cjoint

Publicité


Publicité

Commentaire : Post concernant respectsales

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Bilal at 2015-07-07 14:05:00
Running from C:\Users\Bilal\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-578134203-3297583026-2780488463-500 - Administrator - Disabled)
Bilal (S-1-5-21-578134203-3297583026-2780488463-1002 - Administrator - Enabled) => C:\Users\Bilal
HomeGroupUser$ (S-1-5-21-578134203-3297583026-2780488463-1006 - Limited - Enabled)
Invité (S-1-5-21-578134203-3297583026-2780488463-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AirDroid 3.0.2 (HKLM-x32\...\AirDroid) (Version: 3.0.2 - Sand Studio)
AMD Catalyst Install Manager (HKLM\...\{1F56414D-D7F6-2DBF-BF65-1AC1A8609C03}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Freemake Video Converter version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{01BA2999-D426-422B-AD01-9937288E55F9}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{1D9458B5-414A-419E-824B-5F8AA148884E}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Kodi (HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\Kodi) (Version: - XBMC-Foundation)
Ma-Config.com (64 bits) (HKLM\...\{9A3C5DC9-EEA9-4FB2-855A-26FE6DA733EA}) (Version: 7.1.3.1 - Cybelsoft)
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 fr) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 fr)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Popcorn Time (HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\Popcorn Time) (Version: - Popcorn Official)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
RealtimeBoard Extension (HKLM-x32\...\{3F7D597C-7512-F73C-B0F3-5D711BC91948}) (Version: - ) <==== ATTENTION
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{DD51BA84-F589-4939-B5FE-5538B3DCC12E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

14-06-2015 13:46:14 Programme d’installation pour les modules Windows
24-06-2015 17:08:36 Windows Update
03-07-2015 17:02:42 Configuré IDT Audio

