Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015 Ran by Benjamin at 2015-07-23 19:57:01 Running from C:\Users\Benjamin\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-249751736-1960304294-1742026601-500 - Administrator - Disabled) Benjamin (S-1-5-21-249751736-1960304294-1742026601-1002 - Administrator - Enabled) => C:\Users\Benjamin HomeGroupUser$ (S-1-5-21-249751736-1960304294-1742026601-1004 - Limited - Enabled) Invité (S-1-5-21-249751736-1960304294-1742026601-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Apple Application Support (32 bits) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3703 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2531 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.2627 - CyberLink Corp.) CyberLink Webcam Sharing Manager 4 (HKLM-x32\...\InstallShield_{296F7F3B-C75A-45e9-AD22-CC19DF86E9D3}) (Version: 4.2.1.1419 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.3801 - CyberLink Corp.) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Evernote v. 4.6 (HKLM-x32\...\{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}) (Version: 4.6.0.7670 - Evernote Corp.) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM-x32\...\{84663FDA-1374-4048-9869-DD4A8784785A}) (Version: 6.0.16.1 - Hewlett-Packard Company) HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.1.0.1451 - Hewlett-Packard Company) HP Device Access Manager (HKLM\...\{274A948D-DD41-4B8F-B66F-0F4AD233200F}) (Version: 8.0.0.4 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{F3F74675-3700-4C55-A9AC-924D4E36DC40}) (Version: 1.1.2.0 - Hewlett-Packard) HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.5.1.138 - Hewlett-Packard Company) HP ESU for Microsoft Windows 8 (HKLM-x32\...\{482FF7A0-EA03-487A-9112-862D3341B76C}) (Version: 1.2.1 - Hewlett-Packard Company) HP File Sanitizer (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 8.1.1.1 - Hewlett-Packard Company) HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.25 - SunplusIT) HP Hotkey Support (HKLM-x32\...\{57FA60DA-585F-456A-B80E-17D1CDD22A30}) (Version: 5.0.27.1 - Hewlett-Packard Company) HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard) HP SoftPaq Download Manager (HKLM-x32\...\{3F728815-C7E8-40EA-8D1A-F7B8E2382325}) (Version: 3.4.10.0 - Hewlett-Packard Company) HP Software Setup (HKLM-x32\...\{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}) (Version: 8.5.4.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard) HP System Default Settings (HKLM-x32\...\{987210BB-D707-48FC-88FA-4374765D108D}) (Version: 2.0.1 - Hewlett-Packard Company) HP Theft Recovery (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 8.0.0.6 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) HP Wireless Hotspot (HKLM-x32\...\{A161E705-44B9-4B5F-A5F8-8E5847AEA86B}) (Version: 1.0.24.1 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6454.0 - IDT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3993 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.5.1006 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.) Le Cloud d'Orange - Transfert de fichiers (HKU\S-1-5-21-249751736-1960304294-1742026601-1002\...\Le Cloud d'Orange - Transfert de fichiers) (Version: 2.0.7 - Orange-France) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Office XP Professional avec FrontPage (HKLM-x32\...\{9028040C-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.4330.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla) PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.33 - PDF Complete, Inc) Ralink Bluetooth Stack64 (HKLM\...\{9041BE08-21DA-4916-EC0B-9375C5B624D9}) (Version: 11.0.737.1 - Mediatek) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.21.0 - Mediatek) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.11.201.2013 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.7 - Realtek Semiconductor Corp.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.24.4 - Synaptics Incorporated) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-249751736-1960304294-1742026601-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 01-07-2015 22:16:06 Point de contrôle planifié 08-07-2015 20:29:41 Windows Update 15-07-2015 11:32:06 Windows Update 23-07-2015 19:47:24 Programme d’installation pour les modules Windows ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B42D189-9F26-462C-973D-5507E9BA7F7C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {2F57A884-BD71-408E-AE7E-6897CEFB98ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {41875DC5-3C35-409A-A0C8-C22D7AEF9FF9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {4C0F829C-7F60-4182-B571-F1417B2C558D} - \upfs7235 No Task File <==== ATTENTION Task: {66C4A5DC-FE44-451A-B2D6-F708BFAC2EE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {753DE57D-6300-4251-A6C4-87B040794589} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {7BBA544C-4C9B-4375-9E42-D0CCA2B14A5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {923FE27C-EAB5-439A-9303-D0CAAE44CAF5} - System32\Tasks\HPCeeScheduleForBenjamin => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {DC9E99AE-08B7-4C8F-BBA1-C17B43E44C5F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {E63B56BF-AC37-4C17-A3B6-223ADDB2D0C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForBenjamin.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (Whitelisted) ============== 2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-01-17 17:57 - 2012-01-17 17:57 - 00298368 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll 2013-01-10 14:35 - 2013-01-10 14:35 - 00009728 _____ () C:\windows\system32\BsHelpCSps.dll 2014-12-13 00:25 - 2014-12-13 00:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2013-01-10 14:30 - 2013-01-10 14:30 - 00022528 _____ () C:\WINDOWS\system32\BsTrace.dll 2013-01-10 14:35 - 2013-01-10 14:35 - 00055296 _____ () C:\windows\system32\BlueSoleilCSps.dll 2013-03-06 15:38 - 2013-03-06 15:38 - 03020504 _____ () c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll 2013-01-10 12:25 - 2013-01-10 12:25 - 00364544 _____ () C:\windows\system32\BsExtendFunc.dll 2015-02-12 21:18 - 2015-02-12 21:18 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\4a948ae8c1d5d288220edf3f0b4178ee\PSIClient.ni.dll 2013-09-27 13:51 - 2012-10-22 10:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-01-10 14:30 - 2013-01-10 14:30 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll 2013-01-31 18:04 - 2013-01-31 18:04 - 00080120 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll 2013-01-10 12:25 - 2013-01-10 12:25 - 00364544 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll 2013-01-10 14:35 - 2013-01-10 14:35 - 00009728 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll 2013-01-10 14:35 - 2013-01-10 14:35 - 00055296 _____ () C:\windows\SYSTEM32\BlueSoleilCSps.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Benjamin\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-249751736-1960304294-1742026601-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Benjamin\Pictures\crozon\IMG_8311. 2.png DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{51D7CC67-E392-4FFB-997E-58012F3BE145}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{BD37FAAF-226E-4440-8336-78A7109B634A}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{5FBCC9D5-C4BB-499D-95D4-F51F522D7093}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{EB6C1352-C207-4A4A-B22D-7477BD37A0C1}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{35EFF541-633B-4148-83A6-35E4F3AE56A6}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{B34E1404-23B7-4D54-89FE-AFE89FD5E50C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [TCP Query User{72AD87F2-DB5C-40C6-84E6-486B8975852A}C:\users\benjamin\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\benjamin\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [UDP Query User{ECAC60FA-2C3D-4317-BFBC-361CABAA94E5}C:\users\benjamin\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\benjamin\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [{5E76A29C-49CD-4F47-851A-C0CBB5A7EB5F}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{C8662554-0093-4E57-B951-D263B0FF7D27}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{5198A715-56F3-49C6-AEDF-FAFDBF3C7904}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2686EB54-D5B0-4789-A033-8B4E33273BA7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{DFA88B11-1D03-4C9A-A8AC-2B25F92B7E48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{52A39916-9104-4F73-B15B-947B7334730C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2C60C2C4-0DD6-4F0B-97BE-683F52E0BCA4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{88F58598-98F2-4271-82C8-ABD57221B109}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9D286823-40BA-4A7A-80C0-49C145AB51ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E190968D-EEB8-4AF7-9F97-E18B83889124}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4E791D79-6710-4760-9A6A-AA4697E37BE0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1308A04B-F69A-4909-90AF-34E93B45DF83}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{6B5D79B9-F944-4F8E-AB78-C9C23C91146C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{5F2BDF70-505D-49F8-8971-5037EB36319A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{57CBE781-5BCA-49B7-92F3-32E35FEFC698}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{41C9BCFF-6737-4931-84D6-27D9B531C2BA}C:\users\benjamin\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\benjamin\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [UDP Query User{647DFE64-7BF3-49C0-8164-893CA2A0719A}C:\users\benjamin\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\benjamin\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [{5164570C-6802-41C9-908C-9767B9497E7C}] => (Allow) C:\Program Files\iTunes\iTunes.