Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-07-2015 Ran by Grand Caribou at 2015-07-27 19:15:01 Running from E:\Users\Grand Caribou\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-4146012179-2000389819-2718188108-500 - Administrator - Disabled) Grand Caribou (S-1-5-21-4146012179-2000389819-2718188108-1000 - Administrator - Enabled) => C:\Users\Grand Caribou Invité (S-1-5-21-4146012179-2000389819-2718188108-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Out of date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Out of date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275} FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden Adobe Flash Player 10 ActiveX (HKLM\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) ATI Catalyst Install Manager (HKLM\...\{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}) (Version: 3.0.715.0 - ATI Technologies, Inc.) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden ccc-core-static (Version: 2010.0210.2339.42455 - Nom de votre société) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform) C-Media High Definition Audio Driver (HKLM\...\C-Media Audio Driver) (Version: - ) Coffret de pilotes Logitech QuickCam (HKLM\...\lvdrivers_11.50) (Version: - ) COMODO Firewall (HKLM\...\{7DB468A1-8F08-4862-8FFC-897779356715}) (Version: 6.3.39106.2972 - COMODO Security Solutions Inc.) Complément Office 2007 - Microsoft Enregistrer en tant que PDF ou XPS (Beta) (HKLM\...\{30120000-00B2-040C-0000-0000000FF1CE}) (Version: 12.0.4407.1005 - Microsoft Corporation) Cool & Quiet (HKLM\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version: - ) Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden dBpowerAMP AAC Codec (HKLM\...\dBpowerAMP AAC Codec) (Version: - ) dBpowerAMP AAC to Mp4 Codec (HKLM\...\dBpowerAMP AAC to Mp4 Codec) (Version: - ) dBpoweramp AIFF Codec (HKLM\...\dBpoweramp AIFF Codec) (Version: Release 11 - Illustrate) dBpowerAMP Compaact Mp4 Codec (HKLM\...\dBpowerAMP Compaact Mp4 Codec) (Version: - ) dBpoweramp DSP Effects (HKLM\...\dBpoweramp DSP Effects) (Version: Release 6 - Illustrate) dBpowerAMP FAAC Mp4 Codec (HKLM\...\dBpowerAMP FAAC Mp4 Codec) (Version: - ) dBpoweramp FLAC Codec (HKLM\...\dBpoweramp FLAC Codec) (Version: Release 14 (FLAC 1.2.1) - Illustrate) dBpowerAMP Monkeys Audio Codec (HKLM\...\dBpowerAMP Monkeys Audio Codec) (Version: - ) dBpowerAMP mp3PRO Input Codec (HKLM\...\dBpowerAMP mp3PRO Input Codec) (Version: - ) dBpowerAMP Mp4 & AAC Decode Codec (HKLM\...\dBpowerAMP Mp4 & AAC Decode Codec) (Version: - ) dBpowerAMP Musepack Codec (HKLM\...\dBpowerAMP Musepack Codec) (Version: - ) dBpoweramp Music Converter (HKLM\...\dBpoweramp Music Converter) (Version: Release 14 - Illustrate) dBpowerAMP Nero Mp4 Codec (HKLM\...\dBpowerAMP Nero Mp4 Codec) (Version: - ) dBpowerAMP Ogg Vorbis Codec (HKLM\...\dBpowerAMP Ogg Vorbis Codec) (Version: - ) dBPowerAMP Real Audio Encoder R3 (HKLM\...\dBPowerAMP Real Audio Encoder R3) (Version: - ) dBpoweramp Windows Media Audio 10 Codec (HKLM\...\dBpoweramp Windows Media Audio 10 Codec) (Version: Release 7 - Illustrate) Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden DJ_AIO_03_F4200_Software_Min (Version: 130.0.365.000 - Hewlett-Packard) Hidden dMC mp3PRO (CLI) Encoder (HKLM\...\dMC mp3PRO (CLI) Encoder) (Version: - ) F4200 (Version: 130.0.365.000 - Hewlett-Packard) Hidden Geometry Dash (HKLM\...\R2VvbWV0cnlEYXNo_is1) (Version: 1 - ) GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden ITE IT8212 ATA RAID Controller (HKLM\...\{FC6AAE10-A081-42C7-9CD3-ED1D80C30941}) (Version: - ) Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) K-Lite Mega Codec Pack 10.1.0 (HKLM\...\KLiteCodecPack_is1) (Version: 10.1.0 - ) Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech) Lupas Rename 2000 v5.0 Release (HKLM\...\Lupas Rename 2000_is1) (Version: - Ivan Anton Albarracin) Ma-Config.com (HKLM\...\{EA9DF723-04C2-4B99-BB2E-425EA0C633D9}) (Version: 8.0.0.1 - Cybelsoft) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) Module linguistique Microsoft .NET Framework 4 Client Profile FRA (HKLM\...\Microsoft .NET Framework 4 Client Profile FRA Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Mozilla Firefox 32.0.2 (x86 fr) (HKLM\...\Mozilla Firefox 32.0.2 (x86 fr)) (Version: 32.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MVision (Version: 11.50.1169 - Logitech Inc.) Hidden My 7 Optimizer (HKLM\...