Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x86) Version: 29-06-2017 Exécuté par bennas (29-06-2017 17:22:43) Exécuté depuis C:\Users\bennas\Desktop Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) (2015-11-14 12:54:35) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3814778139-2634888380-698324986-500 - Administrator - Disabled) bennas (S-1-5-21-3814778139-2634888380-698324986-1001 - Administrator - Enabled) => C:\Users\bennas HomeGroupUser$ (S-1-5-21-3814778139-2634888380-698324986-1002 - Limited - Enabled) Invité (S-1-5-21-3814778139-2634888380-698324986-501 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5002-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden ACAD Private (HKLM\...\{5783F2D7-F001-0000-3002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Application de bureau Autodesk (HKLM\...\Autodesk Desktop App) (Version: 6.0.108.150 - Autodesk) Applications recommandées Autodesk 2016 (HKLM\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk) AutoCAD 2004 (HKLM\...\{5783F2D7-0201-040C-0002-0060B0CE6BBA}) (Version: 16.0.0.086 - Autodesk) AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden Autodesk Advanced Material Library Image Library 2016 (HKLM\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk) Autodesk App Manager 2016 (HKLM\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk) Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2016 Add-in 32 bit (HKLM\...\{67EA06D3-1863-4E37-A19B-DB56175EAD15}) (Version: 4.35.1742 - Autodesk) Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Express Viewer (HKLM\...\Autodesk Express Viewer) (Version: 3.1 - Autodesk, Inc.) Autodesk Material Library 2016 (HKLM\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk) Autodesk Material Library Base Resolution Image Library 2016 (HKLM\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk) Avira Internet Security (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.24.37 - Avira Operations GmbH & Co. KG) Canon LBP6000/LBP6018 (HKLM\...\Canon LBP6000/LBP6018) (Version: - ) DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 6.1.0.0484 - Disc Soft Ltd) Driver San Francisco (HKLM\...\Driver San Francisco) (Version: 1.4.0.0 - Ubisoft) Duplicate File Detective 6 (HKLM\...\{9B5250D5-1525-4B38-ADF0-21BEB78B3EC4}) (Version: 6.0.76 - Key Metric Software) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 8.2.0.2051 - Foxit Software Inc.) Free BMP To PDF Converter (HKLM\...\{E6D45571-E9A6-4856-B184-9177B27C70C8}) (Version: 1.0.0 - Free PDF Solutions) Google Chrome (HKLM\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Drive (HKLM\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Icecream Ebook Reader version 4.56 (HKLM\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 4.56 - Icecream Apps) Importation de SketchUp 2016 (HKLM\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk) Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.) Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Leica FlexLine TS02/06/09 Simulator (HKLM\...\{7A4126CE-E360-4B4B-BF1C-7EA54FC3BFBA}) (Version: - ) LenovoUsbDriver 1.0.17 (HKLM\...\LenovoUsbDriver) (Version: 1.0.17 - Lenovo) LG United Mobile Drivers (HKLM\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics) Malware Hunter 1.38.0.97 (HKLM\...\Malware Hunter) (Version: 1.38.0.97 - Glarysoft Ltd) Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) MDSolids (HKLM\...\{7700819E-93C2-459F-8221-96AECB0A3D9D}) (Version: 4.0.0 - MDSolids Software) Microsoft .NET Framework 4.6.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Standard 2013 (HKLM\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Mises à jour NVIDIA 23.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.1.0.0 - NVIDIA Corporation) Mobile Assistant (HKLM\...\{AEF3BF36-8B82-4E43-8291-81EF9E01C65B}) (Version: 1.4.1.10123 - Lenovo) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 48.0 (x86 fr) (HKLM\...\Mozilla Firefox 48.0 (x86 fr)) (Version: 48.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA Logiciel système PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.0.0.0 - NVIDIA Corporation) Hidden Opera Stable 44.0.2510.857 (HKLM\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PDFsam Basic (HKLM\...\{2613AD46-FB81-46DC-9001-E1BA183F9520}) (Version: 3.0.30.0 - Andrea Vacondio) PowerISO (HKLM\...\PowerISO) (Version: - ) RadiAnt DICOM Viewer (32-bit) (HKLM\...\RadiAnt32) (Version: 3.4.2.13370 - Medixant) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.) Recover My Files (HKLM\...\Recover My Files_is1) (Version: 3.9.8.5178 - GetData Pty Ltd) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) TotalImageConverter (HKLM\...\Total Image Converter_is1) (Version: 5.1 - Softplicity, Inc.) Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UnHackMe 7.80 (HKLM\...\UnHackMe_is1) (Version: - Greatis Software, LLC.) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft) Viber (HKLM\...\{B39E6AB6-38F6-40D7-A895-3AE353F5ECE7}) (Version: 6.5.4.474 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\{6377151e-765f-4c6e-9476-5534ea8fd289}) (Version: 6.5.4.474 - Viber Media Inc.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) WebcamMax (HKLM\...\WebcamMax) (Version: 8.0.3.8.MultiLanguage - COOLWAREMAX) WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun) WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ZHPDiag 2014 (HKLM\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{1365A45F-0C8F-4806-A26A-6B22AD37EC66}\localserver32 -> C:\Program Files\AutoCAD 2004\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{8E75D913-3D21-11D2-85C4-080009A0C626}\localserver32 -> C:\Program Files\AutoCAD 2004\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{DB342E32-06DC-9BE7-849D-FE79405BDB865}\InprocServer32 -> 0xB037955C17A0D101402D4AC05CB1D201020000000200000000000000 => Pas de fichier CustomCLSID: HKU\S-1-5-21-3814778139-2634888380-698324986-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Windows\system32\acadficn16.dll (Autodesk, Inc.) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {20B62A61-30F5-4B4C-A600-46FBDC098AED} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {9E3E9BC5-E65D-4071-8647-885BAC8C538D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {A67B6DAD-8B23-4651-8BBD-5A656549AB67} - System32\Tasks\GMHSkipUAC => C:\Program Files\Glarysoft\Malware Hunter\MalwareHunter.exe [2017-06-16] (Glarysoft Ltd) Task: {F8948D4F-7671-4378-B458-824EDD7C09D7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\bennas\Desktop\Lаnсеur d'аррliсаtiоns Gооglе Сhrоmе.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic Shortcut: C:\Users\bennas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\Users\bennas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Lаnсеur d'аррliсаtiоns Gооglе Сhrоmе.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic Shortcut: C:\Users\bennas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\Users\bennas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic Shortcut: C:\Users\bennas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Gооglе Сhrоmе.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic Shortcut: C:\Users\bennas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Gооglе Сhrоmе.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Моzillа Firеfох.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) <==== Cyrillic ShortcutWithArgument: C:\Users\bennas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Simple EPUB Reader.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ojhbgcchcbdjdenibfmjofobklkkhofc ShortcutWithArgument: C:\Users\bennas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Ben - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData ==================== Modules chargés (Avec liste blanche) ============== 2010-07-04 22:32 - 2010-07-04 22:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2016-12-28 19:22 - 2015-01-28 06:19 - 02426880 _____ () C:\Program Files\CoolUtils\TotalImageConverter\axTotalConverter.dll 2017-06-16 09:01 - 2017-06-16 09:01 - 00087024 _____ () C:\Program Files\Glarysoft\Malware Hunter\zlib1.dll 2017-05-11 19:55 - 2017-05-09 09:12 - 02864984 _____ () C:\Program Files\Google\Chrome\Application\58.0.3029.110\libglesv2.dll 2017-05-11 19:55 - 2017-05-09 09:12 - 00087384 _____ () C:\Program Files\Google\Chrome\Application\58.0.3029.110\libegl.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) HKU\S-1-5-21-3814778139-2634888380-698324986-1001\Software\Classes\.scr: AutoCADScriptFile => "C:\Windows\notepad.exe" "%1" ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-3814778139-2634888380-698324986-1001\...\100sexlinks.com -> 100sexlinks.com Il y a 4788 plus de sites. ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2016-08-02 15:46 - 2016-08-02 15:46 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-3814778139-2634888380-698324986-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bennas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [TCP Query User{A19D69B5-A813-49E9-9F56-66C02D1548F1}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{D43D55C1-2F6C-422F-AE96-1BD0E6FD6666}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{D1C770E3-C86E-45B7-A309-6F3ECDF1391E}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{C96D67C7-A2CB-4423-8C50-59BED44FA08E}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{00C4835B-4626-477E-B9CE-255953014F5E}C:\users\bennas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bennas\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{054A2239-BC2E-4459-8C7D-E8032EC94C55}C:\users\bennas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bennas\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{C2A1C4C8-21FA-4D35-B605-3F9006A44A29}] => (Allow) C:\Program Files\Opera\43.0.2442.1144\opera.exe FirewallRules: [{53542C27-C208-4A58-A20B-90A6AF458C65}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{1D1FFC25-80E1-4893-8F30-1EE822166097}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{FFE442D8-CEFF-429F-959A-3295CE000613}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{5272816C-30FC-4391-862A-096C4F37D2BC}] => (Allow) C:\Program Files\Opera\44.0.2510.857\opera.exe