cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 28-05-2017
Exécuté par User (30-05-2017 11:46:41)
Exécuté depuis C:\Users\User\Documents\Downloads
Windows 10 Home Version 1607 (X64) (2016-08-18 01:37:09)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-2001555454-1356727798-2440343691-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2001555454-1356727798-2440343691-503 - Limited - Disabled)
Invité (S-1-5-21-2001555454-1356727798-2440343691-501 - Limited - Disabled)
User (S-1-5-21-2001555454-1356727798-2440343691-1003 - Administrator - Enabled) => C:\Users\User

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.1.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.6.14.19 - HP Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.7 SDK (HKLM-x32\...\{F44081B4-1C8A-49B6-AC6F-2EE5715488AF}) (Version: 4.7.02046 - Microsoft Corporation)
Microsoft .NET Framework 4.7 Targeting Pack (HKLM-x32\...\{CD786942-0D49-4F78-9A04-2EF21175F67E}) (Version: 4.7.02046 - Microsoft Corporation)
Microsoft Build Tools 2015 (HKLM-x32\...\{d21da0dd-4ba4-4838-ba58-64cf7a77131a}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2001555454-1356727798-2440343691-1003\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30637.0 - Microsoft Corporation)
Netbeans with TMC 1.1.7 (HKLM\...\nbi-tmcbeans-1.0.0.0.0) (Version: - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.46 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
vs_filehandler_amd64 (x32 Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (x32 Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (x32 Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellmsi (x32 Version: 15.0.26424 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0082513B-46BA-477D-B970-F493404053EF} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {14E6A76B-EA9A-4F05-93DD-8A459DD549DF} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {32046F1B-230A-443E-A39C-E37E1A1461A9} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {39D665B6-F411-425E-AC94-88C02D992A98} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {474766D6-B0B1-4CCA-8704-BBD58C762A57} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {5307D5BE-44A9-4A2E-A06B-3697E2041B49} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {53747A7F-CCF8-402E-A226-C7AEE3393974} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {5ADB5340-0211-40AB-90E5-7D159BC4B28F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {600B2B76-7872-4EC3-A5B5-E961B6746AC8} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {647C8BB5-544D-48C5-8D62-F0FAC23477B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {65E718FB-702B-47E9-9251-F25D573F6B8F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {6C468520-4CCE-47E4-AB11-EB19B519CB81} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {73039253-7AD8-456B-8782-1CB512D17F4E} - System32\Tasks\HPCeeScheduleForUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {84C09504-3EB7-42DE-B4F4-7114E98793D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {93093371-BFE1-4C23-A91D-EDCE402D35EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {9AC7C84F-1FC0-41E2-A827-CAD79FCEEAE3} - \Microsoft\Windows\DeviceSettings\Prpushnerzes -> Pas de fichier <==== ATTENTION
Task: {9E256610-43D4-43AE-A40E-9447FC8C172E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {A14A4636-954D-4269-B1E3-F30D05BC8A35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {AA221257-CAF3-4246-87FB-6EAD3D63124E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {AA8FA8E5-8933-4A0B-80C0-090A4BBB633C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {BD70BA95-4FB2-4F98-9FE8-C3A18D35D11A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-02-10] (Advanced Micro Devices, Inc.)
Task: {BE6D6A40-9585-4AD3-AE96-B8B3DBDBDD12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {C08BC675-4DDA-4B92-B589-D0CBA46F1392} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {DDC93725-0E64-4609-862A-3B728EE3583E} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {EA343001-0585-492A-B275-AB7B713F2315} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {F8DE05FB-FD70-4C40-965E-B9752440F628} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Modules chargés (Avec liste blanche) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 17:53 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-14 01:51 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 10:02 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-26 16:15 - 2015-09-18 17:27 - 00125656 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-06-08 19:04 - 2016-06-08 19:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2017-03-15 10:03 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 10:03 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 10:03 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 17:53 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 17:53 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-29 20:13 - 2016-06-29 20:13 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-29 20:13 - 2016-06-29 20:13 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-29 20:13 - 2016-06-29 20:13 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-29 20:13 - 2016-06-29 20:13 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-29 20:13 - 2016-06-29 20:13 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-29 20:13 - 2016-06-29 20:13 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-29 20:13 - 2016-06-29 20:13 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-05-16 11:22 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-16 11:22 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2016-07-16 13:47 - 2017-03-05 22:04 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-2001555454-1356727798-2440343691-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Desktop\Kj5cd8B.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-2001555454-1356727798-2440343691-1003\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-2001555454-1356727798-2440343691-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2001555454-1356727798-2440343691-1003\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-2001555454-1356727798-2440343691-1003\...\StartupApproved\Run: => "Ahjtworks"
HKU\S-1-5-21-2001555454-1356727798-2440343691-1003\...\StartupApproved\Run: => "Evvtion"
HKU\S-1-5-21-2001555454-1356727798-2440343691-1003\...\StartupApproved\Run: => "{700B04C9-D834-DF95-695E-0019C00434E0}"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [TCP Query User{5BCA10A5-9684-499B-B42C-EE3903E828D1}C:\program files\java\jdk1.8.0_111\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_111\bin\jmc.exe
FirewallRules: [UDP Query User{B2950D05-4615-4250-8238-F6F29A1F7FE8}C:\program files\java\jdk1.8.0_111\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_111\bin\jmc.exe
FirewallRules: [TCP Query User{7F566293-4724-4557-A190-2B812412A886}C:\users\user\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (Allow) C:\users\user\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [UDP Query User{79E3FA86-FDB0-45A6-8B35-4D55776FFF9A}C:\users\user\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (Allow) C:\users\user\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [TCP Query User{38A85B70-EB2C-4612-8243-1345BB7FCB97}C:\users\user\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (Allow) C:\users\user\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [UDP Query User{55670D54-D8E4-4656-BB15-266BC733735C}C:\users\user\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (Allow) C:\users\user\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [{B109D906-88F6-438E-8707-9B9AFB211EC8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Points de restauration =========================