\My 7 Optimizer) (Version: - ) Nero 7 Premium (HKLM\...\{43FFE159-3199-4188-A1CD-629166AD1036}) (Version: 7.02.6445 - Nero AG) Ogg Vorbis CLI (HKLM\...\Ogg Vorbis CLI) (Version: - ) PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - ) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) Skins (Version: 2010.0210.2339.42455 - ATI) Hidden SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden Unchecky v0.2.16 (HKLM\...\Unchecky) (Version: 0.2.16 - RaMMicHaeL) UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4146012179-2000389819-2718188108-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) ==================== Restore Points ========================= 16-05-2015 15:26:26 Revo Uninstaller's restore point - JDownloader 0.9 16-05-2015 15:31:13 Revo Uninstaller's restore point - PrivDog 16-05-2015 15:55:15 avast! antivirus system restore point 25-07-2015 14:55:05 avast! antivirus system restore point 26-07-2015 18:11:50 Opération de restauration 27-07-2015 16:34:04 Removed Java 8 Update 51 27-07-2015 16:46:41 Installed Ma-Config.com 27-07-2015 17:21:58 Revo Uninstaller's restore point - Logitech SetPoint 27-07-2015 18:50:35 Installed Ma-Config.com ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2015-07-27 17:41 - 00001993 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com There are 4 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1EED75FB-0CE9-4A8B-AA07-99CB97BC2C77} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-26] (Adobe Systems Incorporated) Task: {476FCA56-B268-4EB5-BD28-77BF5ACE05DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd) Task: {6DF3C3C9-D596-4D01-BE14-886FCDEE0D27} - System32\Tasks\{14105D31-1A4C-44C6-982D-36381AB32F60} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller" Task: {A92ECB64-85CB-4B9D-A0F2-9D46F8C43DE0} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-11-14] (COMODO) Task: {C3CE090D-6375-4B55-B08B-9E79AA211CAC} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-11-11] (COMODO) Task: {D51B501E-A9CA-469D-A0FD-E7AE98CA9FCA} - System32\Tasks\AdobeAAMUpdater-1.0-GrandCaribou-PC-Grand Caribou => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2013-11-01 16:21 - 2007-04-03 15:26 - 00128512 _____ () C:\Program Files\WinRAR\rarext.dll 2013-11-01 22:29 - 2013-11-01 22:29 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll 2009-11-24 14:36 - 2009-11-24 14:36 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll 2013-11-01 17:04 - 2014-09-18 09:16 - 03734640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2015-07-26 19:29 - 2015-07-26 19:29 - 17448624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4146012179-2000389819-2718188108-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Grand Caribou\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{4B7E4433-F794-4F72-BA68-29F6A928298B}] => (Allow) LPort=48113 FirewallRules: [{F1256E12-56B5-4F46-BC1D-12E450821339}] => (Allow) LPort=48114 FirewallRules: [{BF9AC15A-FC7A-4E34-92AA-632C75DD6045}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{BD949E0D-73BC-4584-91C8-B969D196AA31}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{FA845037-0684-4880-81BD-60D44B9571A9}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{6F346EE2-1A32-43F1-888C-E31E39EF5719}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{703AC4A9-6704-4860-B9AA-28CA686F1988}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{66F862B4-2CAE-4B27-9093-8FB0A1661CB1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{4FB34146-DA0E-402C-82D7-ED8057E0D562}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{DE684323-E0E0-403E-8D22-2EECFB1145DB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{07880DF9-E631-4B99-924A-FCD34E9C1A31}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{F7DDA58F-4392-46E5-A9C5-F234E7ACAD57}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{68DB6C14-433E-41D2-8EAA-9F4B8E0FB255}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{6CF959EE-F2CB-434B-ADA8-B693F5B459D2}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{7A5F7746-BAAA-4022-B6F9-D6176D0F0F64}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe FirewallRules: [{A1749B3C-91C3-455E-BE2E-F4938A8A2DD7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe FirewallRules: [{6FBC8D4F-5A0E-4CCC-9CBD-459A012E9205}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe FirewallRules: [{E9D21DB2-54C7-41DA-9710-4283A3FCBC3B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{9FC99E15-1E37-4D93-9FDF-53C56E8D84B7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{6D081269-A6AE-4529-87BC-80F793E7C697}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{0D2F54EA-D944-4226-913B-5447A6ACB7A9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{26A63E3C-4D3D-4D91-A32C-093E037C5DBB}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe FirewallRules: [{44CA7C85-C0CC-47E2-AA68-D290454DDF9A}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{EBDB598D-935C-4AA7-A0B5-56D861387A65}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{79703A40-2F44-44A3-8C6A-C921D2711DB1}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{696BCA16-CB76-48CB-86F6-01ADF9C928F2}] => (Allow) LPort=48113 FirewallRules: [{2F8A5F50-9BD1-4393-961D-648352E32216}] => (Allow) C:\Program Files\ma-config.com\MCDetection.exe FirewallRules: [{D43768D3-0CD5-4B52-B730-1E7FB66510D8}] => (Allow) C:\Program Files\ma-config.com\MCDetection.exe DomainProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7 StandardProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7 ==================== Faulty Device Manager Devices ============= Name: MpKslcf0bb531 Description: MpKslcf0bb531 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: MpKslcf0bb531 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (07/27/2015 04:47:59 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: GrandCaribou-PC) Description: Impossible de redémarrer l’application ou le service « Ma-Config Agent ». Error: (07/26/2015 07:49:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0c672 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x602e8277 ID du processus défaillant : 0x144 Heure de début de l’application défaillante : 0xSearchIndexer.exe0 Chemin d’accès de l’application défaillante : SearchIndexer.exe1 Chemin d’accès du module défaillant: SearchIndexer.exe2 ID de rapport : SearchIndexer.exe3 Error: (07/26/2015 07:48:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0c672 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x602e8277 ID du processus défaillant : 0xcf0 Heure de début de l’application défaillante : 0xSearchIndexer.exe0 Chemin d’accès de l’application défaillante : SearchIndexer.exe1 Chemin d’accès du module défaillant: SearchIndexer.exe2 ID de rapport : SearchIndexer.exe3 Error: (07/26/2015 07:43:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0c672 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x602e8277 ID du processus défaillant : 0x6c8 Heure de début de l’application défaillante : 0xSearchIndexer.exe0 Chemin d’accès de l’application défaillante : SearchIndexer.exe1 Chemin d’accès du module défaillant: SearchIndexer.exe2 ID de rapport : SearchIndexer.exe3 Error: (07/26/2015 07:25:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0c672 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x602e8277 ID du processus défaillant : 0xc84 Heure de début de l’application défaillante : 0xSearchIndexer.exe0 Chemin d’accès de l’application défaillante : SearchIndexer.exe1 Chemin d’accès du module défaillant: SearchIndexer.exe2 ID de rapport : SearchIndexer.exe3 Error: (07/26/2015 07:24:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0c672 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x602e8277 ID du processus défaillant : 0x6b8 Heure de début de l’application défaillante : 0xSearchIndexer.exe0 Chemin d’accès de l’application défaillante : SearchIndexer.exe1 Chemin d’accès du module défaillant: SearchIndexer.exe2 ID de rapport : SearchIndexer.exe3 Error: (07/26/2015 07:24:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0c672 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x602e8277 ID du processus défaillant : 0x2f0 Heure de début de l’application défaillante : 0xSearchIndexer.exe0 Chemin d’accès de l’application défaillante : SearchIndexer.exe1 Chemin d’accès du module défaillant: SearchIndexer.exe2 ID de rapport : SearchIndexer.exe3 Error: (07/26/2015 07:24:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0c672 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x602e8277 ID du processus défaillant : 0xcbc Heure de début de l’application défaillante : 0xSearchIndexer.exe0 Chemin d’accès de l’application défaillante : SearchIndexer.exe1 Chemin d’accès du module défaillant: SearchIndexer.exe2 ID de rapport : SearchIndexer.exe3 Error: (07/26/2015 