cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 19-06-2016 01
Exécuté par JP (2016-06-20 17:30:06)
Exécuté depuis C:\Users\JP\Downloads
Windows 10 Home Version 1511 (X64) (2016-02-18 03:40:27)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-137785107-3954556017-1763030930-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-137785107-3954556017-1763030930-503 - Limited - Disabled)
Invité (S-1-5-21-137785107-3954556017-1763030930-501 - Limited - Disabled)
JP (S-1-5-21-137785107-3954556017-1763030930-1000 - Administrator - Enabled) => C:\Users\JP

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

µTorrent (HKU\S-1-5-21-137785107-3954556017-1763030930-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS PCE-N15 WLAN Card Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.0.1.8 - )
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Color Detector 2.0 (HKLM-x32\...\ColorDetector200_is1) (Version: 2.0 - Cosmin Smeu)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
MAGIX Contenu et Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 (HKLM-x32\...\MAGIX_{2A959813-498E-4A41-9607-5544A4570A32}) (Version: 19.0.3.47 - MAGIX AG)
MAGIX Music Maker 2013 (Version: 19.0.3.47 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1016 - Microsoft Corporation) Hidden
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.2.8 - PowerUp Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.1.5 - Lenovo Group Limited)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
VirtualDJ 8 (HKLM-x32\...\{F7A68F9D-BBF0-48FF-B138-2EFB5165638C}) (Version: 8.0.2048.0 - Atomix Productions)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-137785107-3954556017-1763030930-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\JP\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {12F5F91A-0C7E-4693-88E9-8F39B2753A2C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1F904DBC-F063-4EE8-BDA8-00292BE1E713} - System32\Tasks\{F86F6ACF-1B5F-43CF-B13C-8549292C7C21} => pcalua.exe -a C:\Users\JP\Downloads\Call.of.Duty.Modern.Warfare.3-RELOADED\DVD1\rld-mw3a\Setup.EXE -d C:\Users\JP\Downloads\Call.of.Duty.Modern.Warfare.3-RELOADED\DVD1\rld-mw3a
Task: {24BD2A5E-E3BE-4B63-A580-F9969D8832E0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2F6EBB9E-4965-40FD-BD2F-3CFE45BF3314} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {321B184E-A725-449E-961D-D244097BD562} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {35DC8E15-BAEE-41B2-A5E9-C9281E7F3224} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {41CEBFFC-E684-472B-BD49-34F4A13AD3B1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {5979015E-6E26-4F9B-BF71-4F92B2D763EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-26] (Microsoft Corporation)
Task: {5D81635C-E641-4DEE-984F-D307086F5E9B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {608F57E7-7EEC-4F1F-934E-1CEC5232BD2E} - System32\Tasks\{18388A40-5358-4664-BF66-8C8E0A35F620} => pcalua.exe -a "C:\Users\JP\Desktop\[PES16] PTE PATCH 5.0\Setup 2.exe" -d "C:\Users\JP\Desktop\[PES16] PTE PATCH 5.0"
Task: {69DCF454-4A86-4631-9F29-B8DD990EBF84} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {6B929F71-605D-4CB5-BE83-06A733DE65E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {700FBEA7-9EC7-4003-8960-F9C859B48A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-17] (Google Inc.)
Task: {7215F34C-6ABC-4F5F-87EE-0D96F00C66E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-26] (Microsoft Corporation)
Task: {73DB0792-C7DE-49A9-AD92-171B9A8FE656} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-16] (Microsoft Corporation)
Task: {75183033-7064-46A9-ABB6-90A83D07F92C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7539815C-406B-4ACD-BD01-E1A8D16BE4F4} - System32\Tasks\GunshipUpdateTaskMachineCore => C:\Program Files (x86)\Gunship\Update\GunshipUpdate.exe <==== ATTENTION
Task: {7564C48F-DD82-4399-AB33-B16085E7113B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {768C0C32-C3B3-4A89-9ADC-28E690BB24AC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {783B0D76-ED37-4670-A511-77C62B7D0B71} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {78BA3DB6-EE2F-4B8B-A5D2-9C206D9A360F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-17] (Google Inc.)
Task: {7C1AF376-5194-4189-B977-16E3221136F1} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {7C3B9C27-1FAB-43BC-A2FE-C56813494AF0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {8418B8CE-2E94-4D50-8B51-F6BED1C75277} - System32\Tasks\GunshipUpdateTaskMachineUA => C:\Program Files (x86)\Gunship\Update\GunshipUpdate.exe <==== ATTENTION
Task: {86AE963F-352A-4E2E-808E-C0FEBEB1BB4A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {8E05B8C5-CC5E-4F8B-8E6B-FDEADBE9E1FB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {9659303A-1AC8-42FC-A0A6-E63B200C4F11} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {967B7E53-AE99-430F-B470-93A46CD58D39} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {A4D28C55-325F-4633-BF31-2A9F863EA47A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-26] (Microsoft Corporation)
Task: {A5E3E1D2-D7A2-4A50-8876-7A93C917EF62} - System32\Tasks\SafeZone scheduled Autoupdate 1455834602 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {A88E456F-E771-4DD0-BC8B-3033C572A96E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B05D5123-D211-4952-8E26-F4CB733BB6ED} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-26] (Microsoft Corporation)
Task: {BB09A223-F780-48B2-89F9-445D4372E22F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {BDA07943-0FAB-450D-95FE-5994BF8CD88D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C065B3FD-7D25-4771-B224-8A5FD554833C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {D88B98E7-BDAF-4F9F-8357-795B50A8956D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {DFAFF09C-E7BD-4AA0-B51B-6CA83E60CC41} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {EBD4A106-BDD1-4453-AFD3-0A3F95064A54} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-25] (AVAST Software)
Task: {FCA6F2B9-67D7-4273-9E4E-242C157BAD0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2015-10-30 07:18 - 2015-10-30 07:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 00:07 - 2016-04-22 00:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-12 21:30 - 2016-03-29 10:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 21:30 - 2016-03-29 10:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-18 00:15 - 2016-05-18 00:15 - 00959168 _____ () C:\Users\JP\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-18 06:06 - 2015-12-07 04:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 00:01 - 2016-04-23 04:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-25 13:00 - 2015-07-25 13:00 - 00404912 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-06-16 17:38 - 2016-05-28 03:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-16 17:38 - 2016-05-28 03:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-16 17:38 - 2016-05-28 03:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-16 17:38 - 2016-05-28 03:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-19 00:35 - 2016-04-19 00:38 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-06-01 17:28 - 2015-06-01 17:28 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2016-05-25 00:44 - 2016-05-25 00:44 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-25 00:44 - 2016-05-25 00:44 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-20 10:23 - 2016-06-20 10:23 - 02935808 _____ () C:\Program Files\AVAST Software\Avast\defs\16062000\algo.dll
2016-05-25 00:44 - 2016-05-25 00:44 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-20 16:44 - 2016-06-20 16:44 - 02935808 _____ () C:\Program Files\AVAST Software\Avast\defs\16062002\algo.dll
2016-05-25 00:44 - 2016-05-25 00:44 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-18 00:15 - 2016-05-18 00:15 - 00679624 _____ () C:\Users\JP\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-02-18 22:28 - 2016-02-18 22:28 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-04-19 00:35 - 2016-04-19 00:38 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 00:35 - 2016-04-19 00:38 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-06-18 00:44 - 2016-06-15 09:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 00:44 - 2016-06-15 09:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-06-18 00:44 - 2016-06-15 09:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)


==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)

HKU\S-1-5-21-137785107-3954556017-1763030930-1000\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION

==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


==================== Hosts contenu: ==========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2009-07-14 02:34 - 2016-06-17 15:03 - 00002024 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Il y a 4 plus de lignes.


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-137785107-3954556017-1763030930-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)


==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1C681964-8416-44A8-AF6F-75E6E4028591}] => (Allow) C:\Users\JP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F6825F63-7E8E-46B0-96F3-B686487E1BF7}] => (Allow) C:\Users\JP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A6B13C4D-A11F-434E-8174-019D07B026C0}] => (Allow) C:\Users\JP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E191488D-7A3D-4363-81BA-09E44CE1BB25}] => (Allow) C:\Users\JP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{03C8353B-794E-4373-A174-C9A3803EF80A}] => (Allow) C:\Users\JP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{847A075F-200D-44DA-AD42-F5657BBC9B00}] => (Allow) C:\Users\JP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A0C10D8-B299-436A-ABD8-C6B417E18B59}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F4B4F3CC-7577-4ADF-9963-0478EBCE0F12}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AAF40221-E77D-42CE-95DF-4306174EB69A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3F5BEFF3-E6ED-47CB-B7E5-FD257261F2D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{964BC08C-48A7-4609-992F-AA0532D9E123}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{262DF43D-A9BF-4426-82C8-0EC2363DAC77}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{C2984C8D-36F5-4FCE-8D7B-DB00C14B588F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{40CC033A-5F87-40BA-8D64-2BDDFCCB0A15}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DD2F179F-D894-4770-BE66-BAB67B093B46}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A0910C78-E7A2-4411-9F8C-3259A509A8B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{24294D4E-3F2D-4F0F-A83D-FF32DDC425A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{D9D41976-8137-441D-BB8B-97B1883A65AE}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [UDP Query User{1F4BA0F1-099D-4C2B-97CA-FF7B7C262D25}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{0D425601-E06B-41BE-837B-DF01D541682D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A2C127EB-4811-4F86-A95F-5968EB896F4A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{84AB956C-4068-4325-BC45-164E95CEF916}] => (Allow) C:\Program Files (x86)\Gunship\Update\GunshipUpdate.exe
FirewallRules: [{1E7857C8-5DC8-4451-A565-3995A606DD3C}] => (Allow) C:\Program Files (x86)\Gunship\Application\chrome.exe
FirewallRules: [{BE807DBD-5BE0-4A05-BCC7-63FE5C137318}] => (Allow) C:\ProgramData\Gunship\Gunship.exe
FirewallRules: [{DACE731D-0085-4314-88E6-3640F11E3A76}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Points de restauration =========================