22-05-2017 22:44:57 Point de contrôle planifié
28-05-2017 19:34:00 Removed NetAdapterUpdate
29-05-2017 21:52:19 Restore Operation

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (05/29/2017 10:57:07 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (05/29/2017 10:57:07 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (05/29/2017 10:57:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (05/29/2017 10:57:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (05/29/2017 10:57:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (05/29/2017 10:30:04 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: The restore point selected was damaged or deleted during the restore (Point de contrôle planifié).

Error: (05/29/2017 10:18:58 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Removed NetAdapterUpdate). Additional information: 0x80070091.

Error: (05/29/2017 09:53:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.

System Error:
Accès refusé.
.

Error: (05/29/2017 07:11:57 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF (error %3).

Error: (05/29/2017 05:47:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Accès refusé.
.


Erreurs système:
=============
Error: (05/30/2017 10:40:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT)
Description: Installation Failure: Windows failed to install the following update with error 0xc1900107: Mise à jour des fonctionnalités de Windows 10, version 1703.

Error: (05/30/2017 10:30:28 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user AUTORITE NT\Système SID (S-1-5-18) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2017 10:30:18 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user AUTORITE NT\SERVICE LOCAL SID (S-1-5-19) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2017 10:30:18 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user AUTORITE NT\SERVICE LOCAL SID (S-1-5-19) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2017 10:29:20 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user AUTORITE NT\Système SID (S-1-5-18) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2017 06:25:17 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user AUTORITE NT\Système SID (S-1-5-18) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2017 02:32:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT)
Description: Installation Failure: Windows failed to install the following update with error 0xc1900107: Mise à jour des fonctionnalités de Windows 10, version 1703.

Error: (05/30/2017 02:20:44 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user AUTORITE NT\Système SID (S-1-5-18) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2017 02:20:34 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user AUTORITE NT\SERVICE LOCAL SID (S-1-5-19) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2017 02:20:34 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: The propres à l’application permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user AUTORITE NT\SERVICE LOCAL SID (S-1-5-19) from address LocalHost (avec LRPC) running in the application container Non disponible SID (Non disponible). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
Date: 2017-05-30 11:04:06.958
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\c0311199.inf_amd64_71ef621a77f87d8c\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-28 22:09:43.442
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-23 07:31:54.389
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\c0311199.inf_amd64_71ef621a77f87d8c\amdhdl64.dll that did not meet the Store signing level requirements.

Date: 2017-05-17 19:14:57.394
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\c0311199.inf_amd64_71ef621a77f87d8c\amdhdl64.dll that did not meet the Store signing level requirements.

Date: 2017-05-16 21:08:50.550
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\c0311199.inf_amd64_71ef621a77f87d8c\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-08 18:17:02.238
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\c0311199.inf_amd64_71ef621a77f87d8c\amdhdl64.dll that did not meet the Store signing level requirements.

Date: 2017-05-08 11:03:14.516
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\c0311199.inf_amd64_71ef621a77f87d8c\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-03 12:52:59.490
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\c0311199.inf_amd64_71ef621a77f87d8c\amdhdl64.dll that did not meet the Store signing level requirements.

Date: 2017-04-27 13:15:02.373
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\c0311199.inf_amd64_71ef621a77f87d8c\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-19 10:50:26.526
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\c0311199.inf_amd64_71ef621a77f87d8c\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Pourcentage de mémoire utilisée: 33%
Mémoire physique - RAM - totale: 8107.39 MB
Mémoire physique - RAM - disponible: 5352.55 MB
Mémoire virtuelle totale: 8619.39 MB
Mémoire virtuelle disponible: 5841.45 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:465.26 GB) (Free:372.58 GB) NTFS
Drive g: (Disque local) (Fixed) (Total:464.95 GB) (Free:463.78 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2AF17940)

Partition: GPT.

==================== Fin de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité