Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:21-02-2016 01 Exécuté par Ahmet (2016-02-22 14:32:02) Exécuté depuis C:\Users\Responsable\Desktop Windows 10 Pro Version 1511 (X64) (2015-11-26 06:10:36) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-511945228-3084827621-2135989165-500 - Administrator - Disabled) => C:\Users\Administrateur Ahmet (S-1-5-21-511945228-3084827621-2135989165-1002 - Administrator - Enabled) => C:\Users\Responsable DefaultAccount (S-1-5-21-511945228-3084827621-2135989165-503 - Limited - Disabled) Invité (S-1-5-21-511945228-3084827621-2135989165-501 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) .NET Reactor (HKLM-x32\...\.NET Reactor) (Version: 4.9.9.0 - Eziriz) .NET Reactor (HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\.NET Reactor) (Version: 4.9.0.0 - Eziriz) .NET Reactor (x32 Version: 4.9.9.0 - Eziriz) Hidden .NET Reflector Desktop (HKLM-x32\...\{348E3E12-2F11-4AA4-8694-88222F3440F3}) (Version: 8.4.0.39 - Red Gate Software Ltd) µTorrent (HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) Adobe Flash Professional CC 2015 (HKLM-x32\...\{31390329-FFF0-11E4-85AD-AF2C4143F080}) (Version: 15.0 - Adobe Systems Incorporated) Adobe Photoshop CC (Version: 1.2.0000 - Adobe Systems Incorporated) Hidden Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Apple Application Support (32 bits) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden BacklinkSpeed v2.4 (HKLM-x32\...\BacklinkSpeed v2.4_is1) (Version: - ) Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.1.1003 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 1.1.11.8004 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) CoC Bot 9.8 (HKLM-x32\...\CoC Bot 9.8) (Version: 9.8 - Clash of Clans Bot - CoC Bot) CoffeeCup HTML Editor (HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\CoffeeCup HTML Editor) (Version: - ) Crypto Obfuscator For .Net 2015 (HKLM-x32\...\Crypto Obfuscator For .Net_is1) (Version: - LogicNP Software) Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company) Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation) FBackup 5 (x32 Version: 5.4.813 - Softland) Hidden FBackup 5.4 (HKLM-x32\...\{7097595f-f82b-4c76-849e-f074cf90aba4}) (Version: 5.4.813.0 - Softland) Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.6.2.0 - Telerik) FiddlerCoreAPI (HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\FiddlerCoreAPI) (Version: - ) FileZilla Client 3.15.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0.2 - Tim Kosse) Free Monitor for Google 2.5 (HKLM-x32\...\Free Monitor for Google_is1) (Version: - CleverStat) Google Chrome (HKLM-x32\...\{125B436B-3F17-317F-8D2F-9C470DC68905}) (Version: 48.0.2564.116 - Google, Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Help To Share 4.0 (HKLM-x32\...\Help To Share 4.0) (Version: 4.0 - HelpToShare) High Proxy Finder version 1.0 (HKLM-x32\...\{D27FE5D7-C787-4B54-A8D7-A598B1F7C6C7}_is1) (Version: 1.0 - High Yazilim, Inc.) HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company) IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Inno Setup version 5.5.8 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.8 - jrsoftware.org) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4189 - Intel Corporation) iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) JPEXS Free Flash Decompiler (HKLM-x32\...\{E618D276-6596-41F4-8A98-447D442A77DB}_is1) (Version: 7.1.2 - JPEXS) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LibreOffice 4.4 Help Pack (French) (HKLM-x32\...\{90ED74A4-6804-4E8B-B68D-0DCECBE54CD0}) (Version: 4.4.5.2 - The Document Foundation) LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation) Macro Recorder 5.7.9 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.9 - Jitbit Software) MathGraph32 Java 4.9.9.3 (HKLM-x32\...\{DD3E8FE1-0BC6-4B36-A790-7BF1B9351E68}_is1) (Version: - Yves Biton) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio Professional 2015 (HKLM-x32\...\{1ef6a030-1244-4d01-95f3-299c0e3a3362}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Mouse Recorder 2.3.3.4 (HKLM-x32\...