08-06-2016 20:33:03 Removed Firebird SQL Server - MAGIX Edition
16-06-2016 22:32:38 Windows Update
18-06-2016 00:52:40 ASU_MSI_TRAN
18-06-2016 14:47:10 ZHPFix Restore System Point
20-06-2016 04:55:15 zoek.exe restore point

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (06/20/2016 10:15:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Music.UI.exe, version : 3.6.2096.0, horodatage : 0x573b8c20
Nom du module défaillant : ucrtbase.dll, version : 10.0.10586.0, horodatage : 0x5632d193
Code d’exception : 0xc0000409
Décalage d’erreur : 0x0000000000068528
ID du processus défaillant : 0xe5c
Heure de début de l’application défaillante : 0xMusic.UI.exe0
Chemin d’accès de l’application défaillante : Music.UI.exe1
Chemin d’accès du module défaillant: Music.UI.exe2
ID de rapport : Music.UI.exe3
Nom complet du package défaillant : Music.UI.exe4
ID de l’application relative au package défaillant : Music.UI.exe5

Error: (06/20/2016 10:04:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10803500

Error: (06/20/2016 10:04:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10803500

Error: (06/20/2016 10:04:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/20/2016 07:04:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2500

Error: (06/20/2016 07:04:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2500

Error: (06/20/2016 07:04:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/20/2016 07:04:52 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1234

Error: (06/20/2016 07:04:52 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1234

Error: (06/20/2016 07:04:52 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Erreurs système:
=============
Error: (06/20/2016 04:45:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service PinnacleUpdate Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (06/20/2016 04:45:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Windows Defender n’a pas pu démarrer en raison de l’erreur :
%%577 = Windows ne peut pas vérifier la signature numérique de ce fichier. Il est possible qu’une modification matérielle ou logicielle récente ait installé un fichier endommagé ou dont la signature est incorrecte, ou qu’il s’agisse d’un logiciel malveillant provenant d’une source inconnue.


Error: (06/20/2016 04:42:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 n’a pas pu démarrer en raison de l’erreur :
%%1053 = Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.


Error: (06/20/2016 04:42:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service FontCache3.0.0.0.

Error: (06/20/2016 04:40:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service yahoochrometechnology n’a pas pu démarrer en raison de l’erreur :
%%2 = Le fichier spécifié est introuvable.


Error: (06/20/2016 04:40:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service hpsrv n’a pas pu démarrer en raison de l’erreur :
%%1053 = Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.


Error: (06/20/2016 04:40:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service hpsrv.

Error: (06/20/2016 04:40:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 16:03:14 le ‎20/‎06/‎2016 n’était pas prévu.

Error: (06/20/2016 10:21:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service PinnacleUpdate Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (06/20/2016 10:21:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service WinDefend n’a pas pu démarrer en raison de l’erreur :
%%577 = Windows ne peut pas vérifier la signature numérique de ce fichier. Il est possible qu’une modification matérielle ou logicielle récente ait installé un fichier endommagé ou dont la signature est incorrecte, ou qu’il s’agisse d’un logiciel malveillant provenant d’une source inconnue.



CodeIntegrity:
===================================
Date: 2016-06-20 16:47:44.385
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 16:45:25.030
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-20 10:23:02.652
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-20 10:21:40.938
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-20 05:19:52.162
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-19 15:38:38.118
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-19 05:34:21.982
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-18 19:50:28.258
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-18 18:49:43.908
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-18 14:50:05.838
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\JP\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Pourcentage de mémoire utilisée: 66%
Mémoire physique - RAM - totale: 4030.29 MB
Mémoire physique - RAM - disponible: 1334.24 MB
Mémoire virtuelle totale: 8126.29 MB
Mémoire virtuelle disponible: 4820.71 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:199.54 GB) (Free:81.53 GB) NTFS
Drive d: (Nouveau nom) (Fixed) (Total:265.66 GB) (Free:123.77 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 50A63E3A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=467 MB) - (Type=27)
Partition 4: (Not Active) - (Size=265.7 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité