Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by Liliane at 2015-07-14 10:23:20
Running from C:\Users\Liliane\Downloads\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-2352873010-755456628-1777688380-500 - Administrator - Disabled)
Invité (S-1-5-21-2352873010-755456628-1777688380-501 - Limited - Disabled)
Liliane (S-1-5-21-2352873010-755456628-1777688380-1000 - Administrator - Enabled) => C:\Users\Liliane
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
calibre (HKLM\...\{5A119A69-9ACD-4287-97FB-1EC30DE71459}) (Version: 2.31.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}) (Version: 2.2.9 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{934B3B19-8193-467A-B356-E73F82647D38}) (Version: 1.0.15 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{BAD1449B-DF0C-4118-B76D-68C54009576C}) (Version: 1.1.2 - Cisco Systems, Inc.)
Complément Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Configuration DivX (HKLM\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Enregistrement utilisateur de Canon MP490 series (HKLM\...\Enregistrement utilisateur de Canon MP490 series) (Version: - )
FileZilla Client 3.11.0.1 (HKLM\...\FileZilla Client) (Version: 3.11.0.1 - Tim Kosse)
Free Audio Editor v7.9.4 (HKLM\...\Free Audio Editor_is1) (Version: - FreeAudioStudio Inc.)
Free Mp3 Wma Converter V 2.2 (HKLM\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Lab Inc.)
Free YouTube Download version 3.2.59.616 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.59.616 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.525 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.)
Galerie de photos Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Join Me (HKLM\...\{91719435-F4B9-4D21-814D-7C66959DB632}) (Version: 1.0.0 - ZTE)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ma-Config.com (HKLM\...\{A4EF9D8B-E19B-45ED-BFAF-CB4364574FFF}) (Version: 5.1.076 - Cybelsoft)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{9085040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Module de compatibilité pour Microsoft Office System 2007 (HKLM\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Module linguistique Microsoft .NET Framework 3.5 SP1- fra (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - fra) (Version: - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM\...\{121727D5-FDF3-4723-BA57-EB383440ED72}) (Version: 4.11.9775 - Apache Software Foundation)
PhotoFiltre 7 (HKU\S-1-5-21-2352873010-755456628-1777688380-1000\...\PhotoFiltre 7) (Version: - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visionneuse Microsoft PowerPoint (HKLM\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2352873010-755456628-1777688380-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
==================== Restore Points =========================
10-06-2015 13:58:58 Windows Update
17-06-2015 07:36:24 Windows Update
23-06-2015 08:33:59 Windows Update
26-06-2015 18:25:33 Installed calibre
27-06-2015 07:08:45 Windows Update
01-07-2015 07:15:24 Windows Update
08-07-2015 07:30:24 Windows Update
11-07-2015 07:28:35 Windows Update
14-07-2015 08:28:54 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2011-10-03 17:00 - 00437632 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {25E78E2F-DEF9-46E0-B206-69619A5F5144} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-18] (Google Inc.)
Task: {37747ABF-94AB-4EA9-BD2C-CDF759D2CB56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-08] (Adobe Systems Incorporated)
Task: {5DAE90B5-3E65-4831-980B-C9F8F67C7DF2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {94B5DDED-33E1-480F-A1C4-F325ECBC4F63} - System32\Tasks\{818A84DE-D0F9-4153-8FF7-7CC5C0E1B5C7} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.187&LastError=12002
Task: {A500C359-F433-4A51-B807-0A62C3BB1840} - System32\Tasks\Amazon Music Helper => C:\Users\Liliane\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {AB733EF0-65CC-4934-BF6D-103877E857F7} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Liliane => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {BE52AF5B-FC38-4798-B6DB-15889AC28042} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {DF824504-9321-4AAE-B359-0134AC7C934A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-18] (Google Inc.)
Task: {FF25FE95-2D34-43B8-976B-8F62D7FBD94F} - System32\Tasks\{B1F6E3FA-4DC1-42AD-9F74-9EEEA49285AD} => pcalua.exe -a "C:\Program Files\Free Youtube Downloader\uninst.exe"
Task: {FF61BF89-9930-4FF9-BBC1-4DF247B200AE} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-04-28 18:57 - 2015-04-28 18:57 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-28 18:57 - 2015-04-28 18:57 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-13 19:29 - 2015-07-13 19:29 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071301\algo.dll
2015-05-22 16:46 - 2015-05-22 16:46 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2011-10-06 21:14 - 2009-02-10 18:01 - 00116104 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2015-04-28 18:57 - 2015-04-28 18:58 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-04-24 18:33 - 2013-04-24 18:33 - 00397632 _____ () C:\Users\Liliane\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2015-06-01 19:28 - 2015-06-01 19:28 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7690 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2352873010-755456628-1777688380-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Liliane\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
DNS Servers: 212.27.40.241 - 212.27.40.240
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher =>
MSCONFIG\startupreg: CanalPlayerHelper =>
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Hoolapp Android =>
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{9DB53F8A-B9D0-415E-B728-D0A675C4586B}] => (Allow) LPort=48113
FirewallRules: [{33444F39-D2EA-4C45-8279-1B0620F73EFC}] => (Allow) LPort=48113
FirewallRules: [{AED9176E-7F9A-4B4D-AAD6-207FE057D62F}] => (Allow) C:\Program Files\ma-config.com\maconfservice.exe
FirewallRules: [{3E8B1DD1-756D-4A01-B967-A2AB3B545D44}] => (Allow) C:\Program Files\ma-config.com\maconfservice.exe
FirewallRules: [{8810AD27-0966-4439-9CAF-E5735C367EE3}] => (Allow) LPort=80
FirewallRules: [{4B2F8151-A086-4DE8-BB1D-9493A627B599}] => (Allow) LPort=80
FirewallRules: [{7FF64281-51A6-4B59-B82D-B0C1777588C9}] => (Allow) LPort=80
FirewallRules: [TCP Query User{D086610A-1771-47F6-AD3E-34E1CEEFA475}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{0A325B27-9302-4044-8F71-97440DC8FB1E}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{39466C4D-BB6F-44D3-933A-1E697F94018C}] => (Allow) LPort=21
FirewallRules: [{8978EA4E-0794-44F0-96CC-3E7018B5DB9B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F6AEBDB7-8F64-4135-82A6-3D943CF7B0E4}] => (Allow) LPort=2869
FirewallRules: [{A6CD6455-2AA5-4942-A8FE-CFF4F6B83A0D}] => (Allow) LPort=1900
FirewallRules: [{AAF148C3-AD5B-4F7D-9FF5-71A5304290EB}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C006805B-C26C-40CE-95FA-287EDE050750}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{E163D2CF-FAFA-4E25-92E9-AA7CDBE1D9F5}C:\program files\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{548A0748-75E3-4726-8640-5972AD49B42D}C:\program files\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{A8F6C40E-1558-45C8-9B4E-B0E529CD6727}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{5F2796AC-716A-4212-985F-7F9143B3B088}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [{846CA07E-0130-4333-A74D-DFCD771C1AED}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8569FE5A-FCAF-412F-9795-2CCCD79DD145}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{A368834B-9817-4D11-B320-2DD55A8352C0}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{E023B719-8843-4266-A2FA-AEF1968C8E39}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{73D47954-921B-4EB7-B25D-0448187F0853}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [TCP Query User{FC6427D3-F8EC-4587-9304-0D77CBADA026}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{530A578B-86DC-4D1C-814B-273B89D71BA4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{575DD967-E461-4333-A641-7B57CA306611}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Carte Microsoft 6to4
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2015 08:19:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 10:21:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 08:15:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 05:31:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 02:58:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 12:27:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (07/13/2015 12:27:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Error: (07/13/2015 12:27:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
Error: (07/13/2015 12:27:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\system32\Secur32.dll4
Error: (07/13/2015 12:27:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll4
System errors:
=============
Error: (07/14/2015 08:19:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: VBoxAsw Support Driver%%3
Error: (07/14/2015 08:18:44 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: AUTORITE NT)
Description: 2147942402
Error: (07/13/2015 10:21:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: VBoxAsw Support Driver%%3
Error: (07/13/2015 10:20:43 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: AUTORITE NT)
Description: 2147942402
Error: (07/13/2015 08:15:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: VBoxAsw Support Driver%%3
Error: (07/13/2015 08:14:20 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: AUTORITE NT)
Description: 2147942402
Error: (07/13/2015 05:31:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: VBoxAsw Support Driver%%3
Error: (07/13/2015 05:30:28 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: AUTORITE NT)
Description: 2147942402
Error: (07/13/2015 02:58:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: VBoxAsw Support Driver%%3
Error: (07/13/2015 02:58:04 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: AUTORITE NT)
Description: 2147942402
Microsoft Office:
=========================
Error: (07/14/2015 08:19:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 10:21:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 08:15:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 05:31:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 02:58:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2015 12:27:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (07/13/2015 12:27:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Error: (07/13/2015 12:27:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
Error: (07/13/2015 12:27:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\system32\Secur32.dll4
Error: (07/13/2015 12:27:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll4
CodeIntegrity Errors:
===================================
Date: 2015-07-14 10:22:47.365
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2015-07-14 10:22:46.302
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2015-07-14 10:22:45.444
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2015-07-14 10:22:44.648
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2015-07-14 10:18:41.614
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2015-07-14 10:18:41.014
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2015-07-14 10:18:40.249
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2015-07-14 10:18:39.546
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2015-07-14 09:02:46.260
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
Date: 2015-07-14 09:02:45.618
Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 550 @ 2.00GHz
Percentage of memory in use: 86%
Total physical RAM: 1525.25 MB
Available physical RAM: 208.81 MB
Total Virtual: 3304.3 MB
Available Virtual: 1593.55 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:62.82 GB) (Free:16.2 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (FreeAgent Drive) (Fixed) (Total:298.09 GB) (Free:201.75 GB) NTFS
Drive f: (FreeAgent Drive) (Fixed) (Total:298.09 GB) (Free:206.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 74.5 GB) (Disk ID: 1E01DFB9)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=62.8 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 298.1 GB) (Disk ID: B2C8268D)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (Size: 298.1 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of log ============================