Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-08-2015 01 Ran by franckolivier (2015-08-09 18:15:22) Running from C:\Users\franckolivier\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-551633624-2773730029-2938369976-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-551633624-2773730029-2938369976-503 - Limited - Disabled) franckolivier (S-1-5-21-551633624-2773730029-2938369976-1002 - Administrator - Enabled) => C:\Users\franckolivier HomeGroupUser$ (S-1-5-21-551633624-2773730029-2938369976-1004 - Limited - Enabled) Invité (S-1-5-21-551633624-2773730029-2938369976-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-551633624-2773730029-2938369976-1002\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{723085B0-93FB-0E5A-D936-ACECA3D5D4F5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Apple Application Support (32 bits) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) Complément Office 2007 - Microsoft Enregistrer en tant que PDF ou XPS (Beta) (HKLM-x32\...\{30120000-00B2-040C-0000-0000000FF1CE}) (Version: 12.0.4407.1005 - Microsoft Corporation) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3201 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{7D3778C6-3BD5-42F7-BE2B-CCBAE1B3A982}) (Version: 1.1.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{3EDAF5B5-0CA9-4967-B103-FBFF1162C336}) (Version: 1.2.10 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 39.0.3 (x86 fr) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 fr)) (Version: 39.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla) Music Manager (HKU\S-1-5-21-551633624-2773730029-2938369976-1002\...\MusicManager) (Version: - Google, Inc.) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team) OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Nom de votre société) Popcorn Time (HKU\S-1-5-21-551633624-2773730029-2938369976-1002\...\Popcorn Time) (Version: - Popcorn Official) Ralink Bluetooth Stack64 (HKLM\...\{8A2E2A41-B814-407E-2F96-4E433C42AB78}) (Version: 11.0.739.0 - Mediatek) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29069 - Realtek Semiconductor Corp.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.19.726.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) scilab-5.5.2 (64-bit) (HKLM\...\scilab-5.5.2 (64-bit)_is1) (Version: - Scilab Enterprises) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-551633624-2773730029-2938369976-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\franckolivier\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 06-08-2015 12:44:14 Programme d’installation pour les modules Windows 09-08-2015 10:54:07 ZHPFix Restore System Point ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {0F64DC86-E3EA-46E5-A788-21903812A767} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {10F3F70B-0C8B-412B-9DCB-8D0A66945AFE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {113A7968-7161-453A-A3B9-A28A1206F97E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-21] (Hewlett-Packard) Task: {13620199-3F46-4732-B461-9E1D62BA06C1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-551633624-2773730029-2938369976-1002UA => C:\Users\franckolivier\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.) Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {1A42EFBF-1385-4771-B459-7BF1FB8D5D1D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation) Task: {1FC84D37-BE65-4315-B124-FDAD706901D9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {26471E68-51B8-4F48-AF4C-0BDD763B18FE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask Task: {38B787DB-66A4-427E-8184-330AFF5AB1AC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {3E3494F7-B4FF-4F4C-AD3B-701EE822B83D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-21] (Hewlett-Packard) Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {414AE584-CE8A-4C56-9CC3-AA0CAECDD7FB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask Task: {4564614B-C8BC-4D77-A999-E87B831526A9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {4E463A2A-8D6C-4D5E-BF14-3013A4F9B507} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask Task: {71E2C299-1255-4B4E-9188-B376373CB214} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {78EC5376-B5C6-4F47-989A-17D691AB8AC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-18] (Google Inc.) Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation) Task: {7AC307E1-F501-4363-99A6-D4DA789D5C47} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-18] (Google Inc.) Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation) Task: {88971EBC-5F9F-476B-BABB-ACD95875F6FB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-551633624-2773730029-2938369976-1002Core => C:\Users\franckolivier\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.) Task: {8C56F062-F1BA-438F-ACB1-2ACA4B164153} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {8D481CCA-8E82-477B-AE07-B47F36CC9237} - System32\Tasks\avastBCLRestartS-1-5-21-551633624-2773730029-2938369976-1002 => Chrome.exe Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-15] (Microsoft Corporation) Task: {8FD0BF41-75DF-4123-A4AB-F3D93B13C886} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-19] (Avast Software s.r.o.) Task: {9382096E-CD7C-4A3D-9CAB-CC3EABEDA794} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {9BA685A7-A25A-45B2-A6A5-9E19B67D69AC} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent Task: {9DC30B83-B502-4AE4-BCD0-210D5F19323A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {9E3F18A8-CC28-4A6E-AB00-FE6ED7E0C6F0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update Task: {AD004E35-832E-4194-9B27-665A5AF7FC34} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation) Task: {BD74DE6F-14C0-46A9-AD89-786D99AD89BA} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation) Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation Task: {C3FA0F3E-5BC2-423E-AF1C-3D180A58D269} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-06] (Synaptics Incorporated) Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {D21E42A1-A17D-4F96-B09D-2113C665F3A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation) Task: {DD727017-5303-4972-8969-B084023D4D8D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {E4C939DF-5AD9-4FD8-A9B7-427F99FA1330} - System32\Tasks\HPCeeScheduleForfranckolivier => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {E7379E22-C82C-40C8-8EF9-05DC3D701708} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.) Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation) Task: {F51F8D74-8B70-4125-B80E-8AB0E2CB4F68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {FAEE9E4D-9590-4BF1-9106-4F5039FE37EE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17] (Adobe Systems Incorporated) Task: {FB77D785-4D3B-47F2-9C2C-82B22BA4B916} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe [2015-07-16] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-551633624-2773730029-2938369976-1002Core.job => C:\Users\franckolivier\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-551633624-2773730029-2938369976-1002UA.job => C:\Users\franckolivier\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForfranckolivier.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => 0x000A0100562A5F05EE2AB342915BFCE9A46B1D744600D600000000003C000A00400000000014730F0000000003130400202080010000000000000000000000000000000000002E0043003A005C00500072006F006700720061006D002000460069006C00650073005C00530079006E006100700074006900630073005C00530079006E00540050005C00530079006E005400500045006E0068002E006500780065000000000000000F00530079006E00610070007400690063007300200049006E0063002E0000000000000008000313040000000000010030000000DF07080006000000000000000B002C0000000000000000000000000007000000010000000000000000000000 ==================== Loaded Modules (Whitelisted) ============== 2015-08-06 15:41 - 2015-07-15 04:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2013-10-14 11:23 - 2013-10-14 11:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe 2013-10-14 11:24 - 2013-10-14 11:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll 2013-10-14 11:25 - 2013-10-14 11:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2013-10-14 11:22 - 2013-10-14 11:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2013-10-14 11:22 - 2013-10-14 11:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2013-10-14 11:22 - 2013-10-14 11:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2013-10-14 11:35 - 2013-10-14 11:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2013-10-14 11:35 - 2013-10-14 11:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2015-08-06 15:41 - 2015-07-11 03:22 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-08-06 15:42 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-06 15:42 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-08-06 15:43 - 2015-08-02 03:37 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 13:00 - 2015-07-10 18:28 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-08-06 15:42 - 2015-08-02 03:34 - 01806848 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-08-06 15:42 - 2015-08-02 03:35 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 13:00 - 2015-07-10 18:28 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2013-10-14 11:30 - 2013-10-14 11:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2015-08-06 14:00 - 2015-08-06 14:01 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2015-08-06 14:00 - 2015-08-06 14:01 - 11284480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-07-10 18:32 - 2015-07-10 18:32 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll 2015-08-06 14:00 - 2015-08-06 14:01 - 07824896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2015-08-06 14:00 - 2015-08-06 14:01 - 02062336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2015-08-06 15:42 - 2015-07-30 07:17 - 02590560 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll 2015-08-06 15:42 - 2015-07-30 07:34 - 02108256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll 2015-04-24 12:10 - 2015-04-24 12:10 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-04-24 12:10 - 2015-04-24 12:10 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-08-08 20:56 - 2015-08-08 20:56 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080801\algo.dll 2015-08-09 16:25 - 2015-08-09 16:25 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080900\algo.dll 2015-08-05 16:46 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll 2015-08-05 16:46 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\franckolivier\OneDrive:ms-properties AlternateDataStreams: C:\Users\franckolivier\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-551633624-2773730029-2938369976-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\franckolivier\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\cowboy-bebop-wallpaper-hd-1920x12002.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdaptiveSleepService => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AERTFilters => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: AMD FUEL Service => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: Cachedrv server => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HP Support Assistant Service => 2 MSCONFIG\Services: hpqwmiex => 3 MSCONFIG\Services: hpsrv => 2 MSCONFIG\Services: HPWMISVC => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: omniserv => 2 MSCONFIG\Services: RtkAudioService => 2 HKLM\...\StartupApproved\Run32: => "AvastUI.exe" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-551633624-2773730029-2938369976-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-551633624-2773730029-2938369976-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_62D1EFF25AF09D0529E896984871BA48" HKU\S-1-5-21-551633624-2773730029-2938369976-1002\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-551633624-2773730029-2938369976-1002\...