Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015 Ran by אלי חזן at 2015-07-28 18:24:47 Running from C:\Users\אלי חזן\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-621799793-644846384-3821762763-500 - Administrator - Disabled) Guest (S-1-5-21-621799793-644846384-3821762763-501 - Limited - Disabled) אלי חזן (S-1-5-21-621799793-644846384-3821762763-1000 - Administrator - Enabled) => C:\Users\אלי חזן ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee VirusScan Enterprise (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637} AV: Protection antivirus et antispyware McAfee (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Protection antivirus et antispyware McAfee (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: Pare-feu McAfee (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ActiveX912 v3.0.0.7 (HKLM-x32\...\ActiveX912_is1) (Version: 3.0.0.7 - ) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.162 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.154 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Allin1Convert Internet Explorer Toolbar (HKLM-x32\...\Allin1Convert_8hbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo Burning Studio 9.03 (HKLM-x32\...\Ashampoo Burning Studio 9_is1) (Version: 9.0.3 - ashampoo GmbH & Co. KG) Ask Toolbar Updater (HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.44892 - Ask.com) <==== ATTENTION Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros) BlackBerry Desktop Software 6.0 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.0.0.43 - Research In Motion Ltd.) BlackBerry Desktop Software 6.0 (x32 Version: 6.0.0.43 - Research In Motion Ltd.) Hidden BlackBerry Device Software Updater (HKLM-x32\...\{38676C9C-270F-43D1-926A-E45DE8820A6B}) (Version: 7.1.0.34 - Research In Motion Ltd) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell) Dell System Detect (HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\73f463568823ebbe) (Version: 6.0.0.18 - Dell) Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.) Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 10.0 - Driver-Soft Inc.) Dropbox (HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.) FASTImgWiz version 1.0 (HKLM-x32\...\FASTImgWiz_is1) (Version: - ) File Repair (HKLM-x32\...\File Repair_is1) (Version: - File Repair) File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version: 2014.5.6.0 - ) <==== ATTENTION Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.) Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.) Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.3.0.1121 - Citrix Online, a division of Citrix Systems, Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 14.5.2 - iolo technologies, LLC) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kernel for PDF Repair - Evaluation ver 15.01 (HKLM-x32\...\Kernel for PDF Repair - Evaluation version_is1) (Version: - Lepide Software Pvt. Ltd.) K-Lite Codec Pack 4.5.3 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.5.3 - ) McAfee Agent (HKLM-x32\...\{AA951B10-7089-4D60-B288-516E641F48E6}) (Version: 4.0.0.1496 - McAfee, Inc.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.) McAfee Total Protection (HKLM-x32\...\MSC) (Version: 14.0.1029 - McAfee, Inc.) McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.) McAfee VirusScan Enterprise (HKLM-x32\...\{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}) (Version: 8.7.0 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.356 - McAfee, Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft Outlook Hotmail Connector 64 bits (HKLM\...\{95140000-007A-040C-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Outlook Hotmail Connector 64-bit (HKLM\...\{95140000-007A-040D-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (HKLM\...\{95140000-007D-0409-1000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MV2Player (remove only) (HKLM-x32\...\MV2Player) (Version: - ) PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH) PDF Splitter (HKLM-x32\...\PDF Splitter_is1) (Version: 2.5 - Softplicity, Inc.) PDF Splitter (HKLM-x32\...\PDF_is1) (Version: - Helmsman, Inc.) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.208 - Qualcomm Atheros Communications) QUORAM (HKLM-x32\...\QUORAM INTV9) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30143 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB) System Checkup 3.5 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.5.0.25 - iolo technologies, LLC) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live FolderShare (HKLM-x32\...