l’erreur : %%2 Error: (06/02/2015 07:22:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (06/02/2015 07:22:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 s’est terminé de façon inattendue pour la 2ème fois. Error: (06/02/2015 07:22:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Intel(R) Capability Licensing Service Interface s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service. Error: (06/02/2015 07:22:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Intel(R) Management and Security Application User Notification Service s’est terminé de façon inattendue pour la 1ème fois. Error: (06/02/2015 07:22:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service. Error: (06/02/2015 07:22:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Microsoft Office: ========================= CodeIntegrity Errors: =================================== Date: 2015-06-01 21:17:31.503 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 21:17:11.061 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 21:16:49.018 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 21:15:58.723 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 21:15:58.634 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 21:15:28.509 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 21:14:55.214 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 21:13:04.111 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 21:12:47.405 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 21:12:24.606 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Program Files\BubbleSound\BubbleSound.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz Percentage of memory in use: 28% Total physical RAM: 12247.92 MB Available physical RAM: 8698.68 MB Total Pagefile: 24494.04 MB Available Pagefile: 20642.83 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:123.73 GB) (Free:28.53 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:478 GB) (Free:239.28 GB) NTFS Drive h: (DD 2To) (Fixed) (Total:1863 GB) (Free:1262.87 GB) NTFS Drive r: (Romain) (Fixed) (Total:97.66 GB) (Free:60.72 GB) NTFS Drive s: (Svet) (Fixed) (Total:97.66 GB) (Free:90.52 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 149.1 GB) (Disk ID: 81B7C4A9) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 698.6 GB) (Disk ID: 527CD163) Partition: GPT Partition Type. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 2. ==================== End of log ============================