Publicité
Publicité
Commentaire : Addition.txt
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-11-2016 01
Ran by maison (21-11-2016 19:06:08)
Running from C:\Users\maison\Downloads
Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) (2012-04-14 16:49:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-105692332-902592685-3503110121-500 - Administrator - Disabled)
Guest (S-1-5-21-105692332-902592685-3503110121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-105692332-902592685-3503110121-1002 - Limited - Enabled)
maison (S-1-5-21-105692332-902592685-3503110121-1000 - Administrator - Enabled) => C:\Users\maison
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
AVG Zen (Version: 1.111.9 - AVG Technologies) Hidden
Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.260.0526L - Chicony Electronics Co.,Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Opera Stable 41.0.2353.56 (HKLM\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.199.0 - Tracker Software Products Ltd)
Popcorn Time (HKLM\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time) <==== ATTENTION
Securexam (HKLM\...\Securexam) (Version: 8.1.2 - Software Secure, Inc)
Securexam (Version: 8.1.2 - Software Secure, Inc) Hidden
Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
TOSHIBA Supervisor Password (HKLM\...\{401879D1-AC26-43CD-BDDE-E0D5D5608083}) (Version: 2.00.03PLV - )
Viber (HKU\S-1-5-21-105692332-902592685-3503110121-1000\...\{6b606ee6-b468-4418-a3fe-711a4251f673}) (Version: 6.4.1.1 - Viber Media Inc.)
Viber (Version: 6.4.1.1 - Viber Media Inc.) Hidden
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {6008E119-F9C9-49A4-9A1A-4B67FC41B8DD} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {68449479-8DF5-4701-8AD9-6AC1D83CC092} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {7A1A5583-D4A2-4D67-8BED-3BC354A2E5F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {918EE264-22D9-409E-BA22-581412DD3741} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe [2016-10-31] (Adobe Systems Incorporated)
Task: {A2DC5EA6-DAA9-431F-9525-8EB99E23F91C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {B905416A-C051-44B9-A2AD-2ED03C1C66C7} - System32\Tasks\{31172C45-1936-41BD-8346-75A7715774F1} => pcalua.exe -a "F:\35 FREE MP3s.exe" -d F:\
Task: {CF21D173-0B88-47CA-9CB9-4E0769D33C58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {F092D443-2AE2-4D3D-B870-03DC60E44F5B} - System32\Tasks\{9CEB91EC-D5CF-4FA1-9498-EF09B73B8468} => Chrome.exe hxxp://ui.skype.com/ui/0/7.22.85.109/fr/abandoninstall?page=tsProgressBar
Task: {FA849151-51A4-4116-BD4C-F056044858DE} - System32\Tasks\Opera scheduled Autoupdate 1463277385 => C:\Program Files\Opera\launcher.exe [2016-11-07] (Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-04-29 20:32 - 2012-09-18 14:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2014-04-29 20:32 - 2012-09-18 14:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-05-04 10:13 - 2016-05-04 10:13 - 00046080 _____ () C:\Program Files\Software Secure, Inc\SSIRuntimeService\SSIRuntimeService.exe
2016-05-04 10:02 - 2016-05-04 10:02 - 00045056 _____ () C:\Program Files\Software Secure, Inc\SSIRuntimeService\SSINativeWrappers.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-11-03 13:21 - 2016-11-03 13:21 - 00042064 _____ () C:\Users\maison\AppData\Local\Viber\qrencode.dll
2016-11-03 13:21 - 2016-11-03 13:21 - 00016976 _____ () C:\Users\maison\AppData\Local\Viber\libEGL.DLL
2016-11-03 13:21 - 2016-11-03 13:21 - 01652304 _____ () C:\Users\maison\AppData\Local\Viber\libGLESv2.dll
2016-11-03 13:22 - 2016-11-03 13:22 - 00398416 _____ () C:\Users\maison\AppData\Local\Viber\imageformats\qsvg.dll
2016-09-28 11:26 - 2016-09-28 11:26 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2016-11-14 19:45 - 2016-11-08 15:29 - 01819240 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 19:45 - 2016-11-08 15:29 - 00093288 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-11-08 20:43 - 2016-11-08 20:43 - 17772736 _____ () C:\Users\maison\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-105692332-902592685-3503110121-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\maison\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 24.200.241.37 - 24.202.72.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Camera Assistant Software => "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Viber => "C:\Users\maison\AppData\Local\Viber\Viber.exe" StartMinimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9B4A2F96-1C9A-4441-ACCC-4FC00F02E0F3}] => (Allow) LPort=48113