\StartupApproved\Run: => "MusicManager" HKU\S-1-5-21-551633624-2773730029-2938369976-1002\...\StartupApproved\Run: => "Google Update" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{693C5EB7-28D9-4BF3-826F-732953F8273E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{8171A3FF-D28D-429D-BB75-0A980688A61B}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [UDP Query User{39B5239F-7789-4E0D-86C2-40B3EA782DF6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{8D3935D9-B4DF-4BD6-B40C-BB7D88BC8410}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{8DB1E640-CA71-4CDE-A73E-0F560946CD21}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{5020DC25-5C69-4FB8-9608-48BF5B3881C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{1968F77F-BF9E-4872-93E3-9F84EE8E78E0}C:\users\franckolivier\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\franckolivier\appdata\local\popcorn time\nw.exe FirewallRules: [TCP Query User{7754CE01-D7FC-437B-BB01-18A8EE95DCAE}C:\users\franckolivier\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\franckolivier\appdata\local\popcorn time\nw.exe FirewallRules: [{12ABEC62-381A-4F39-83A8-5DEDBFB95672}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2AC5B0B2-E6F8-4B7E-B284-5630509F4558}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0C60DCBF-F1F6-405D-B5EC-45B7B93A6D37}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D3ED25B0-DA9D-486D-BC2D-BA8FB26CFA2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7E98A6EB-634C-48F8-8BE8-A93035D4E5D9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe FirewallRules: [{4B7C80E2-F548-48DC-8CC8-9963EE0855E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{FD99DEAD-9D32-4408-B109-FBFFA113C8C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4684D47E-9522-4D93-9948-3F67AA8211FB}] => (Allow) C:\Users\franckolivier\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{278058D5-3548-4DF6-8633-42D3923218AF}] => (Allow) C:\Users\franckolivier\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{946F025D-BC84-46DE-8256-B1258F9D7266}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{29527B05-1B6C-4329-B2BB-1B750C0D0591}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{071016C4-EB74-424C-985F-9E1EC06E846B}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{75FBC998-A22B-4187-B1D2-A39193C66443}] => (Allow) LPort=1900 FirewallRules: [{D5C56DDB-AF6A-4C24-936B-DF1A3E778549}] => (Allow) LPort=2869 FirewallRules: [{AA66E375-6E76-47DE-98BA-1634B0A230D8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{39557891-99B9-4413-B4D7-766353181C4D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe ==================== Faulty Device Manager Devices ============= Name: Écran tactile HID Description: Écran tactile HID Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: (Périphériques système standard) Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: AMD Radeon HD 8210 Graphics Description: AMD Radeon HD 8210 Graphics Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: Advanced Micro Devices, Inc. Service: amdkmdap Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (08/09/2015 05:44:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3917312 Error: (08/09/2015 05:44:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3917312 Error: (08/09/2015 05:44:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/09/2015 04:38:57 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10265 Error: (08/09/2015 04:38:57 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10265 Error: (08/09/2015 04:38:57 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/09/2015 04:38:56 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8812 Error: (08/09/2015 04:38:56 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8812 Error: (08/09/2015 04:38:56 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/09/2015 04:38:54 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7328 System errors: ============= Error: (08/09/2015 12:25:13 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (08/09/2015 12:21:42 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.55. L’ordinateur avec l’adresse IP 192.168.1.46 n’a pas permis que le nom soit réclamé par cet ordinateur. Error: (08/09/2015 12:20:07 PM) (Source: DCOM) (EventID: 10010) (User: P4POU) Description: Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.1 Error: (08/09/2015 12:20:07 PM) (Source: DCOM) (EventID: 10010) (User: P4POU) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Error: (08/09/2015 12:20:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Accès aux données utilisateur_Session1 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (08/09/2015 12:20:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Stockage des données utilisateur_Session1 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (08/09/2015 12:20:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Données de contacts_Session1 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (08/09/2015 12:20:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Hôte de synchronisation_Session1 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (08/09/2015 11:31:40 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (08/09/2015 11:26:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Search n’a pas pu démarrer en raison de l’erreur : %%1069 Microsoft Office: ========================= ==================== Memory info =========================== Processor: AMD A4-1250 APU with Radeon(TM) HD Graphics Percentage of memory in use: 51% Total physical RAM: 3542.26 MB Available physical RAM: 1709.26 MB Total Virtual: 4886.26 MB Available Virtual: 2946.27 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:448.21 GB) (Free:340.05 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:16.3 GB) (Free:1.6 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EFE33014) Partition: GPT Partition Type. ==================== End of log ============================