07:13:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0c672 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x602e8277 ID du processus défaillant : 0x804 Heure de début de l’application défaillante : 0xSearchIndexer.exe0 Chemin d’accès de l’application défaillante : SearchIndexer.exe1 Chemin d’accès du module défaillant: SearchIndexer.exe2 ID de rapport : SearchIndexer.exe3 Error: (07/26/2015 07:12:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SearchIndexer.exe, version : 7.0.7601.17610, horodatage : 0x4dc0c672 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x602e8277 ID du processus défaillant : 0x830 Heure de début de l’application défaillante : 0xSearchIndexer.exe0 Chemin d’accès de l’application défaillante : SearchIndexer.exe1 Chemin d’accès du module défaillant: SearchIndexer.exe2 ID de rapport : SearchIndexer.exe3 System errors: ============= Error: (07/27/2015 05:40:58 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: AUTORITE NT) Description: Certaines fonctionnalités de gestion de l’alimentation relatives aux performances du processeur ont été désactivées en raison d’un problème connu avec le microprogramme. Contactez le fabricant de l’ordinateur pour obtenir la mise à jour du microprogramme. Error: (07/27/2015 04:24:43 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: AUTORITE NT) Description: Certaines fonctionnalités de gestion de l’alimentation relatives aux performances du processeur ont été désactivées en raison d’un problème connu avec le microprogramme. Contactez le fabricant de l’ordinateur pour obtenir la mise à jour du microprogramme. Error: (07/27/2015 04:07:50 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: AUTORITE NT) Description: Certaines fonctionnalités de gestion de l’alimentation relatives aux performances du processeur ont été désactivées en raison d’un problème connu avec le microprogramme. Contactez le fabricant de l’ordinateur pour obtenir la mise à jour du microprogramme. Error: (07/27/2015 03:54:25 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: AUTORITE NT) Description: Certaines fonctionnalités de gestion de l’alimentation relatives aux performances du processeur ont été désactivées en raison d’un problème connu avec le microprogramme. Contactez le fabricant de l’ordinateur pour obtenir la mise à jour du microprogramme. Error: (07/26/2015 07:49:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Windows Search s’est terminé de façon inattendue pour la 10ème fois. Error: (07/26/2015 07:48:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Windows Search s’est terminé de façon inattendue pour la 9ème fois. Error: (07/26/2015 07:43:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Windows Search s’est terminé de façon inattendue pour la 8ème fois. Error: (07/26/2015 07:25:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Windows Search s’est terminé de façon inattendue pour la 7ème fois. Error: (07/26/2015 07:24:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Windows Search s’est terminé de façon inattendue pour la 6ème fois. Error: (07/26/2015 07:24:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Windows Search s’est terminé de façon inattendue pour la 5ème fois. Microsoft Office: ========================= ==================== Memory info =========================== Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz Percentage of memory in use: 46% Total physical RAM: 3199.37 MB Available physical RAM: 1712.09 MB Total Virtual: 6394.97 MB Available Virtual: 4603.64 MB ==================== Drives ================================ Drive c: (Windows 7) (Fixed) (Total:114.49 GB) (Free:83.63 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive e: (Sauvegardes) (Fixed) (Total:114.49 GB) (Free:114.01 GB) NTFS Drive f: (Sauvegardes) (Fixed) (Total:149.04 GB) (Free:148.95 GB) NTFS Drive h: (CLÉ SEB) (Removable) (Total:14.9 GB) (Free:5.75 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 114.5 GB) (Disk ID: 404B8EEC) Partition 1: (Active) - (Size=114.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=7 MB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 149.1 GB) (Disk ID: BA979DD5) Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 114.5 GB) (Disk ID: 8D39D5F7) Partition 1: (Active) - (Size=114.5 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 14.9 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End of log ============================