\{7281CABA-E70B-411A-AF4B-ECB3C8778364}_is1) (Version: - Robot-Soft.com, Inc.) Mozilla Firefox 44.0 (x86 tr) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 tr)) (Version: 44.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.0.5866 - Mozilla) Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden nBinder Limited (HKLM-x32\...\nBinder Limited) (Version: 5.5.1.0 - ) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team) paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC) PDF24 Creator 7.3.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PE Explorer 1.99 R6 (HKLM-x32\...\PE Explorer_is1) (Version: 1.99.6 - Heaventools Software) Phantomers OBT (HKLM-x32\...\Phantomers) (Version: OBT - NTTGame) PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation) Proxy Finder Enterprise Edition (HKLM-x32\...\Proxy Finder Enterprise Edition) (Version: - ) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.31 - REALTEK Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.) Resource Tuner 2.04 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.04 - Heaventools Software) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.) Sothink SWF Decompiler (HKLM-x32\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD) Stellarium 0.13.3 (HKLM\...\Stellarium_is1) (Version: 0.13.3 - Stellarium team) Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation) Unity Web Player (HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Vivaldi (HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\Vivaldi) (Version: 1.0.344.37 - Vivaldi) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCNT version 2.0 (HKLM-x32\...\{0061E576-8767-4F52-99EC-82D820427D3B}_is1) (Version: 2.0 - Ext Inc.) WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wondershare Filmora(Build 6.8.0) (HKLM-x32\...\Wondershare Filmora_is1) (Version: - Wondershare Software) Wscanner (HKLM-x32\...\Wscanner) (Version: 1.04 - JS Web Production) Youtube MP3 Converter BETA version 0.1 (HKLM-x32\...\{7440BBE5-2F42-4C8C-84B9-D0D325A1CBF3}_is1) (Version: 0.1 - High Yazilim, Inc.) ZeroTier One Virtual Network Port (Version: 1.0.0 - ZeroTier) Hidden ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-511945228-3084827621-2135989165-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Responsable\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {08CC9881-F758-48AD-80C7-317EA05A12EF} - System32\Tasks\Bot Updater => bot\fix\baba.exe Task: {102AD346-9742-4EA2-8F24-6765E681325E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {463CC159-A028-44B2-A4C0-637989920C0A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated) Task: {5E09D78A-0134-406B-A9F5-ABDC987ED1B8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {5F09C35F-83C4-491D-9163-2F4F4409F05A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {65CD93F7-75E4-4AEF-967D-8C8F49BE71B5} - System32\Tasks\AdobeAAMUpdater-1.0-WIN-9PFFMPKBSTH-Ahmet => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated) Task: {703D99FC-6F8D-4173-A800-4842B842A6D7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {71482FB4-47D8-487F-9A16-63193858197B} - System32\Tasks\{125ABC7F-39AC-4B70-9CD0-EACD612C4E02} => pcalua.exe -a "C:\Program Files (x86)\Mobiform Software\Aurora2\AuroraEditor.exe" -d C:\WINDOWS\System32 Task: {7A7D761B-364E-42B8-B8F5-A7F16BD9CC7F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION Task: {86418A73-7481-493B-9931-D0696B640636} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {A1E83ECD-8D5E-48E8-BE9F-18DCC560AB9C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {A967A95A-ACA8-4C82-A130-90423FE013CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-22] (Google Inc.) Task: {CA113B1F-63FE-464D-93C9-D23C8A15D3CD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {D28E33B3-710E-465F-B1C1-B897F0FE3C55} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {DB17879F-8E23-4A38-B19D-DF56010A8B2F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-22] (Google Inc.) Task: {DF982A5D-EF52-4C2D-AA51-779BE1639975} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {E0287198-10D7-4876-AB41-8307C2B67E77} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {EA119512-3B66-4B78-855D-CFE77893F338} - System32\Tasks\Coc Updater => fix\cocyama.exe Task: {EC6EFFFD-75B1-4FAC-A4F4-FDDB16F40CCB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {F5A10357-6E8A-4642-8ADB-B50D7174F9D2} - System32\Tasks\Wscanner Secure => C:\Program Files (x86)\Wscanner\secure\secureupdater.exe [2015-11-27] () (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-10-13 18:26 - 2015-02-04 15:30 - 00108248 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2015-12-03 19:48 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-03 19:48 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-02-10 20:45 - 2016-02-10 20:45 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-03 19:46 - 2015-11-22 10:23 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-03 19:46 - 2015-11-22 10:18 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-03 19:48 - 2015-11-22 10:19 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-12-03 19:48 - 2015-11-22 10:21 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-27 16:39 - 2015-11-27 16:41 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-11-27 16:39 - 2015-11-27 16:41 - 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-11-27 16:39 - 2015-11-27 16:41 - 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-11-28 12:33 - 2015-11-28 12:33 - 00689664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vbeb7089b#\67e531335267e2c098f07f40fdaeb147\Microsoft.VisualStudio.Threading.ni.dll 2015-11-28 12:33 - 2015-11-28 12:33 - 00047104 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vd43b287e#\8124737dd7e9e2f892fefa20a729c254\Microsoft.VisualStudio.Validation.ni.dll 2015-11-27 20:21 - 2015-11-27 20:21 - 00980992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vfd40090d#\2e8a7415e0ea70f484c4553b903084fe\Microsoft.VisualStudio.Composition.ni.dll 2015-11-27 20:21 - 2015-11-27 20:21 - 00261120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vad841153#\d80e8a7530c32da2708279be9d316845\Microsoft.VisualStudio.Composition.Configuration.ni.dll 2016-02-22 10:32 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll 2016-02-22 10:32 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver" ==================== EXE Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) HKU\S-1-5-21-511945228-3084827621-2135989165-1002\Software\Classes\.exe: exefile => <===== ATTENTION HKU\S-1-5-21-511945228-3084827621-2135989165-1002\Software\Classes\exefile: <===== ATTENTION ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\100sexlinks.com -> 100sexlinks.com Il y a 4788 plus de sites. ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2016-02-22 12:30 - 2016-02-22 12:30 - 00000804 _RASH C:\WINDOWS\system32\Drivers\etc\hosts 111.1.1.1 185.31.19.133 111.1.1.1 www.185.31.19.133 111.1.1.1 23.51.123.27 111.1.1.1 www.23.51.123.27 111.1.1.1 raw.githubusercontent.com 111.1.1.1 www.raw.githubusercontent.com 111.1.1.1 g.symcd.com 111.1.1.1 www.g.symcd.com 111.1.1.1 clashclansbot.com 111.1.1.1 www.clashclansbot.com 111.1.1.1 boostbot.org 111.1.1.1 www.boostbot.org 111.1.1.1 mybot.run 111.1.1.1 www.mybot.run 111.1.1.1 cocultrabot.com 111.1.1.1 www.cocultrabot.com 111.1.1.1 clashbot.org 111.1.1.1 www.clashbot.org 111.1.1.1 zeybekgaming.net 111.1.1.1 www.zeybekgaming.net 111.1.1.1 clashofclansbot.net 111.1.1.1 www.clashofclansbot.net 111.1.1.1 clashauto.com 111.1.1.1 www.clashauto.com 111.1.1.1 lazypressingbot.com 111.1.1.1 www.lazypressingbot.com 111.1.1.1 brokenbot.org 111.1.1.1 www.brokenbot.org ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-511945228-3084827621-2135989165-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Responsable\Desktop\Wallpapers\ev0uDRg.jpg DNS Servers: 212.27.40.241 - 212.27.40.240 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "PDFPrint" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "Piketi" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\StartupApproved\Run: => "FBackup 5 Tray Agent" HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\StartupApproved\Run: => "urlspace" HKU\S-1-5-21-511945228-3084827621-2135989165-1002\...\StartupApproved\Run: => "ipts" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{196E240A-593D-4024-AB27-8071FCFE7BD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4FE8909F-D9EC-4731-B2F9-F64D830B97E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A4C951C4-6612-4FDC-80DD-BD940C8F09AE}] => (Allow) C:\Program Files (x86)\Softland\FBackup 5\bRestore.exe FirewallRules: [{B5959A3E-E09A-48B8-88E2-3717D6949874}] => (Allow) C:\Program Files (x86)\Softland\FBackup 5\bTest.exe FirewallRules: [{1C59E5FF-E73A-4135-9B7D-62326B66294D}] => (Allow) C:\Program Files (x86)\Softland\FBackup 5\bBackup.exe FirewallRules: [{EC9AC2BF-2655-4FDB-8E99-1369E37665DA}] => (Allow) C:\Program Files (x86)\Softland\FBackup 5\FBackup.exe FirewallRules: [{FF328007-91F5-4432-85C9-61100957C203}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [{6F59F1FA-92F8-4D70-96CC-6069C97FD23F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{2D02FFAC-518D-4EF6-A623-67E2B2A9DA46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BD40340A-AAAA-4583-972B-9BF4FC77D665}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B0A33358-CF33-4579-B30A-5507EE7E8641}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{AB87916E-4CA9-4A15-9FE9-2A3EAEA9DABA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D29CCA05-24E7-4E87-8348-69DFBAD809DD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{58BECE8C-22A8-4AC6-8848-5FFEF540700C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{EEDFD19B-FB9A-4050-AF82-6CB9C4F6BDB0}C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.vshost.exe] => (Allow) C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.vshost.exe FirewallRules: [UDP Query User{46D68F38-08EE-447D-A255-84E0CD69AE2C}C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.vshost.exe] => (Allow) C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.vshost.exe FirewallRules: [TCP Query User{C193F1FF-AF54-46A7-A444-14C0B9F2AE0A}C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.exe] => (Allow) C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.exe FirewallRules: [UDP Query User{80AAD1F8-BF00-4CA5-9466-78A59808D528}C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.exe] => (Allow) C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.exe FirewallRules: [TCP Query User{C25D4F6A-6106-4A75-B80C-765681112644}C:\program files\adobe\adobe flash cc 2015\flash.exe] => (Allow) C:\program files\adobe\adobe flash cc 2015\flash.exe FirewallRules: [UDP Query User{354104AC-1D9B-41B5-9B6B-11663DC65343}C:\program files\adobe\adobe flash cc 2015\flash.exe] => (Allow) C:\program files\adobe\adobe flash cc 2015\flash.exe FirewallRules: [{841F539F-2F6D-4327-B666-3571E2BE5956}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D87673C9-38FC-4077-9C52-DCDD111226A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6DB24305-D96A-435A-8782-3A3A62EC0EE5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{464CA6B4-F2DB-4F89-9BAF-E9F9F6765513}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{12479907-904E-48A4-909B-0E3674A427CC}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{96DDB00A-235A-42FC-B77A-72592B6079F8}] => (Allow) C:\Program Files (x86)\Phantomers\Launcher.exe FirewallRules: [{9ED4B39D-085C-4588-A798-FB533D7B1373}] => (Allow) C:\Program Files (x86)\Phantomers\Launcher.exe FirewallRules: [{DAC33B58-E62F-410F-AD04-FF5C4BAC013E}] => (Allow) C:\Program Files (x86)\Phantomers\Updater.exe FirewallRules: [{450F8CF3-2CB4-402A-B669-8321DBB61F1B}] => (Allow) C:\Program Files (x86)\Phantomers\Updater.exe FirewallRules: [TCP Query User{598F2846-2F3A-461B-AF5A-DC9EF8F5DD19}C:\program files (x86)\phantomers\bin32\mazer.exe] => (Allow) C:\program files (x86)\phantomers\bin32\mazer.exe FirewallRules: [UDP Query User{8E049E00-5FED-4741-B34D-0FBD44762606}C:\program files (x86)\phantomers\bin32\mazer.exe] => (Allow) C:\program files (x86)\phantomers\bin32\mazer.exe FirewallRules: [{9A3B7F94-1936-4D72-BFB6-84DB6C10AADA}] => (Allow) C:\Program Files (x86)\Fiddler2\Fiddler.exe FirewallRules: [{FD94AB33-2E7F-4330-9837-84B536472793}] => (Allow) C:\Program Files (x86)\Phantomers\Launcher.exe FirewallRules: [{20C44FC1-0FFB-4548-995B-19603595D0E1}] => (Allow) C:\Program Files (x86)\Phantomers\Launcher.exe FirewallRules: [{9A576604-D24A-4C0E-BE89-3E21B6A4FE2E}] => (Allow) C:\Program Files (x86)\Phantomers\Updater.exe FirewallRules: [{631ACAFD-8C75-4DDD-958A-46082FB6D95D}] => (Allow) C:\Program Files (x86)\Phantomers\Updater.exe FirewallRules: [TCP Query User{B4E2598E-706A-4901-AF9B-A0D533A71BF9}C:\program files (x86)\phantomers\bin32\mazer.exe] => (Allow) C:\program files (x86)\phantomers\bin32\mazer.exe FirewallRules: [UDP Query User{27594010-45D7-49BE-AE38-9124D6763B14}C:\program files (x86)\phantomers\bin32\mazer.exe] => (Allow) C:\program files (x86)\phantomers\bin32\mazer.exe FirewallRules: [TCP Query User{5D659FCD-2721-405D-BB58-0B1519C23E9D}C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.vshost.exe] => (Allow) C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.vshost.exe FirewallRules: [UDP Query User{26FD6E83-828B-4121-909E-006594F3BA08}C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.vshost.exe] => (Allow) C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.vshost.exe FirewallRules: [TCP Query User{41A8F7E5-6618-40E6-AC66-1832C4CA16B9}C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.exe] => (Allow) C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.exe FirewallRules: [UDP Query User{60B523C1-10CF-472E-B144-28AD3160F487}C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.exe] => (Allow) C:\users\responsable\documents\visual studio 2015\projects\actiondimension\actiondimension\bin\debug\actiondimension.exe FirewallRules: [{1B2D4F77-295D-4601-B613-C169F79C1902}] => (Allow) C:\Users\Responsable\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{46B00563-93EE-46E7-8640-CDF2B6895BBF}] => (Allow) C:\Users\Responsable\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{E04F221E-9C08-4FE4-8419-8003EDA29F72}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{E6EF337A-A0CD-4146-A978-41C154D8EAC4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{6EAC8B40-5AA1-4E9A-8ECE-4FD6811599E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Points de restauration ========================= 27-01-2016 22:24:00 Installed LogMeIn Hamachi 12-02-2016 23:26:23 Point de contrôle planifié 22-02-2016 10:25:11 Removed LogMeIn Hamachi 22-02-2016 10:28:43 ResetBrowser ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (02/22/2016 02:27:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante devenv.exe, version : 14.0.23107.0, horodatage : 0x559b7ead Nom du module défaillant : fms.dll, version : 10.0.10586.0, horodatage : 0x5632d70c Code d’exception : 0xc0000005 Décalage d’erreur : 0x00010577 ID du processus défaillant : 0x14b0 Heure de début de l’application défaillante : 0xdevenv.exe0 Chemin d’accès de l’application défaillante : devenv.exe1 Chemin d’accès du module défaillant: devenv.exe2 ID de rapport : devenv.exe3 Nom complet du package défaillant : devenv.exe4 ID de l’application relative au package défaillant : devenv.exe5 Error: (02/22/2016 02:27:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: devenv.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.AccessViolationException at System.Windows.Forms.SafeNativeMethods.ChooseFont(CHOOSEFONT) at System.Windows.Forms.FontDialog.RunDialog(IntPtr) at System.Windows.Forms.CommonDialog.ShowDialog(System.Windows.Forms.IWin32Window) at System.Windows.Forms.CommonDialog.ShowDialog() at System.Drawing.Design.FontEditor.EditValue(System.ComponentModel.ITypeDescriptorContext, System.IServiceProvider, System.Object) at System.Windows.Forms.PropertyGridInternal.GridEntry.EditPropertyValue(System.Windows.Forms.PropertyGridInternal.PropertyGridView) at System.Windows.Forms.PropertyGridInternal.PropertyDescriptorGridEntry.EditPropertyValue(System.Windows.Forms.PropertyGridInternal.PropertyGridView) at System.Windows.Forms.PropertyGridInternal.PropertyGridView.PopupDialog(Int32) at System.Windows.Forms.PropertyGridInternal.PropertyGridView.OnBtnClick(System.Object, System.EventArgs) at System.Windows.Forms.Control.OnClick(System.EventArgs) at System.Windows.Forms.Button.OnClick(System.EventArgs) at System.Windows.Forms.PropertyGridInternal.DropDownButton.OnClick(System.EventArgs) at System.Windows.Forms.Button.OnMouseUp(System.Windows.Forms.MouseEventArgs) at System.Windows.Forms.PropertyGridInternal.DropDownButton.OnMouseUp(System.Windows.Forms.MouseEventArgs) at System.Windows.Forms.Control.WmMouseUp(System.Windows.Forms.Message ByRef, System.Windows.Forms.MouseButtons, Int32) at System.Windows.Forms.Control.WndProc(System.Windows.Forms.Message ByRef) at System.Windows.Forms.ButtonBase.WndProc(System.Windows.Forms.Message ByRef) at System.Windows.Forms.Button.WndProc(System.Windows.Forms.Message ByRef) at System.Windows.Forms.Control+ControlNativeWindow.OnMessage(System.Windows.Forms.Message ByRef) at System.Windows.Forms.Control+ControlNativeWindow.WndProc(System.Windows.Forms.Message ByRef) at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr, Int32, IntPtr, IntPtr) Error: (02/22/2016 12:28:07 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10300.137) TYPE: ERROR DPTF Build Version: 8.1.10300.137 DPTF Build Date: Mar 5 2015 15:46:51 Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 640 Executing Function: PolicyBase::takeControlOfOsc Message: Failed to acquire OSC: Failure during execution of _OSC: DPTF Build Version: 8.1.10300.137 DPTF Build Date: Mar 5 2015 15:46:51 Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 437 Executing Function: EsifServices::primitiveExecuteSet Message: Error returned from ESIF services interface function call Participant: NoParticipant Domain: NoDomain ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93] ESIF Instance: 255 ESIF Return Code: ESIF_E_PRIMITIVE_NOT_FOUND_IN_DSP [2404] Policy: Passive Policy [0] Error: (02/22/2016 10:50:47 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme ZHPFix.exe version 2015.10.19.9 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 7c Heure de début : 01d16d566fd867b9 Heure de fin : 13 Chemin d'accès de l'application : C:\Program Files (x86)\ZHPFix\ZHPFix.exe ID de rapport : bb816fa4-d949-11e5-8291-b05adaa94fe9 Nom complet du package défaillant : ID de l'application relative au package défaillant : Error: (02/22/2016 10:28:45 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Error: (02/22/2016 10:25:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Error: (02/22/2016 10:20:11 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10300.137) TYPE: ERROR DPTF Build Version: 8.1.10300.137 DPTF Build Date: Mar 5 2015 15:46:51 Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 640 Executing Function: PolicyBase::takeControlOfOsc Message: Failed to acquire OSC: Failure during execution of _OSC: DPTF Build Version: 8.1.10300.137 DPTF Build Date: Mar 5 2015 15:46:51 Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 437 Executing Function: EsifServices::primitiveExecuteSet Message: Error returned from ESIF services interface function call Participant: NoParticipant Domain: NoDomain ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93] ESIF Instance: 255 ESIF Return Code: ESIF_E_PRIMITIVE_NOT_FOUND_IN_DSP [2404] Policy: Passive Policy [0] Error: (02/22/2016 10:18:24 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10300.137) TYPE: ERROR DPTF Build Version: 8.1.10300.137 DPTF Build Date: Mar 5 2015 15:46:51 Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 640 Executing Function: PolicyBase::takeControlOfOsc Message: Failed to acquire OSC: Failure during execution of _OSC: DPTF Build Version: 8.1.10300.137 DPTF Build Date: Mar 5 2015 15:46:51 Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 437 Executing Function: EsifServices::primitiveExecuteSet Message: Error returned from ESIF services interface function call Participant: NoParticipant Domain: NoDomain ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93] ESIF Instance: 255 ESIF Return Code: ESIF_E_PRIMITIVE_NOT_FOUND_IN_DSP [2404] Policy: Passive Policy [0] Error: (02/22/2016 09:59:34 AM) (Source: SearchProtectService.exe) (EventID: 0) (User: ) Description: Le processus de service n’a pas pu se connecter au contrôleur de service Error: (02/22/2016 09:50:14 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10300.137) TYPE: ERROR DPTF Build Version: 8.1.10300.137 DPTF Build Date: Mar 5 2015 15:46:51 Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 640 Executing Function: PolicyBase::takeControlOfOsc Message: Failed to acquire OSC: Failure during execution of _OSC: DPTF Build Version: 8.1.10300.137 DPTF Build Date: Mar 5 2015 15:46:51 Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 437 Executing Function: EsifServices::primitiveExecuteSet Message: Error returned from ESIF services interface function call Participant: NoParticipant Domain: NoDomain ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93] ESIF Instance: 255 ESIF Return Code: ESIF_E_PRIMITIVE_NOT_FOUND_IN_DSP [2404] Policy: Passive Policy [0] Erreurs système: ============= Error: (02/22/2016 12:28:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN n’a pas pu démarrer. Chemin d’accès du module : C:\WINDOWS\system32\Rtlihvs.dll Code d’erreur : 126 Error: (02/22/2016 12:28:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service LMIGuardianSvc n’a pas pu démarrer en raison de l’erreur : %%2 Error: (02/22/2016 12:28:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service LiveUpdateSvc n’a pas pu démarrer en raison de l’erreur : %%2 Error: (02/22/2016 12:28:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service NcaSvc dépend du service iphlpsvc qui n’a pas pu démarrer en raison de l’erreur : %%1058 Error: (02/22/2016 12:27:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Hôte de synchronisation_d1a2a s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (02/22/2016 12:27:10 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible Error: (02/22/2016 10:26:03 AM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT) Description: 2LMIGuardianSvcNon disponible{D4258A22-CF85-489D-83AE-49FCD0DFAD29} Error: (02/22/2016 10:26:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service LMIGuardianSvc n’a pas pu démarrer en raison de l’erreur : %%2 Error: (02/22/2016 10:25:55 AM) (Source: DCOM) (EventID: 10005) (User: WIN-9PFFMPKBSTH) Description: 2LMIGuardianSvcNon disponible{D4258A22-CF85-489D-83AE-49FCD0DFAD29} Error: (02/22/2016 10:25:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service LMIGuardianSvc n’a pas pu démarrer en raison de l’erreur : %%2 CodeIntegrity: =================================== Date: 2016-02-18 21:20:28.219 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-17 14:50:29.282 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-03 09:54:50.217 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-30 16:38:20.163 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-13 09:53:39.787 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 16:54:11.962 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-05 20:33:27.962 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-04 16:12:42.513 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-27 16:34:39.392 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-26 19:38:03.338 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Infos Mémoire =========================== Processeur: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz Pourcentage de mémoire utilisée: 49% Mémoire physique - RAM - totale: 3953.27 MB Mémoire physique - RAM - disponible: 2005.86 MB Mémoire virtuelle totale: 6001.27 MB Mémoire virtuelle disponible: 3708.33 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:449.27 GB) (Free:397.54 GB) NTFS Drive d: (Ahmet HDD) (Fixed) (Total:298.09 GB) (Free:281.53 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 2BE927DD) Partition: GPT. ======================================================== Disk: 1 (Size: 298.1 GB) (Disk ID: 55E2E169) Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt ============================