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {109031AC-735D-4FFF-921E-F595D6CC0981} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {13CC56FB-6BFF-4B76-9C97-BD498F294648} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-13] (Microsoft Corporation)
Task: {24E3203E-3E63-48AB-8AA4-8A14BC4C71DB} - System32\Tasks\{8824CDDB-E7DB-4AAF-8D15-5592B7F8BFCE} => pcalua.exe -a "C:\Program Files\WaIEn\WWE_uninstall.exe"
Task: {269CA3A6-C584-45F0-9B2D-0AE1473CE24F} - System32\Tasks\{2B2425DB-CBC3-418A-A698-FB7AD557A14B} => pcalua.exe -a C:\Users\Bilal\Desktop\SAMSUNG_USB_Driver_for_Mobile_Phones.exe -d C:\Users\Bilal\Desktop
Task: {274E06D2-9BCC-4B19-93BA-A4E2D518B49E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {30A25FD7-12B9-43EF-87F7-BC56A48F8669} - System32\Tasks\IceApps => c:\programdata\{7269a95d-4b22-9cfb-7269-9a95d4b2a575}\4500723289744478748b.exe <==== ATTENTION
Task: {48084026-1F10-425B-8BCB-9B95648D4C5C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {6CC000AD-4042-41D1-B523-6F299DD43F85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {740DA809-A60D-46DD-84CA-324FA0EE3AB0} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {7FC2A69C-B07D-4CC3-8B38-39D3BC9D1F95} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {86C94DF3-BF64-43FF-856B-F4E31FB94E18} - System32\Tasks\{A2C68F9A-E154-4766-819A-5ACA78C4C0BF} => pcalua.exe -a C:\Users\Bilal\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {9AA71FB6-0542-4E72-90F7-DCB1E685B74B} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pak-bilal@live.fr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {A376B785-6287-4B1E-95DE-476AE6A1A48E} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {A435BAEA-0853-44B7-93BF-A5FE6290BB4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A99423B2-D67C-46F3-B416-DD71112443C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {BF43FED9-D037-44FF-8063-FA213374B3ED} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C2194EF4-A0FD-40A4-B7AD-4EEC425550EF} - System32\Tasks\{C3A64EF0-CC5F-4589-A1CD-ECB36B4A0915} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/fr/abandoninstall?page=tsProgressBar
Task: {C4657D09-A4B0-454E-9D9A-AD86D256C24A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {C73B260D-2C56-4BF2-8D70-3664421B8533} - System32\Tasks\PasswordMumbo => c:\programdata\{b0dda288-d64d-7775-b0dd-da288d648a23}\5768476833741419087b.exe <==== ATTENTION
Task: {C7B19C5D-B8FD-4AFF-A26D-59E74469B5CA} - System32\Tasks\Bidaily Synchronize Task[pr] => c:\programdata\{13b227df-ebca-4c01-13b2-227dfebc9f7f}\cricket-captain-apk_data.exe <==== ATTENTION
Task: {CE30EDBC-7D69-4504-A7A9-73983146EC74} - System32\Tasks\EasyUpgrade => c:\programdata\{c486f0f6-78b7-4805-c486-6f0f678bc3d9}\9149047432138979398b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[pr].job => c:\programdata\{13b227df-ebca-4c01-13b2-227dfebc9f7f}\cricket-captain-apk_data.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\EasyUpgrade.job => c:\programdata\{c486f0f6-78b7-4805-c486-6f0f678bc3d9}\9149047432138979398b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\IceApps.job => c:\programdata\{7269a95d-4b22-9cfb-7269-9a95d4b2a575}\4500723289744478748b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PasswordMumbo.job => c:\programdata\{b0dda288-d64d-7775-b0dd-da288d648a23}\5768476833741419087b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-25 14:15 - 2015-06-18 12:22 - 00062464 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-10 21:26 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-10 21:26 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2014-08-22 13:16 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-06-10 21:26 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Bilal\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\ma-config.com -> hxxp://ma-config.com
IE trusted site: HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\ma-config.com -> hxxps://ma-config.com
IE trusted site: HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\touslesdrivers.com -> hxxp://touslesdrivers.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-578134203-3297583026-2780488463-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Bilal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.21.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "fst_fr_354"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\StartupApproved\StartupFolder: => "iptv99.rar.lnk"
HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_67DEBAD8C6D90901D7D3E662054FAEB3"
HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\StartupApproved\Run: => "AirDroid 3"
HKU\S-1-5-21-578134203-3297583026-2780488463-1002\...\StartupApproved\Run: => "cacaoweb"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{878997E8-DFCF-470B-95C9-D7AE9642AC92}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7C95CC6A-154B-4772-9422-10644F262F3B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A24C6F14-30DB-4462-9A93-AD6E3129BF2B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7C1F1014-3FFD-4C9F-A32A-203C656EB913}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4CE82FD0-CDF6-42D6-9280-55A83002B45D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{550BB939-0E3C-4CD3-92CB-8894142A2A72}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{872E5376-9661-431A-A07B-98B5E5E70670}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C252BFE4-6AA3-44C1-9375-282693C2B0FA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B1896615-D2A7-4A06-A3C0-E14736FBA3B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DE09DA1F-5B65-4152-96CC-70668A6F1CEE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{981C0298-5FDD-4564-87D9-EBC5CAD18609}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6B103FAC-9C04-4AF1-B4EC-F8DA9EC77681}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{48B7B32C-21AA-46CA-BD95-61545D1A9940}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{438F10E1-2FCA-41C6-A891-E6F3AEDC39D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7971697B-D9CA-40E7-8CF6-5372D681F061}] => (Allow) LPort=48113
FirewallRules: [{E0D7F7AB-3DBE-4929-8164-FE4138A84A11}] => (Allow) LPort=48114
FirewallRules: [{C4B12B39-A969-4DF4-9227-86E46E1597DE}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [{69CD0862-46E8-42FB-A129-D5662F6D9D27}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [TCP Query User{E61FD9C4-AAF8-4346-91E7-B41FFEB4C2A0}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{D1A1579B-1DE6-4D47-B16F-00A686359B7E}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{BA06ECDC-666B-4806-A2D9-841E713B1C51}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{306DF421-CDB7-46C6-A3F2-188D37677E9A}C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\bilal\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [{4C3C509F-E7E1-4BF8-9C15-B4FFD3AF58A5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{93059AF9-15FD-4245-A666-0878D1024ACC}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{EC63693C-F970-43B8-AD2C-897B87C0EF41}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{5CCA9E21-97D1-4FDE-BD15-E1FE06F33197}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{02354344-EC47-41D6-A4ED-A775B51BE26A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [TCP Query User{F752196F-18A0-4CDF-A8F2-E0474148CBC0}C:\users\bilal\downloads\cacaoweb.exe] => (Allow) C:\users\bilal\downloads\cacaoweb.exe
FirewallRules: [UDP Query User{4EFD7E97-8D62-42AE-A4DA-564C9EFD46A8}C:\users\bilal\downloads\cacaoweb.exe] => (Allow) C:\users\bilal\downloads\cacaoweb.exe
FirewallRules: [TCP Query User{12909A5B-811E-407C-8FA7-205F5E8577EB}C:\program files (x86)\airdroid\airdroid.exe] => (Block) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{C6B161D3-0927-4626-B307-9DC508061C4F}C:\program files (x86)\airdroid\airdroid.exe] => (Block) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{073FA5B1-CC2C-4E04-B91E-428D7E355A02}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{DD0E5D4D-E4DD-4A1E-8E2D-1E3A547EDB9D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{6DB77F67-23CE-47F2-89B0-E4409DF968EC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B4FC8946-E516-4BB0-A352-A7BB6CB0B5CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{41145925-3A18-4290-9B36-A7D05DE2FC05}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FFC9F285-7B8D-488E-B04E-60BDBA3E8B6F}] => (Allow) LPort=2869
FirewallRules: [{A914EDEA-F608-44FC-88FE-41F1999B884C}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{7419281E-5BCC-450C-988C-5F1F0C7CC328}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{C8C046D2-0898-4A5C-98A3-4EB83A2AC0A0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{D35A1C9D-C168-47CA-BE32-C1520B671C1D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{18926D68-2377-4906-B4E2-D89101E835C9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{C449414E-DB90-439A-B123-CFF5E873364B}C:\users\bilal\desktop\cacaoweb.exe] => (Block) C:\users\bilal\desktop\cacaoweb.exe
FirewallRules: [UDP Query User{51D8AE75-9445-4EB7-9C4B-39D30926DFF4}C:\users\bilal\desktop\cacaoweb.exe] => (Block) C:\users\bilal\desktop\cacaoweb.exe
FirewallRules: [TCP Query User{78592110-B54B-43E9-9AA5-CEF00241DDAA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7B98FC07-A81D-4367-8553-101EFA71EBB9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{BD317BEB-AB83-4E06-A1CD-422981D9F618}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{CEBB9A52-EB2A-4A71-83DE-E70D725C3459}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{71970ACA-1A51-456E-AC9A-A0E045E1544D}C:\users\bilal\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\bilal\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{F27E107A-8710-450A-80D7-D52E6C624AFB}C:\users\bilal\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\bilal\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{82270BC1-F4AA-4FA5-B6BE-B334B97CCDCE}C:\users\bilal\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\bilal\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{F3DBCC50-EF9C-421A-B107-63519B7E4010}C:\users\bilal\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\bilal\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{A88D1E1A-C580-4A23-BDA1-DEDEE8B98CB7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A7AAEE65-7B85-4E04-8FC9-DF62333AC853}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{C16303AF-7240-4904-8C96-E66A06CC3733}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{F0EF4F3E-C0DD-4380-86FE-5102201E5B95}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{60603DF0-A5E1-4F45-BA47-3292F279053B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2015 09:11:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4453

Error: (07/05/2015 09:11:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4453

Error: (07/05/2015 09:11:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2015 08:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16485

Error: (07/02/2015 08:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16485

Error: (07/02/2015 08:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/01/2015 03:50:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3391

Error: (07/01/2015 03:50:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3391

Error: (07/01/2015 03:50:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/01/2015 00:51:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14797


System errors:
=============
Error: (07/07/2015 01:40:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur :
%%2

Error: (07/07/2015 01:38:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service AppEx Networks Accelerator LWF n’a pas pu démarrer en raison de l’erreur :
%%31

Error: (07/07/2015 01:38:28 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)

Error: (07/07/2015 01:37:44 PM) (Source: DCOM) (EventID: 10010) (User: PAK-BILAL)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/07/2015 01:37:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.

Error: (07/07/2015 01:37:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service IconMan_R s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.

Error: (07/07/2015 01:37:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service HP Support Assistant Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.

Error: (07/07/2015 01:37:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service HP Software Framework Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (07/07/2015 01:37:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.

Error: (07/07/2015 01:37:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service SAMSUNG Mobile Connectivity Service s’est terminé de façon inattendue pour la 1ème fois.


Microsoft Office:
=========================
Error: (07/05/2015 09:11:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4453

Error: (07/05/2015 09:11:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4453

Error: (07/05/2015 09:11:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2015 08:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16485

Error: (07/02/2015 08:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16485

Error: (07/02/2015 08:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/01/2015 03:50:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3391

Error: (07/01/2015 03:50:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3391

Error: (07/01/2015 03:50:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/01/2015 00:51:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14797


CodeIntegrity Errors:
===================================
Date: 2015-07-05 14:50:11.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-03 16:57:58.524
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.tmp because the set of per-page image hashes could not be found on the system.

Date: 2015-07-03 16:52:37.169
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-03 16:51:59.609
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-03 16:51:52.837
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-03 13:18:25.792
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-03 13:18:06.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-02 20:44:37.151
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-02 20:44:32.217
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-02 20:44:31.770
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 56%
Total physical RAM: 3682.26 MB
Available physical RAM: 1609.67 MB
Total Virtual: 4322.26 MB
Available Virtual: 1816.36 MB

==================== Drives ================================

Drive b: (Bilal) (Fixed) (Total:292.97 GB) (Free:243.19 GB) NTFS
Drive c: () (Fixed) (Total:384.03 GB) (Free:290.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:20.43 GB) (Free:2.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 5D651180)

Partition: GPT Partition Type.

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité