cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:09-05-2016
Exécuté par xx_me_000 (2016-05-05 15:37:32)
Exécuté depuis C:\Users\xx_me_000.admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-25 23:36:50)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-1957099983-3428316577-1129562819-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1957099983-3428316577-1129562819-503 - Limited - Disabled)
Invité (S-1-5-21-1957099983-3428316577-1129562819-501 - Limited - Disabled)
xx_me_000 (S-1-5-21-1957099983-3428316577-1129562819-1001 - Administrator - Enabled) => C:\Users\xx_me_000.admin

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1503, 26.09.2015 - AIMP DevTeam)
Apple Application Support (32 bits) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft ShowBiz DVD 2 (HKLM-x32\...\{CE636486-7E13-4051-9067-AFC4E1B8F54E}) (Version: - )
ArcSoft ShowBiz DVD 2.0 (Shared Components) (HKLM-x32\...\Uninstaller_B2DD9000_ArcSoft ShowBiz DVD 2.0) (Version: 2.60.30 - element5)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.11.160129 - )
BlueStacks App Player (HKLM-x32\...\{D344124B-146F-4F88-BE04-2BBB077F13E4}) (Version: 2.1.7.5658 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.58.1.0 - Conexant)
Driver Booster 3.3 (HKLM-x32\...\Driver Booster_is1) (Version: 3.3 - IObit)
DriverPack Solution Updater (HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\DRPSu Updater) (Version: 0.0.25 - DriverPack Solution)
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Free Video Call Recorder for Skype (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.41.119 - DVDVideoSoft Ltd.)
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.50 - Conexant Systems)
Hear (HKLM\...\{4E341B88-61A8-4C28-A3F0-9021898AD3C2}_is1) (Version: - Joesoft)
iCamSource (HKLM-x32\...\{C4A49370-477C-4C38-A14A-2F74C6BE218C}) (Version: 2.8 - SKJM, LLC)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
iTools 3 (HKLM-x32\...\ThinkSky) (Version: - Shenzhen Thinksky Technology Co., Ltd.)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
K-Lite Codec Pack 11.8.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.5 - KLCP)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - )
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
MiniTool Power Data Recovery Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Edition_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 44.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 fr)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301036}) (Version: 7.02.9753 - Nero AG)
Omega 1.1 (HKLM-x32\...\{1CF704EF-627B-4957-8B50-5AE4B07EF7B9}_is1) (Version: - iCordForum.com)
Opera developer 38.0.2213.0 (HKLM-x32\...\Opera 38.0.2213.0) (Version: 38.0.2213.0 - Opera Software)
Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation)
Package de pilotes Windows - Intel(R) Corporation (IntcHdmiAddService) MEDIA (03/15/2010 6.10.01.2089) (HKLM\...\047BDBFD6561DF2506361AF76759B32A722FEB56) (Version: 03/15/2010 6.10.01.2089 - Intel(R) Corporation)
Paltalk Messenger 11.7 (HKLM-x32\...\Paltalk Messenger) (Version: 11.7.619.17690 - AVM Software Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PicosmosTools 1.3.5.0 (HKLM-x32\...\PicosmosTools) (Version: 1.3.5.0 - Free Time)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
RegRun Reanimator (HKLM-x32\...\UnHackMe Update - Reanimator_is1) (Version: - Greatis Software, LLC.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.19.9599 - SoftEther VPN Project)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.0.7.0 - Synaptics)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
UsbFix (HKLM-x32\...\Usbfix) (Version: 8.228 - El Desaparecido - www.usb-antivirus.com - www.sosvirus.net)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.8.1.6.MultiLanguage - )
Windows 10 Manager (HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\Windows 10 Manager 1.1.0) (Version: 1.1.0 - Yamicsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
ZamTalk version 4.2.3 (HKLM-x32\...\{BB7D921C-8262-4491-AED3-FCF24B0C03C5}_is1) (Version: 4.2.3 - ZamTalk)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
Zoiper (HKLM-x32\...\Zoiper) (Version: 3.9 - Securax LTD)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-1957099983-3428316577-1129562819-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\xx_me_000.admin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {325D0573-9055-46D1-A0AD-5B81D252ACEE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation)
Task: {35C69148-81B7-44D2-893F-D52708B62196} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {364E00E2-87C2-4C44-A7DB-F70C45B2B2CB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {551292A5-B20E-4374-AE9B-64933FA615C9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-14] (Adobe Systems Incorporated)
Task: {7AB6B03B-C302-4220-B48B-F0846903FB95} - System32\Tasks\iToolsDaemon => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe [2016-02-02] ()
Task: {90AC3C17-B77D-426F-8641-82D5AB670047} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {AB7D7F67-B08C-4D7B-832B-10F1F5864ABC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {E6404544-AEA6-4280-B551-2F97AB675F2C} - System32\Tasks\Opera scheduled Autoupdate 1461270643 => C:\Program Files (x86)\Opera developer\launcher.exe [2016-04-28] (Opera Software)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-14 00:45 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 00:45 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-26 00:09 - 2015-12-26 00:09 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-14 00:40 - 2016-04-02 04:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-14 00:43 - 2016-04-02 04:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-14 00:42 - 2016-04-02 03:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-14 00:44 - 2016-04-02 03:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-14 00:44 - 2016-04-02 04:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-26 15:31 - 2015-12-26 15:31 - 00218112 _____ () C:\Program Files (x86)\AIMP3\System\libsoxr.dll
2015-12-26 15:31 - 2015-12-26 15:31 - 00467968 _____ () C:\Program Files (x86)\AIMP3\System\Encoders\libFLAC.dll
2015-12-26 15:31 - 2015-12-26 15:31 - 01733120 _____ () C:\Program Files (x86)\AIMP3\System\Encoders\aimp_libvorbis.dll
2015-12-26 15:31 - 2015-12-26 15:31 - 00059976 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_AnalogMeter\aimp_AnalogMeter.dll
2015-12-26 15:31 - 2015-12-26 15:31 - 00160840 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_cdda\aimp_cdda.dll
2015-12-26 15:31 - 2015-12-26 15:31 - 00159232 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_sacd\libsacd.dll
2015-12-26 15:31 - 2015-12-26 15:31 - 00026624 _____ () C:\Program Files (x86)\AIMP3\Plugins\Aorta\Aorta.dll
2015-12-26 15:31 - 2015-12-26 15:31 - 00237568 _____ () C:\Program Files (x86)\AIMP3\Plugins\OptimFROG\OptimFROG.dll
2015-12-26 15:31 - 2015-12-26 15:31 - 00152648 _____ () C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)


==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2013-08-22 14:25 - 2016-05-05 15:51 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xx_me_000.admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdUpdaterSvc => 3
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: License Management Service ESD => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SEVPNCLIENT => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HandyAndy.lnk"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "DrvUpdater"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "Uninstall C:\Users\xx_me_000.admin\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "Uninstall C:\Users\xx_me_000.admin\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "ZamTalk"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "DVSSkypeRecorder"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "WebcamMaxAutoRun"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "Uninstall C:\Users\xx_me_000.admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "Uninstall C:\Users\xx_me_000.admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202"
HKU\S-1-5-21-1957099983-3428316577-1129562819-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F60090AA-FD05-49A1-831D-96201AF81F16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ED347A7F-5FCA-4450-BF33-570390F2204F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3CACF1C1-D079-477C-8DA9-B1816BA83D6E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0F922F53-19E1-4BE3-8A11-E5D58EE53367}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9AD60B66-893B-46B1-8C92-A8B78B4E15AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BC16D5E6-65AC-44E0-8E3F-D4F74E351410}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3F2000C9-3262-4793-9063-BD9C30D790B8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6FCF48EC-90C6-4087-86B1-D28591C6E655}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{91CB0E95-9F00-4ACD-A20C-070F509F1CB6}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{831FF29B-C7A3-463D-8E51-D93DD4EDA2CE}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{975A4755-9E53-490F-A4B4-F4174736C939}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{8AB750D1-A0D6-4A42-A7DA-DC6AC129D53E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{448E2C28-07A4-44D1-908A-7F9E93238531}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{7DEFC7A6-9ADD-4634-ABBE-B5B083DC2864}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5B5DAE8B-3943-4C77-8D2E-E79A87FAF9F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8839DEED-7BA4-42A1-9943-ECA8A4177370}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BBA1552A-C3CC-464B-966A-EFE336724322}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5110BE1C-0385-43D5-A7E4-CC5CA91C2F12}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DD842229-DB11-496F-A77B-799E2065F958}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{46DF7ED9-A97B-454A-992E-EFFAD17DC7A9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4B6D5896-46E1-4A50-B61F-4FBC4963739D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{0E951967-A2C7-4A73-8585-2A97FE084A88}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{DC9B4ECF-1634-4665-B4B9-2EF66FCD2756}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [TCP Query User{A20DA3E5-FCDD-4821-BAD4-D627482BECF4}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe
FirewallRules: [UDP Query User{366CCC59-042F-4257-9D8B-2E562D3F7FAC}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe
FirewallRules: [{0CD0184E-2545-42B8-A4E9-9033D42D1EEC}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{24A564CE-6253-4A3D-B86C-5AA460E17250}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{FAFC351B-7A46-4AE4-A078-A326817AFE10}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4A008A67-7A2C-45EA-BF83-D0FCD457C5BF}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [TCP Query User{02F201CD-3918-440C-9D44-3FC0ECE6A180}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{9C2589A7-FA69-4BE8-A1B9-3BB2BDD795DA}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [TCP Query User{B24CBF13-0730-46F8-876B-AB769E854148}C:\program files (x86)\internet download manager\iemonitor.exe] => (Block) C:\program files (x86)\internet download manager\iemonitor.exe
FirewallRules: [UDP Query User{8EF023C5-A528-4FE3-85F4-56DD47C11E8B}C:\program files (x86)\internet download manager\iemonitor.exe] => (Block) C:\program files (x86)\internet download manager\iemonitor.exe
FirewallRules: [TCP Query User{D6351024-0449-4629-BB1F-645952E2E765}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{D6330ED6-D164-4A4A-A07C-BB62794FCFAD}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{3F2A06E3-6373-4E88-A143-0421E4717E85}] => (Allow) LPort=8317
FirewallRules: [{F749B7A0-EA3D-4F96-879C-1CBF8173638B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Points de restauration =========================

01-05-2016 13:40:10 Point de contrôle planifié
05-05-2016 15:40:50 RegRun Virus Scan
05-05-2016 15:43:33 RegRun Virus Scan
05-05-2016 15:50:27 Restore Point Created by FRST
05-05-2016 16:10:12 Driver Booster : Contrôleur AHCI SATA standard
05-05-2016 16:13:07 JRT Pre-Junkware Removal

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (05/05/2016 04:15:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante SynTPEnh.exe, version : 11.0.7.0, horodatage : 0x47ec4a06
Nom du module défaillant : SynTPEnh.exe, version : 11.0.7.0, horodatage : 0x47ec4a06
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000003cdce
ID du processus défaillant : 0x1724
Heure de début de l’application défaillante : 0xSynTPEnh.exe0
Chemin d’accès de l’application défaillante : SynTPEnh.exe1
Chemin d’accès du module défaillant: SynTPEnh.exe2
ID de rapport : SynTPEnh.exe3
Nom complet du package défaillant : SynTPEnh.exe4
ID de l’application relative au package défaillant : SynTPEnh.exe5

Error: (05/05/2016 04:13:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.

System Error:
Accès refusé.
.

Error: (05/05/2016 03:37:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante JunkFileCleaner.exe, version : 1.7.0.0, horodatage : 0x56f8f62c
Nom du module défaillant : clr.dll, version : 4.6.1078.0, horodatage : 0x56e1ef6c
Code d’exception : 0xc00000fd
Décalage d’erreur : 0x0000000000164b48
ID du processus défaillant : 0x9e4
Heure de début de l’application défaillante : 0xJunkFileCleaner.exe0
Chemin d’accès de l’application défaillante : JunkFileCleaner.exe1
Chemin d’accès du module défaillant: JunkFileCleaner.exe2
ID de rapport : JunkFileCleaner.exe3
Nom complet du package défaillant : JunkFileCleaner.exe4
ID de l’application relative au package défaillant : JunkFileCleaner.exe5


Erreurs système:
=============
Error: (05/05/2016 04:08:04 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/05/2016 03:40:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Accès aux données utilisateur_26c58 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (05/05/2016 03:40:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Stockage des données utilisateur_26c58 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (05/05/2016 03:40:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Données de contacts_26c58 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (05/05/2016 03:40:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Hôte de synchronisation_26c58 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (05/05/2016 03:40:07 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible


CodeIntegrity:
===================================
Date: 2016-05-05 16:08:12.311
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-05 16:08:11.624
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-05 16:16:39.643
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-05 16:16:39.156
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-05 16:16:34.207
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-05 16:16:33.977
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-05 16:08:57.839
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-05 16:08:57.634
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-05 16:08:57.383
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-05-05 16:08:56.674
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Infos Mémoire ===========================

Processeur: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Pourcentage de mémoire utilisée: 50%
Mémoire physique - RAM - totale: 1979.19 MB
Mémoire physique - RAM - disponible: 970.61 MB
Mémoire virtuelle totale: 2683.19 MB
Mémoire virtuelle disponible: 1516.71 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:116.65 GB) (Free:59.06 GB) NTFS
Drive d: () (Fixed) (Total:115.7 GB) (Free:59.37 GB) NTFS
Drive e: () (Removable) (Total:7.83 GB) (Free:5.88 GB) FAT32

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 17D417D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=115.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.8 GB) (Disk ID: 01F2F0A8)
Partition 1: (Not Active) - (Size=7.8 GB) - (Type=0C)

==================== Fin de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité