Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015 Ran by Malou at 2015-07-12 09:49:41 Running from C:\Users\Malou\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-330494155-2752027403-16672403-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-330494155-2752027403-16672403-1003 - Limited - Enabled) Invité (S-1-5-21-330494155-2752027403-16672403-501 - Limited - Disabled) Malou (S-1-5-21-330494155-2752027403-16672403-1001 - Administrator - Enabled) => C:\Users\Malou manon (S-1-5-21-330494155-2752027403-16672403-1004 - Limited - Enabled) => C:\Users\manon ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Internet Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Internet Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.191 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{8D6CCB94-05E3-753A-5ED7-97495EA8AEFF}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden EcoSmart Live Connection Manager (HKLM-x32\...\EcoSmart Live Connection Manager) (Version: 1.8.4.0 - EcoTech Marine) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time) Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{F9E399CB-046F-45FD-A67F-CF399E2128E4}) (Version: 4.2.9.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard) HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{A2E95309-79F3-41E5-94C7-6D7FD6D7BBC3}) (Version: 1.2.0.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent) HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company) HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.9.1002 - Intel Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) LeapFrog Connect (French) (HKLM-x32\...\UPCShell) (Version: 6.1.1.19530 - LeapFrog) LeapFrog Connect (x32 Version: 6.1.1.19530 - LeapFrog) Hidden LeapFrog LeapPad Explorer Plugin (x32 Version: 6.1.1.19530 - LeapFrog) Hidden Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Office « Démarrer en un clic » 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation) Microsoft Office Starter 2010 - Français (HKLM-x32\...\{90140011-0066-040C-0000-0000000FF1CE}) (Version: 14.0.6137.5006 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-330494155-2752027403-16672403-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-330494155-2752027403-16672403-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated) Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version: 6.1.1.19530 - LeapFrog) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-330494155-2752027403-16672403-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Malou\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 18-06-2015 21:36:09 Windows Update 29-06-2015 22:10:32 Windows Update 04-07-2015 11:17:37 HPSF Applying updates ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1D8244C0-A0E9-4D55-ADB5-F1A0FA9D3EAA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) Task: {3D0603DF-0A57-48B7-A37C-102A8E7BF6D4} - \BrowserDefendert No Task File <==== ATTENTION Task: {45CCE1DA-F216-4C36-B1B0-A0FBBBCBDCB5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {62699A82-18E6-4B61-8F07-EC8D1A1E1FBB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard) Task: {6680327C-51D2-4036-93C6-5703597DC8AB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-12] (Adobe Systems Incorporated) Task: {67AD8AB4-61F0-491B-9767-68600872D577} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard) Task: {6CC6FD97-9990-4CA8-A715-63C78AC91BBF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {766A9474-3794-4E52-8765-DF940975C5F2} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-330494155-2752027403-16672403-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {8113E8C0-81B4-4525-9826-9FE53CE1F084} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-29] (Google Inc.) Task: {821045C2-3166-44CA-B018-85AFF8213BAB} - System32\Tasks\BoxSoftwareUpdate => C:\ProgramData\BoxUpdChk\updchk.exe <==== ATTENTION Task: {8BE00D93-B9AD-45C0-AE67-33E69CB5EC4E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation) Task: {A862808B-0E79-4259-AB8B-F81DF8E0C937} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION Task: {AA70F85A-0031-4C9D-B305-C771C445A26E} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {B25CA6C8-8E40-4720-969D-EEE912403433} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-12] (CyberLink) Task: {B36DB053-FFCA-42D7-89F9-1FD273122AA0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN38H1FGRS => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard) Task: {B845B0A1-EFD4-4D00-A434-921A6E652F56} - System32\Tasks\HPCeeScheduleForMalou => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {BFB973A9-FB8E-4286-81CA-8197F79DF16C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-29] (Google Inc.) Task: {E040EC61-111F-4B40-B808-C9AED1624502} - System32\Tasks\{3283E831-7B9B-48B1-80AD-757F3C940F32} => pcalua.exe -a "C:\Program Files (x86)\WebConnect\WebConnectUn.exe" -c REP_ Task: {E480FBB1-F1BF-4329-AA22-48158A70F660} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-18] (Microsoft Corporation) Task: {EDA6DA4C-4C84-42D8-8CD9-12BBA1944412} - System32\Tasks\SoftwareUpdateTaskMachineUA => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION Task: {F9280E84-CE09-418D-8AE7-A840B649B9A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {FACB4B07-011E-4EA5-A707-F216D258EDEB} - \Yahoo! Search No Task File <==== ATTENTION Task: {FB3A362E-88CA-4415-B84B-0789F4D0D302} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForMalou.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (Whitelisted) ============== 2012-10-12 18:22 - 2012-10-12 18:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll 2012-10-12 18:22 - 2012-10-12 18:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll 2012-10-12 18:22 - 2012-10-12 18:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll 2014-01-25 03:22 - 2014-01-25 03:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-07-27 19:06 - 2015-06-29 22:48 - 00532784 _____ () C:\Users\Malou\AppData\Roaming\cacaoweb\cacaoweb.exe 2014-03-28 13:15 - 2014-03-28 13:15 - 00120224 _____ () C:\Users\Malou\AppData\Local\assembly\dl3\V3C5KBQ6.T1K\YX4N1LQK.A3D\3a34ddec\004b58b8_95a8cd01\HPItunesModule.DLL 2015-07-12 08:49 - 2015-07-12 08:49 - 02743376 _____ () C:\Program Files (x86)\Google\Update\Install\{69D31D41-5F43-480D-87FC-3A3312580BBE}\43.0.2357.132_43.0.2357.130_chrome_updater.exe 2015-01-23 13:52 - 2015-01-23 13:52 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\792c83fb2203c6d38076bb854dea9861\PSIClient.ni.dll 2012-12-28 20:05 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-02-01 13:30 - 2014-02-01 13:30 - 00861184 _____ () C:\Users\Malou\Documents\Travail Man\LeapFrog Connect\platforms\qwindows.dll 2015-06-29 23:01 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll 2015-06-29 23:01 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll 2015-06-29 23:01 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\Users\Malou\OneDrive:ms-properties AlternateDataStreams: C:\Users\Malou\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-330494155-2752027403-16672403-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Malou\AppData\Roaming\Microsoft\Windows Photo Viewer\Papier peint de la Visionneuse de photos Windows.jpg HKU\S-1-5-21-330494155-2752027403-16672403-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Malou\AppData\Roaming\Microsoft\Windows Photo Viewer\Papier peint de la Visionneuse de photos Windows.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{0FD2E2EA-7FF7-4118-8002-95EA8040B3BB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{06405A21-8186-4A5C-B4EF-8AA679947F51}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{91CDD203-5765-484A-A846-2FDD8C0DAD24}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{9BAB6699-A07D-4BE0-8A56-E0C43F41DEB6}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{549C9796-80C7-4B4E-84A5-70A8F9B600DE}] => (Allow) LPort=1900 FirewallRules: [{1EAC932B-795C-4619-9FE1-4EE02904D65E}] => (Allow) LPort=2869 FirewallRules: [{D8173DFF-8590-42E8-98D4-8F13EA1B262B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{C85734C3-8460-45BB-BCA7-0D7D39515138}] => (Allow) C:\Users\Malou\Documents\Travail Man\LeapFrog Connect\LeapfrogConnect.exe FirewallRules: [TCP Query User{163D9F28-CB9F-4104-A1B6-24C0C9276C9F}C:\users\malou\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\malou\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [UDP Query User{C4989CF8-A6BC-4725-9C52-BBA3A882DEB5}C:\users\malou\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\malou\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [{F62DD04A-2640-4378-B5A0-7AC7F7B7EAF7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{99667BF4-CDA9-47BE-83B0-08C2B1F9C2B4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{653EBD21-5C3C-4E66-877A-314191AC005B}] => (Allow) LPort=53000 FirewallRules: [{0FCDAB06-13E1-4F9D-A174-6F4C46FC37E0}] => (Allow) LPort=52000 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/12/2015 09:17:18 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 524 Heure de début : 01d0bc721275a3e1 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : 0600a208-2866-11e5-bef1-7446a07a0bc6 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/12/2015 09:17:02 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme wwahost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : fa8 Heure de début : 01d0bc7207635d8f Heure de fin : 4294967295 Chemin d’accès de l’application : C:\WINDOWS\syswow64\wwahost.exe ID de rapport : fbc5c093-2865-11e5-bef1-7446a07a0bc6 Nom complet du package défaillant : Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c ID de l’application relative au package défaillant : App Error: (07/12/2015 08:50:08 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 5c8 Heure de début : 01d0bac959c2128c Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : 3a44fc39-2862-11e5-bef1-7446a07a0bc6 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/12/2015 08:45:39 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme backgroundTaskHost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1ba0 Heure de début : 01d0bc6da5c2bdff Heure de fin : 4294967295 Chemin d’accès de l’application : C:\WINDOWS\system32\backgroundTaskHost.exe ID de rapport : 9951647c-2861-11e5-bef1-7446a07a0bc6 Nom complet du package défaillant : Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt ID de l’application relative au package défaillant : App Error: (07/12/2015 08:35:35 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2005) (User: AUTORITE NT) Description: There was an error communicating to the Orion DCS server Error: (07/10/2015 06:32:11 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/09/2015 06:11:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 17e0 Heure de début : 01d0ba61235c8340 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : 1bbe0c52-2655-11e5-bef1-7446a07a0bc6 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/09/2015 06:08:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme backgroundTaskHost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1cb4 Heure de début : 01d0ba60b688627c Heure de fin : 4294967295 Chemin d’accès de l’application : C:\WINDOWS\system32\backgroundTaskHost.exe ID de rapport : abb00a9e-2654-11e5-bef1-7446a07a0bc6 Nom complet du package défaillant : Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt ID de l’application relative au package défaillant : App Error: (07/09/2015 06:05:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1a18 Heure de début : 01d0ba605c622bca Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : 5256a4a8-2654-11e5-bef1-7446a07a0bc6 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/08/2015 06:54:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAN) Description: Échec de l’activation de l’application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. System errors: ============= Error: (07/12/2015 08:26:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service ShellHWDetection. Error: (07/12/2015 08:25:55 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service BITS. Error: (07/08/2015 06:54:47 AM) (Source: DCOM) (EventID: 10010) (User: MAN) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (07/08/2015 06:54:42 AM) (Source: DCOM) (EventID: 10010) (User: MAN) Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1 Error: (07/08/2015 06:54:42 AM) (Source: DCOM) (EventID: 10010) (User: MAN) Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 Error: (07/07/2015 07:39:38 PM) (Source: DCOM) (EventID: 10010) (User: MAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (07/07/2015 07:39:38 PM) (Source: DCOM) (EventID: 10010) (User: MAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (07/04/2015 11:20:50 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Le maître explorateur a reçu une annonce de serveur de l’ordinateur LIVEBOX qui pense qu’il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{BD4DD881-D2B9-4277-83E9-07E3E58ACD45}. Le maître explorateur s’arrête ou une élection est provoquée. Error: (07/04/2015 09:11:02 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Le maître explorateur a reçu une annonce de serveur de l’ordinateur LIVEBOX qui pense qu’il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{BD4DD881-D2B9-4277-83E9-07E3E58ACD45}. Le maître explorateur s’arrête ou une élection est provoquée. Error: (07/04/2015 07:24:42 AM) (Source: Schannel) (EventID: 4119) (User: AUTORITE NT) Description: Une alerte irrécupérable a été reçue du point de terminaison distant. Le code d’alerte irrécupérable défini par protocole de TLS est 40. Microsoft Office: ========================= Error: (07/12/2015 09:17:18 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2091152401d0bc721275a3e14294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe0600a208-2866-11e5-bef1-7446a07a0bc6microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/12/2015 09:17:02 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.17415fa801d0bc7207635d8f4294967295C:\WINDOWS\syswow64\wwahost.exefbc5c093-2865-11e5-bef1-7446a07a0bc6Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp Error: (07/12/2015 08:50:08 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.209115c801d0bac959c2128c4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe3a44fc39-2862-11e5-bef1-7446a07a0bc6microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/12/2015 08:45:39 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: backgroundTaskHost.exe6.3.9600.174151ba001d0bc6da5c2bdff4294967295C:\WINDOWS\system32\backgroundTaskHost.exe9951647c-2861-11e5-bef1-7446a07a0bc6Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp Error: (07/12/2015 08:35:35 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2005) (User: AUTORITE NT) Description: -2147012894 Error: (07/10/2015 06:32:11 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/09/2015 06:11:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2091117e001d0ba61235c83404294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe1bbe0c52-2655-11e5-bef1-7446a07a0bc6microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/09/2015 06:08:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: backgroundTaskHost.exe6.3.9600.174151cb401d0ba60b688627c4294967295C:\WINDOWS\system32\backgroundTaskHost.exeabb00a9e-2654-11e5-bef1-7446a07a0bc6Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp Error: (07/09/2015 06:05:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.209111a1801d0ba605c622bca4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe5256a4a8-2654-11e5-bef1-7446a07a0bc6microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/08/2015 06:54:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage of memory in use: 52% Total physical RAM: 6035.77 MB Available physical RAM: 2891.27 MB Total Virtual: 6996.27 MB Available Virtual: 3306 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:908.17 GB) (Free:765.38 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:22.13 GB) (Free:2.65 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: A8A5834B) Partition: GPT Partition Type. ==================== End of log ============================