\{76810709-A7D3-468D-9167-A1780C1E766C}) (Version: 14.0.8117.416 - Microsoft Corporation) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinRAR 5.21 (64-סיביות) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinRAR Free Download Packages (HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\WinRAR Free Download Packages) (Version: - ) <==== ATTENTION ZTE Connection Manager (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - ) גלריית התמונות (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ערכת שפה של Microsoft Visual Studio 2010 Tools for Office Runtime (x64)‎ - ‏HEB (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - HEB) (Version: 10.0.50903 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\אלי חזן\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\אלי חזן\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\אלי חזן\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\אלי חזן\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\אלי חזן\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\אלי חזן\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\אלי חזן\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-621799793-644846384-3821762763-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ==================== Restore Points ========================= 28-07-2015 10:28:56 iolo Designated Drivers Pre-Update Restore Point (894E2B) 28-07-2015 10:30:06 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2009-06-11 00:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {093B0A8C-BF0D-4A0C-8BFC-15F580A14BF2} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation) Task: {12D19BC5-F404-4ED4-A8EB-BD9CABA10662} - System32\Tasks\iolo System Checkup => C:\ProgramData\iolo\scustask.lnk [2015-06-05] () Task: {19927F70-EEEB-4366-AC93-802A649D119F} - System32\Tasks\{6BBF7155-4F40-4D10-A1E0-15F5AF53C29E} => pcalua.exe -a "C:\Program Files (x86)\GOV.IL\Utils\GOI_Install-CACertificates.exe" -d "C:\Program Files (x86)\GOV.IL\Utils\" Task: {2E26801E-637A-465A-A452-AEE646FB0584} - System32\Tasks\{0CE82C7C-3A27-4E27-910A-5657A05C3D8B} => pcalua.exe -a "F:\תוכנות\mv 2\mv2p070RC2p.exe" -d "F:\תוכנות\mv 2" Task: {38ED6D04-0476-44FB-A005-C9B39B34F10B} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2015-04-27] (iolo technologies, LLC) Task: {566F4C5E-66BC-428C-86C7-6F2C9FD04803} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000Core => C:\Users\אלי חזן\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-17] (Google Inc.) Task: {577EFAAD-B167-4FC3-9EE8-709C12249ACB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {63808E19-35DC-4687-AE9F-F8C9D73BE882} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-21] (PC-Doctor, Inc.) Task: {7BEFC4B6-4083-4ACC-AA28-A4FD128AF48D} - System32\Tasks\{1F72DAF7-955F-44B7-9B90-738E9F9025E4} => pcalua.exe -a C:\install.exe -d C:\ Task: {948403CF-31D7-44B2-8E36-E0C131B321E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {9B95A4D0-AB06-4706-8DAE-10D79BB0431B} - System32\Tasks\iolo DelOnReboot => cmd.exe /c IF EXIST C:\ProgramData\iolo\ops\smrr.dll del /f C:\ProgramData\iolo\ops\smrr.dll Task: {A2F7BE4C-9C2C-4CF2-AAE3-ADDFFED242EA} - System32\Tasks\{CC599C56-8F7E-435F-8CE6-6024523134CF} => pcalua.exe -a "C:\1Bet2Bet Casino\Main Program\install.exe" -d "C:\Users\אלי חזן\Desktop\DOSSIERS TRAVAIL EN COURS\FAST" -c http://www.vivocasino.com/stg_admin/settings/FirstInitData.aspx?INITID=1bet IntegrationWindow,http://www.playlive21.com/stg_admin/settings/FirstInitData.aspx?INITID=1bet IntegrationWindow Task: {A57EC026-B367-461F-965D-C2BD6E75943C} - System32\Tasks\{810DF3AE-1491-4565-98A1-D408B78C94E3} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [2014-03-31] (Microsoft Corporation) Task: {A5CF6CEE-38DF-4A7C-8097-91F1F4092CB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.) Task: {B5198020-E1A6-44B8-922C-A1A559E030C1} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2014-05-06] (FTA ApS) <==== ATTENTION Task: {CFB65C21-D5FD-4C6A-AF54-991BB2099443} - System32\Tasks\{091E787B-DFF6-4A6C-9DBF-D27DC6A9F524} => pcalua.exe -a "F:\2520 dell\LOM_Realtek_W7_A00_Setup-36XY6_ZPE.exe" -d "F:\2520 dell" Task: {D3CD6336-5DB5-4DA9-BB0D-E1D137EC3774} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION Task: {DBA87D19-8BAB-49D1-945D-61355C00B774} - System32\Tasks\AmiUpdXp => C:\Users\אלי חזן\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION Task: {E3F05760-077B-4C7F-A68A-D2A4F02092A0} - System32\Tasks\{4D365D74-49AB-4422-BA61-EC9F6B136D1D} => pcalua.exe -a "C:\Users\אלי חזן\Downloads\ashield_2_setup_103.exe" -d "C:\Users\אלי חזן\Downloads" Task: {E43BC06E-638E-4BA0-A431-1896B128A46B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000UA => C:\Users\אלי חזן\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-17] (Google Inc.) Task: {E55641FA-D7EF-4C4F-AEB0-EE01745A27F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.) Task: {E5E5EC35-6093-449E-A705-49E21E9A18F8} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files (x86)\File Type Assistant\tsasetup.exe [2014-05-07] ( ) <==== ATTENTION Task: {F2208052-7B66-4718-AE8E-245C05904383} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.) Task: {FBAA0963-1820-43FD-807E-366BA034F0CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-05] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\אלי חזן\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000Core.job => C:\Users\אלי חזן\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-621799793-644846384-3821762763-1000UA.job => C:\Users\אלי חזן\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2012-08-31 17:44 - 2012-08-31 17:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-08-31 17:38 - 2012-08-31 17:38 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\fr-FR\BtTray.fr-FR.dll 2013-12-29 23:29 - 2015-06-27 21:40 - 00532784 _____ () C:\Users\אלי חזן\AppData\Roaming\cacaoweb\cacaoweb.exe 2012-09-14 23:56 - 2012-09-14 23:56 - 04982304 _____ () C:\Users\אלי חזן\AppData\Local\DirectDownloader\DirectDownloader.exe 2012-10-25 16:15 - 2009-08-04 18:27 - 00123392 _____ () C:\Program Files (x86)\ZTE\MF636\AutoDect.exe 2014-02-23 21:00 - 2015-07-28 13:38 - 00465648 _____ () C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe 2009-10-22 21:07 - 2009-10-22 21:07 - 00140288 _____ () C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\VsEvntUI.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2005-08-22 17:38 - 2005-08-22 17:38 - 03264512 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll 2015-04-14 12:09 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-07-26 23:22 - 2015-07-24 01:39 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libglesv2.dll 2015-07-26 23:22 - 2015-07-24 01:39 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libegl.dll 2015-07-26 23:22 - 2015-07-24 01:39 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-621799793-644846384-3821762763-1000\...\dell.com -> dell.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-621799793-644846384-3821762763-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\אלי חזן\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{A7F14EDA-2BAC-4599-8E4B-C018F3A13706}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe FirewallRules: [{3CE5B63A-7200-43F7-842D-95926836CB9C}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe FirewallRules: [{9B2C9FAB-6454-4071-B4CC-406D41FBD001}] => (Allow) C:\Users\אלי חזן\AppData\Local\DirectDownloader\DirectDownloader.exe FirewallRules: [{F1433135-F83C-4EE2-A4C5-EA6A7006BC5C}] => (Allow) C:\Users\אלי חזן\AppData\Local\DirectDownloader\DirectDownloader.exe FirewallRules: [{B18C7F6F-4694-4827-9866-9677240A6ABF}] => (Allow) LPort=4481 FirewallRules: [{6AB377B3-D06D-4096-AF7E-C35963765DC1}] => (Allow) LPort=4481 FirewallRules: [{6187A1B7-B155-4DC0-808D-3B744A65EDFD}] => (Allow) LPort=4482 FirewallRules: [{EF1A1CA5-5E4D-4A0D-A6F9-2AE01CCF02E2}] => (Allow) LPort=4482 FirewallRules: [TCP Query User{0D83872F-D8B4-4AB8-A4F6-D69F6D63BCF7}C:\users\אלי חזן\appdata\local\directdownloader\directdownloader.exe] => (Block) C:\users\אלי חזן\appdata\local\directdownloader\directdownloader.exe FirewallRules: [UDP Query User{0FB13C60-F1D3-433C-923D-7D5C084CB1C1}C:\users\אלי חזן\appdata\local\directdownloader\directdownloader.exe] => (Block) C:\users\אלי חזן\appdata\local\directdownloader\directdownloader.exe FirewallRules: [TCP Query User{B5EA137D-2E37-4282-9A0F-71F62CF155FD}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{522C34E6-FA96-45DA-B6D4-79CD0CF8EBF8}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [{F2FC2C7C-A050-490E-B359-65F3F3875C50}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe FirewallRules: [{28D908C9-703D-413B-A3D3-D22E625C4955}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe FirewallRules: [{8A237E40-7F22-4A69-8164-A3013A947318}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{087C6A45-692B-41C6-AF3F-D010D1D6057A}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{94D80B4B-FD82-4AC2-8790-E6DEC42FDF67}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{B2DF8A6C-DFFC-4C55-897A-945D7E81AB85}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{7F494FFD-F8C0-423E-A991-81C43C57E2AA}] => (Allow) LPort=4481 FirewallRules: [{D4C9B508-02DC-43CE-A6D1-8D630DCEE5A8}] => (Allow) LPort=4481 FirewallRules: [{5C3EC69A-2710-4F34-B555-CF532D777C82}] => (Allow) LPort=4482 FirewallRules: [{77A2DEBB-48FF-4562-BECD-C7A576E58EBC}] => (Allow) LPort=4482 FirewallRules: [{6D99F55C-F19D-4399-8CA6-B6C51E391D54}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe FirewallRules: [{04E56793-DFA2-4C11-9D59-6457037E5871}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{E495711D-9753-4C30-B0C4-BF89362272E3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{985F3CB1-30B2-4F37-97C2-C4E6092CFD3B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{13AFC327-EA57-494B-BAC3-ED2E3C1E4A78}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FDD94000-6820-4DD8-9462-863D98921B5D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{971CA07D-412A-4811-BF4F-2738216F69A2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{A82440E0-273E-48EA-BF5F-D4FE2E0D35D5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [{8B6A0419-A719-4198-9F67-AF0AB971517C}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe FirewallRules: [{8943170C-9BAF-45C5-8765-DB1510C4D14F}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe FirewallRules: [{5A32C179-C6AB-431B-B0FE-63590E99BDBA}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe FirewallRules: [{05D530D0-3279-49BB-9271-468C428CC4CC}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{A2F7CE39-C69E-40F0-9CC9-6511EC600298}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{E1A67886-2E4A-4D03-85EA-41E99E2F8537}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{EE9D7D81-B7D3-4D65-8A2A-69AC0D72B17C}] => (Allow) svchost.exe FirewallRules: [{1E50ACE9-8783-4F69-8636-D87D6B468AF4}] => (Allow) C:\Users\אלי חזן\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{AAC6DD8E-D98A-494D-ABC0-CD44517BA71B}] => (Allow) C:\Users\אלי חזן\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{43F018A6-4850-492A-A1D3-5F5B6831B904}] => (Allow) C:\Users\אלי חזן\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{45827469-95C4-4C2C-8888-337C7FCC9754}] => (Allow) C:\Users\אלי חזן\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{E922E899-24D8-43B5-B284-4902814B0590}] => (Allow) C:\Users\אלי חזן\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{447056C0-1EE7-4FC7-B680-567F5ABBD9D3}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{C8FB7983-EC35-4875-9238-707EB0A73244}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{2F79A2A7-98B3-4EC7-B1A9-21CF76B84BF0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{D5F873E5-8397-4835-ABEE-5FD2F9AE110E}C:\users\אלי חזן\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\אלי חזן\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [UDP Query User{A57E2FCD-E7FD-48C3-B2B7-B4BA5CC8E520}C:\users\אלי חזן\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\אלי חזן\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [TCP Query User{C8EC6DE6-4472-47D7-BB42-E2F17583034D}C:\users\אלי חזן\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\אלי חזן\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [UDP Query User{AA6A6822-39AA-451B-82BA-8C283934743E}C:\users\אלי חזן\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\אלי חזן\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [{3EAF5F34-E947-4175-98C6-76332AF17413}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe FirewallRules: [{3C8791C8-728B-4F56-A54E-CD0FB28BD4D7}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe FirewallRules: [{F76135F4-E974-4287-8A99-A76370AB6A9E}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe FirewallRules: [{96D24175-5BAA-4782-A526-040CD0BDF13C}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [{2261E686-54BF-4890-AEC8-CDD9FA7080A7}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [{D9350619-4B7B-4875-8764-5361FBF4111B}] => (Allow) C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{CAEE052A-2A24-4B43-87A9-ECB2D77EE405}] => (Allow) C:\Users\אלי חזן\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{C7011D80-BC22-4E6F-BABE-AA1AED4359DE}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe FirewallRules: [{4D2295C8-F970-47E7-ABD5-97131CD2635A}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe FirewallRules: [{5B8F2D67-235F-47A1-AFC5-A8E4845B829F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{92A0F5DC-C1DE-4586-9982-D1F9B2F30E0A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{E5CD1A29-79FB-4C5A-8176-C8E289056B6B}] => (Allow) LPort=2869 FirewallRules: [{386A6AB5-FB46-422F-87CF-19A669E0ACDE}] => (Allow) LPort=1900 FirewallRules: [{776A6172-D585-4FB1-8438-EC28E99230F5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{76195910-551D-4466-8C8A-35893C2ED1CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Microsoft Teredo Tunneling Adapter Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Périphérique Bluetooth Description: Périphérique Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/28/2015 04:25:25 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY) Description: Échec de l'initialisation du moteur MCSCAN32. Le moteur a renvoyé l'erreur : 3 Error: (07/28/2015 04:24:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante igfxpers.exe, version : 8.15.10.2849, horodatage : 0x50441ad7 Nom du module défaillant : ntdll.dll, version : 6.1.7601.18869, horodatage : 0x556366f2 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000004f7cf ID du processus défaillant : 0xf38 Heure de début de l’application défaillante : 0xigfxpers.exe0 Chemin d’accès de l’application défaillante : igfxpers.exe1 Chemin d’accès du module défaillant: igfxpers.exe2 ID de rapport : igfxpers.exe3 Error: (07/28/2015 03:41:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante igfxpers.exe, version : 8.15.10.2849, horodatage : 0x50441ad7 Nom du module défaillant : ntdll.dll, version : 6.1.7601.18869, horodatage : 0x556366f2 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000004f7cf ID du processus défaillant : 0xff8 Heure de début de l’application défaillante : 0xigfxpers.exe0 Chemin d’accès de l’application défaillante : igfxpers.exe1 Chemin d’accès du module défaillant: igfxpers.exe2 ID de rapport : igfxpers.exe3 Error: (07/28/2015 03:16:39 PM) (Source: MsiInstaller) (EventID: 10005) (User: ORDINATEURELIE) Description: Produit : Adobe Reader XI (11.0.12) - Français -- Erreur 2203. Base de données : C:\Windows\Installer\2abcbd.ipi. Impossible d'ouvrir le fichier de base de données. Erreur système -2147287035. Error: (07/28/2015 01:27:26 PM) (Source: MsiInstaller) (EventID: 10005) (User: ORDINATEURELIE) Description: Produit : Adobe Reader XI (11.0.12) - Français -- Erreur 2203. Base de données : C:\Windows\Installer\2abcbb.ipi. Impossible d'ouvrir le fichier de base de données. Erreur système -2147287035. Error: (07/28/2015 12:37:37 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY) Description: Échec de l'initialisation du moteur MCSCAN32. Le moteur a renvoyé l'erreur : 3 Error: (07/28/2015 12:37:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante igfxpers.exe, version : 8.15.10.2849, horodatage : 0x50441ad7 Nom du module défaillant : ntdll.dll, version : 6.1.7601.18869, horodatage : 0x556366f2 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000004f7cf ID du processus défaillant : 0x594 Heure de début de l’application défaillante : 0xigfxpers.exe0 Chemin d’accès de l’application défaillante : igfxpers.exe1 Chemin d’accès du module défaillant: igfxpers.exe2 ID de rapport : igfxpers.exe3 Error: (07/28/2015 10:40:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante igfxpers.exe, version : 8.15.10.2849, horodatage : 0x50441ad7 Nom du module défaillant : ntdll.dll, version : 6.1.7601.18869, horodatage : 0x556366f2 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000004f7cf ID du processus défaillant : 0xc5c Heure de début de l’application défaillante : 0xigfxpers.exe0 Chemin d’accès de l’application défaillante : igfxpers.exe1 Chemin d’accès du module défaillant: igfxpers.exe2 ID de rapport : igfxpers.exe3 Error: (07/28/2015 10:30:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service McAfee Application Installer Cleanup (0082651437946484) since QueryServiceConfig API failed System Error: ‏‏למערכת אין אפשרות לאתר את הקובץ שצוין. . Error: (07/28/2015 10:29:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service McAfee Application Installer Cleanup (0082651437946484) since QueryServiceConfig API failed System Error: ‏‏למערכת אין אפשרות לאתר את הקובץ שצוין. . System errors: ============= Error: (07/28/2015 04:28:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Intel(R) Management and Security Application User Notification Service dépend du service Intel(R) Management and Security Application Local Management Service qui n’a pas pu démarrer en raison de l’erreur : %%1058 Error: (07/28/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Update SerialTrunc n’a pas pu démarrer en raison de l’erreur : %%1053 Error: (07/28/2015 04:24:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Update SerialTrunc. Error: (07/28/2015 03:44:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Intel(R) Management and Security Application User Notification Service dépend du service Intel(R) Management and Security Application Local Management Service qui n’a pas pu démarrer en raison de l’erreur : %%1058 Error: (07/28/2015 03:42:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service McAfee Proxy Service dépend du service McAfee Firewall Core Service qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error: (07/28/2015 03:42:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service McAfee Personal Firewall Service dépend du service McAfee Firewall Core Service qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error: (07/28/2015 03:42:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service McAfee Firewall Core Service dépend du service McAfee Validation Trust Protection Service qui n’a pas pu démarrer en raison de l’erreur : %%1070 Error: (07/28/2015 03:42:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service McAfee McShield dépend du service McAfee Validation Trust Protection Service qui n’a pas pu démarrer en raison de l’erreur : %%1070 Error: (07/28/2015 03:42:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service McAfee AP Service dépend du service McAfee Validation Trust Protection Service qui n’a pas pu démarrer en raison de l’erreur : %%1070 Error: (07/28/2015 03:42:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service McAfee Validation Trust Protection Service est en attente de démarrage. Microsoft Office: ========================= Error: (07/28/2015 04:25:25 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY) Description: 3 Error: (07/28/2015 04:24:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: igfxpers.exe8.15.10.284950441ad7ntdll.dll6.1.7601.18869556366f2c0000005000000000004f7cff3801d0c938bab272ebC:\Windows\System32\igfxpers.exeC:\Windows\SYSTEM32\ntdll.dll01a0597b-352c-11e5-8c84-844bf5684854 Error: (07/28/2015 03:41:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: igfxpers.exe8.15.10.284950441ad7ntdll.dll6.1.7601.18869556366f2c0000005000000000004f7cfff801d0c932a39d8ba5C:\Windows\System32\igfxpers.exeC:\Windows\SYSTEM32\ntdll.dlle5e7da4e-3525-11e5-aa37-844bf5684854 Error: (07/28/2015 03:16:39 PM) (Source: MsiInstaller) (EventID: 10005) (User: ORDINATEURELIE) Description: Produit : Adobe Reader XI (11.0.12) - Français -- Erreur 2203. Base de données : C:\Windows\Installer\2abcbd.ipi. Impossible d'ouvrir le fichier de base de données. Erreur système -2147287035.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/28/2015 01:27:26 PM) (Source: MsiInstaller) (EventID: 10005) (User: ORDINATEURELIE) Description: Produit : Adobe Reader XI (11.0.12) - Français -- Erreur 2203. Base de données : C:\Windows\Installer\2abcbb.ipi. Impossible d'ouvrir le fichier de base de données. Erreur système -2147287035.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/28/2015 12:37:37 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY) Description: 3 Error: (07/28/2015 12:37:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: igfxpers.exe8.15.10.284950441ad7ntdll.dll6.1.7601.18869556366f2c0000005000000000004f7cf59401d0c918ed1b152fC:\Windows\System32\igfxpers.exeC:\Windows\SYSTEM32\ntdll.dll3b42a06b-350c-11e5-88a9-844bf5684854 Error: (07/28/2015 10:40:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: igfxpers.exe8.15.10.284950441ad7ntdll.dll6.1.7601.18869556366f2c0000005000000000004f7cfc5c01d0c9088f838f6fC:\Windows\System32\igfxpers.exeC:\Windows\SYSTEM32\ntdll.dlle254c952-34fb-11e5-b925-844bf5684854 Error: (07/28/2015 10:30:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service McAfee Application Installer Cleanup (0082651437946484) since QueryServiceConfig API failed System Error: ‏‏למערכת אין אפשרות לאתר את הקובץ שצוין. Error: (07/28/2015 10:29:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service McAfee Application Installer Cleanup (0082651437946484) since QueryServiceConfig API failed System Error: ‏‏למערכת אין אפשרות לאתר את הקובץ שצוין. CodeIntegrity Error: =================================== Date: 2012-11-26 18:43:22.792 Description: Windows ne peut pas v?rifier l’int?grit? d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Arovax Shield\dtd.sys, car le fichier ? hacher est introuvable sur le syst?me. Une modification mat?rielle ou logicielle r?cente a peut-?tre install? un fichier incorrectement sign? ou endommag? ou il s’agit ?ventuellement d’un logiciel malveillant d’une source inconnue. Date: 2012-11-26 18:43:22.698 Description: Windows ne peut pas v?rifier l’int?grit? d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Arovax Shield\dtd.sys, car le fichier ? hacher est introuvable sur le syst?me. Une modification mat?rielle ou logicielle r?cente a peut-?tre install? un fichier incorrectement sign? ou endommag? ou il s’agit ?ventuellement d’un logiciel malveillant d’une source inconnue. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz Percentage of memory in use: 82% Total physical RAM: 3973.51 MB Available physical RAM: 700.98 MB Total Virtual: 7945.22 MB Available Virtual: 4025.37 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:254.56 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D4B1CBFF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== End of log ============================