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/23/2015 07:56:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante BlueSoleilCS.exe, version : 11.0.736.0, horodatage : 0x510a4797 Nom du module défaillant : tl_filter.dll, version : 0.0.0.0, horodatage : 0x512716fd Code d’exception : 0xc0000094 Décalage d’erreur : 0x000107b3 ID du processus défaillant : 0x222c Heure de début de l’application défaillante : 0xBlueSoleilCS.exe0 Chemin d’accès de l’application défaillante : BlueSoleilCS.exe1 Chemin d’accès du module défaillant: BlueSoleilCS.exe2 ID de rapport : BlueSoleilCS.exe3 Nom complet du package défaillant : BlueSoleilCS.exe4 ID de l’application relative au package défaillant : BlueSoleilCS.exe5 Error: (07/23/2015 07:55:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante BtTray.exe, version : 11.0.736.0, horodatage : 0x50ee504d Nom du module défaillant : combase.dll, version : 6.3.9600.17415, horodatage : 0x54503d84 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0002b8d3 ID du processus défaillant : 0x2d0 Heure de début de l’application défaillante : 0xBtTray.exe0 Chemin d’accès de l’application défaillante : BtTray.exe1 Chemin d’accès du module défaillant: BtTray.exe2 ID de rapport : BtTray.exe3 Nom complet du package défaillant : BtTray.exe4 ID de l’application relative au package défaillant : BtTray.exe5 Error: (07/23/2015 07:55:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante BlueSoleilCS.exe, version : 11.0.736.0, horodatage : 0x510a4797 Nom du module défaillant : tl_filter.dll, version : 0.0.0.0, horodatage : 0x512716fd Code d’exception : 0xc0000094 Décalage d’erreur : 0x000107b3 ID du processus défaillant : 0x12f4 Heure de début de l’application défaillante : 0xBlueSoleilCS.exe0 Chemin d’accès de l’application défaillante : BlueSoleilCS.exe1 Chemin d’accès du module défaillant: BlueSoleilCS.exe2 ID de rapport : BlueSoleilCS.exe3 Nom complet du package défaillant : BlueSoleilCS.exe4 ID de l’application relative au package défaillant : BlueSoleilCS.exe5 Error: (07/23/2015 07:54:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante BlueSoleilCS.exe, version : 11.0.736.0, horodatage : 0x510a4797 Nom du module défaillant : tl_filter.dll, version : 0.0.0.0, horodatage : 0x512716fd Code d’exception : 0xc0000094 Décalage d’erreur : 0x000107b3 ID du processus défaillant : 0x2034 Heure de début de l’application défaillante : 0xBlueSoleilCS.exe0 Chemin d’accès de l’application défaillante : BlueSoleilCS.exe1 Chemin d’accès du module défaillant: BlueSoleilCS.exe2 ID de rapport : BlueSoleilCS.exe3 Nom complet du package défaillant : BlueSoleilCS.exe4 ID de l’application relative au package défaillant : BlueSoleilCS.exe5 Error: (07/23/2015 07:54:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Explorer.EXE, version : 6.3.9600.17667, horodatage : 0x54c6f7c2 Nom du module défaillant : combase.dll, version : 6.3.9600.17415, horodatage : 0x545044f9 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003a02f ID du processus défaillant : 0x2314 Heure de début de l’application défaillante : 0xExplorer.EXE0 Chemin d’accès de l’application défaillante : Explorer.EXE1 Chemin d’accès du module défaillant: Explorer.EXE2 ID de rapport : Explorer.EXE3 Nom complet du package défaillant : Explorer.EXE4 ID de l’application relative au package défaillant : Explorer.EXE5 Error: (07/23/2015 07:54:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante BlueSoleilCS.exe, version : 11.0.736.0, horodatage : 0x510a4797 Nom du module défaillant : tl_filter.dll, version : 0.0.0.0, horodatage : 0x512716fd Code d’exception : 0xc0000094 Décalage d’erreur : 0x000107b3 ID du processus défaillant : 0x2638 Heure de début de l’application défaillante : 0xBlueSoleilCS.exe0 Chemin d’accès de l’application défaillante : BlueSoleilCS.exe1 Chemin d’accès du module défaillant: BlueSoleilCS.exe2 ID de rapport : BlueSoleilCS.exe3 Nom complet du package défaillant : BlueSoleilCS.exe4 ID de l’application relative au package défaillant : BlueSoleilCS.exe5 Error: (07/23/2015 07:54:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante BlueSoleilCS.exe, version : 11.0.736.0, horodatage : 0x510a4797 Nom du module défaillant : tl_filter.dll, version : 0.0.0.0, horodatage : 0x512716fd Code d’exception : 0xc0000094 Décalage d’erreur : 0x000107b3 ID du processus défaillant : 0x2a7c Heure de début de l’application défaillante : 0xBlueSoleilCS.exe0 Chemin d’accès de l’application défaillante : BlueSoleilCS.exe1 Chemin d’accès du module défaillant: BlueSoleilCS.exe2 ID de rapport : BlueSoleilCS.exe3 Nom complet du package défaillant : BlueSoleilCS.exe4 ID de l’application relative au package défaillant : BlueSoleilCS.exe5 Error: (07/23/2015 07:49:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante BlueSoleilCS.exe, version : 11.0.736.0, horodatage : 0x510a4797 Nom du module défaillant : tl_filter.dll, version : 0.0.0.0, horodatage : 0x512716fd Code d’exception : 0xc0000094 Décalage d’erreur : 0x000107b3 ID du processus défaillant : 0x1a14 Heure de début de l’application défaillante : 0xBlueSoleilCS.exe0 Chemin d’accès de l’application défaillante : BlueSoleilCS.exe1 Chemin d’accès du module défaillant: BlueSoleilCS.exe2 ID de rapport : BlueSoleilCS.exe3 Nom complet du package défaillant : BlueSoleilCS.exe4 ID de l’application relative au package défaillant : BlueSoleilCS.exe5 Error: (07/23/2015 07:47:02 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Échec de la création d’un point de restauration (Processus = C:\WINDOWS\system32\svchost.exe -k netsvcs ; Description = Windows Update ; Erreur = 0x81000101). Error: (07/22/2015 10:30:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 14594 System errors: ============= Error: (07/23/2015 07:56:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service BlueSoleilCS s’est terminé de façon inattendue pour la 16ème fois. Error: (07/23/2015 07:55:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service BlueSoleilCS s’est terminé de façon inattendue pour la 15ème fois. Error: (07/23/2015 07:54:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service BlueSoleilCS s’est terminé de façon inattendue pour la 14ème fois. Error: (07/23/2015 07:54:16 PM) (Source: DCOM) (EventID: 10016) (User: BEN) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}benBenjaminS-1-5-21-249751736-1960304294-1742026601-1002LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/23/2015 07:54:15 PM) (Source: DCOM) (EventID: 10016) (User: BEN) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}benBenjaminS-1-5-21-249751736-1960304294-1742026601-1002LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/23/2015 07:54:15 PM) (Source: DCOM) (EventID: 10016) (User: BEN) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}benBenjaminS-1-5-21-249751736-1960304294-1742026601-1002LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/23/2015 07:54:15 PM) (Source: DCOM) (EventID: 10016) (User: BEN) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}benBenjaminS-1-5-21-249751736-1960304294-1742026601-1002LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/23/2015 07:54:15 PM) (Source: DCOM) (EventID: 10016) (User: BEN) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}benBenjaminS-1-5-21-249751736-1960304294-1742026601-1002LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/23/2015 07:54:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service BlueSoleilCS s’est terminé de façon inattendue pour la 13ème fois. Error: (07/23/2015 07:54:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service BlueSoleilCS s’est terminé de façon inattendue pour la 12ème fois. Microsoft Office: ========================= Error: (07/23/2015 07:56:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll0.0.0.0512716fdc0000094000107b3222c01d0c570f349c576C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exec:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll3554fc1c-3164-11e5-bf20-a45d36cb64ad Error: (07/23/2015 07:55:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BtTray.exe11.0.736.050ee504dcombase.dll6.3.9600.1741554503d84c00000050002b8d32d001d0c56fbf5810aeC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exeC:\WINDOWS\SYSTEM32\combase.dllf3d549cd-3163-11e5-bf20-a45d36cb64ad Error: (07/23/2015 07:55:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll0.0.0.0512716fdc0000094000107b312f401d0c570b14a284cC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exec:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dllf382fd1c-3163-11e5-bf20-a45d36cb64ad Error: (07/23/2015 07:54:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll0.0.0.0512716fdc0000094000107b3203401d0c5709c585562C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exec:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dlldf0c6cc2-3163-11e5-bf20-a45d36cb64ad Error: (07/23/2015 07:54:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.3.9600.1766754c6f7c2combase.dll6.3.9600.17415545044f9c0000005000000000003a02f231401d0c56face551f3C:\WINDOWS\Explorer.EXEC:\WINDOWS\SYSTEM32\combase.dlld2e471d1-3163-11e5-bf20-a45d36cb64ad Error: (07/23/2015 07:54:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll0.0.0.0512716fdc0000094000107b3263801d0c5708fcd04c2C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exec:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dlld1f585d7-3163-11e5-bf20-a45d36cb64ad Error: (07/23/2015 07:54:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll0.0.0.0512716fdc0000094000107b32a7c01d0c5708a5f0891C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exec:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dllcc870011-3163-11e5-bf20-a45d36cb64ad Error: (07/23/2015 07:49:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BlueSoleilCS.exe11.0.736.0510a4797tl_filter.dll0.0.0.0512716fdc0000094000107b31a1401d0c56fd67472d7C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exec:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll1fd1df02-3163-11e5-bf20-a45d36cb64ad Error: (07/23/2015 07:47:02 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\WINDOWS\system32\svchost.exe -k netsvcsWindows Update0x81000101 Error: (07/22/2015 10:30:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 14594 ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz Percentage of memory in use: 57% Total physical RAM: 3946.58 MB Available physical RAM: 1665.29 MB Total Virtual: 4650.58 MB Available Virtual: 1924.17 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:452.18 GB) (Free:414.55 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (Recovery Image) (Fixed) (Total:11.66 GB) (Free:1.15 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: A50E1C7D) Partition: GPT Partition Type. ==================== End of log ============================