FirewallRules: [TCP Query User{714D6A41-8F1D-4A69-870B-7E574172D3FF}C:\program files\kodi\kodi.exe] => (Block) C:\program files\kodi\kodi.exe FirewallRules: [UDP Query User{3EDC3490-2AF7-4888-9043-731DF8E7EBF2}C:\program files\kodi\kodi.exe] => (Block) C:\program files\kodi\kodi.exe FirewallRules: [TCP Query User{6AEFFA42-9B5C-4CE1-A640-62E9C3B214CC}C:\users\bennas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bennas\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{AF16F3BF-D6E6-40AC-86DC-63EB91F8D355}C:\users\bennas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bennas\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{1F84D319-7980-440F-96BA-4BB6BD64F87A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{76E580A3-A49D-4818-9872-C0E7B584675F}] => (Allow) C:\Users\bennas\Desktop\EmbratoriaG7 Khalidoudz\libs.exe FirewallRules: [{36DB820B-9226-4C7E-B98A-A5361F9506B1}] => (Allow) C:\Users\bennas\Desktop\EmbratoriaG7 Khalidoudz\libs.exe FirewallRules: [{AC499D22-E8B8-4022-900D-27A28B2E9782}] => (Allow) LPort=5000 FirewallRules: [TCP Query User{AAB56589-D73A-428B-A18E-ACB2816437D3}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{A3CF0C9E-AC9C-4ECB-B392-351F45918B42}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe FirewallRules: [{3F2CF591-DD6E-44B3-873E-C55A55F47DE7}] => (Allow) C:\Program Files\Ubisoft\Driver San Francisco\Driver.exe FirewallRules: [{D0AFAA21-BACD-4B7E-9FD7-DD399E665F32}] => (Allow) C:\Program Files\Ubisoft\Driver San Francisco\Driver.exe FirewallRules: [{F7A339C0-C320-46F3-97E1-0464A48FB1D0}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{CC54FBB6-7002-49EE-BC10-C94FDB54862B}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe ==================== Points de restauration ========================= 27-06-2017 19:25:21 Point de contrôle planifié ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: WebcamMax, WDM Video Capture Description: WebcamMax, WDM Video Capture Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: CoolwareMax Service: WCMVCAM Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (06/29/2017 01:56:18 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files\lenovousbdriver\DPInst64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (06/29/2017 01:50:16 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/28/2017 03:47:44 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files\lenovousbdriver\DPInst64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (06/28/2017 03:39:36 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/27/2017 06:08:17 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files\lenovousbdriver\DPInst64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (06/27/2017 03:26:36 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files\lenovousbdriver\DPInst64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (06/27/2017 01:39:00 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/26/2017 11:12:39 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files\lenovousbdriver\DPInst64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (06/26/2017 11:09:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/25/2017 11:15:17 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Erreurs système: ============= Error: (06/29/2017 04:54:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : MB3SwissArmy Error: (06/29/2017 04:54:17 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. Error: (06/29/2017 04:54:10 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. Error: (06/29/2017 02:04:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : MB3SwissArmy Error: (06/29/2017 02:03:57 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. Error: (06/29/2017 02:03:41 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. Error: (06/29/2017 01:41:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : MB3SwissArmy Error: (06/29/2017 01:40:25 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. Error: (06/29/2017 01:40:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. Error: (06/29/2017 01:40:10 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORITE NT) Description: Une erreur s’est produite lors de la lecture du fichier d’hôtes local. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz Pourcentage de mémoire utilisée: 50% Mémoire physique - RAM - totale: 3583.18 MB Mémoire physique - RAM - disponible: 1786.23 MB Mémoire virtuelle totale: 7164.68 MB Mémoire virtuelle disponible: 4207.6 MB ==================== Lecteurs ================================ Drive c: (windows7) (Fixed) (Total:101.74 GB) (Free:27.45 GB) NTFS Drive d: () (Fixed) (Total:68.36 GB) (Free:9.85 GB) NTFS Drive e: () (Fixed) (Total:58.59 GB) (Free:9.35 GB) NTFS Drive f: () (Fixed) (Total:58.82 GB) (Free:8.16 GB) NTFS Drive i: (windows xp) (Fixed) (Total:10.57 GB) (Free:1.8 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 249D249D) Partition 1: (Active) - (Size=10.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=287.5 GB) - (Type=OF Extended) ==================== Fin de Addition.txt ============================