FirewallRules: [{44F9A9AF-0DD2-40D8-85FE-6F2D6C203970}] => (Allow) LPort=48113
FirewallRules: [TCP Query User{F281F6BD-CC16-4C3C-A823-2EF711F860F7}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{A28078F3-4A03-432C-92EF-8E250E91F17B}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{20B6A794-1010-47ED-A885-E334039975D3}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{E4C2B373-B5CD-40C7-AAB4-95C42DFC544E}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{340CFCD7-4081-4F09-8AFD-496E044A037B}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{B2774F7E-1938-4ED8-A5F5-6DF778040C19}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{62F1452D-DD71-4872-944D-728490A3E1F2}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
FirewallRules: [{27B84A20-027C-438F-B73C-7A0A19487C7A}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
FirewallRules: [{8193F3F0-24FF-4E6C-B301-A52AC0F1A614}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{2A237C41-3191-409F-A538-BF7B3CB0FF14}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
07-11-2016 20:37:33 Fichiers de sauvegarde du Service Pack supprimés
16-11-2016 15:43:39 Windows Update
21-11-2016 11:52:14 Installed AVG 2016
21-11-2016 11:52:48 Installed AVG
21-11-2016 12:59:18 Removed Visual Studio 2012 x86 Redistributables
21-11-2016 13:00:55 Removed AVG
21-11-2016 13:03:00 Removed AVG 2016
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/21/2016 01:08:17 PM) (Source: MsiInstaller) (EventID: 10005) (User: maison-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG Zen -- Error 27054. CA_Error27054: SetupAction(0xE001003E): Installation failed.
Error: (11/21/2016 01:08:13 PM) (Source: MsiInstaller) (EventID: 10005) (User: maison-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG Zen -- Error 27054. CA_Error27054: SetupAction(0xE001003E): Installation failed.
Error: (11/21/2016 01:06:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: maison-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG Zen -- Error 27054. CA_Error27054: SetupAction(0xE001003E): Installation failed.
Error: (11/21/2016 01:06:31 PM) (Source: MsiInstaller) (EventID: 10005) (User: maison-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG Zen -- Error 27054. CA_Error27054: SetupAction(0xE001003E): Installation failed.
Error: (11/21/2016 01:03:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine ConvertStringSidToSid(S-1-5-21-105692332-902592685-3503110121-1000.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {9aaf0d18-9555-422e-9277-68ff3a874116}
Error: (11/21/2016 01:02:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante MsiExec.exe, version : 5.0.7601.17514, horodatage : 0x4ce792c4
Nom du module défaillant : MSIB3DB.tmp_unloaded, version : 0.0.0.0, horodatage : 0x58199266
Code d’exception : 0xc0000005
Décalage d’erreur : 0x774370d0
ID du processus défaillant : 0x1014
Heure de début de l’application défaillante : 0x01d24421509f9de8
Chemin d’accès de l’application défaillante : C:\Windows\system32\MsiExec.exe
Chemin d’accès du module défaillant: MSIB3DB.tmp
ID de rapport : b7e18360-b014-11e6-ab17-001e33489e42
Error: (11/21/2016 01:00:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine ConvertStringSidToSid(S-1-5-21-105692332-902592685-3503110121-1000.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {9aaf0d18-9555-422e-9277-68ff3a874116}
Error: (11/21/2016 01:00:21 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: maison-PC)
Description: Impossible de fermer l’application ou le service « AVG Service ».
Error: (11/21/2016 01:00:21 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: maison-PC)
Description: Impossible de fermer l’application ou le service « AVG User Interface ».
Error: (11/21/2016 01:00:21 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: maison-PC)
Description: Impossible de fermer l’application ou le service « AVG User Interface ».
System errors:
=============
Error: (11/21/2016 07:01:44 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 06:56:34 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 06:51:13 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:43:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:38:31 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:33:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:28:11 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:23:01 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:17:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:12:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
Percentage of memory in use: 46%
Total physical RAM: 3061.96 MB
Available physical RAM: 1625.91 MB
Total Virtual: 6122.21 MB
Available Virtual: 4676.15 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:154.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 52C7A709)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by maison (21-11-2016 19:06:08)
Running from C:\Users\maison\Downloads
Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) (2012-04-14 16:49:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-105692332-902592685-3503110121-500 - Administrator - Disabled)
Guest (S-1-5-21-105692332-902592685-3503110121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-105692332-902592685-3503110121-1002 - Limited - Enabled)
maison (S-1-5-21-105692332-902592685-3503110121-1000 - Administrator - Enabled) => C:\Users\maison
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
AVG Zen (Version: 1.111.9 - AVG Technologies) Hidden
Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.260.0526L - Chicony Electronics Co.,Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Opera Stable 41.0.2353.56 (HKLM\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.199.0 - Tracker Software Products Ltd)
Popcorn Time (HKLM\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time) <==== ATTENTION
Securexam (HKLM\...\Securexam) (Version: 8.1.2 - Software Secure, Inc)
Securexam (Version: 8.1.2 - Software Secure, Inc) Hidden
Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
TOSHIBA Supervisor Password (HKLM\...\{401879D1-AC26-43CD-BDDE-E0D5D5608083}) (Version: 2.00.03PLV - )
Viber (HKU\S-1-5-21-105692332-902592685-3503110121-1000\...\{6b606ee6-b468-4418-a3fe-711a4251f673}) (Version: 6.4.1.1 - Viber Media Inc.)
Viber (Version: 6.4.1.1 - Viber Media Inc.) Hidden
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {6008E119-F9C9-49A4-9A1A-4B67FC41B8DD} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {68449479-8DF5-4701-8AD9-6AC1D83CC092} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {7A1A5583-D4A2-4D67-8BED-3BC354A2E5F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {918EE264-22D9-409E-BA22-581412DD3741} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe [2016-10-31] (Adobe Systems Incorporated)
Task: {A2DC5EA6-DAA9-431F-9525-8EB99E23F91C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {B905416A-C051-44B9-A2AD-2ED03C1C66C7} - System32\Tasks\{31172C45-1936-41BD-8346-75A7715774F1} => pcalua.exe -a "F:\35 FREE MP3s.exe" -d F:\
Task: {CF21D173-0B88-47CA-9CB9-4E0769D33C58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-06-09] (Google Inc.)
Task: {F092D443-2AE2-4D3D-B870-03DC60E44F5B} - System32\Tasks\{9CEB91EC-D5CF-4FA1-9498-EF09B73B8468} => Chrome.exe hxxp://ui.skype.com/ui/0/7.22.85.109/fr/abandoninstall?page=tsProgressBar
Task: {FA849151-51A4-4116-BD4C-F056044858DE} - System32\Tasks\Opera scheduled Autoupdate 1463277385 => C:\Program Files\Opera\launcher.exe [2016-11-07] (Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-04-29 20:32 - 2012-09-18 14:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2014-04-29 20:32 - 2012-09-18 14:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-05-04 10:13 - 2016-05-04 10:13 - 00046080 _____ () C:\Program Files\Software Secure, Inc\SSIRuntimeService\SSIRuntimeService.exe
2016-05-04 10:02 - 2016-05-04 10:02 - 00045056 _____ () C:\Program Files\Software Secure, Inc\SSIRuntimeService\SSINativeWrappers.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-11-03 13:21 - 2016-11-03 13:21 - 00042064 _____ () C:\Users\maison\AppData\Local\Viber\qrencode.dll
2016-11-03 13:21 - 2016-11-03 13:21 - 00016976 _____ () C:\Users\maison\AppData\Local\Viber\libEGL.DLL
2016-11-03 13:21 - 2016-11-03 13:21 - 01652304 _____ () C:\Users\maison\AppData\Local\Viber\libGLESv2.dll
2016-11-03 13:22 - 2016-11-03 13:22 - 00398416 _____ () C:\Users\maison\AppData\Local\Viber\imageformats\qsvg.dll
2016-09-28 11:26 - 2016-09-28 11:26 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2016-11-14 19:45 - 2016-11-08 15:29 - 01819240 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 19:45 - 2016-11-08 15:29 - 00093288 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-11-08 20:43 - 2016-11-08 20:43 - 17772736 _____ () C:\Users\maison\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-105692332-902592685-3503110121-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\maison\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 24.200.241.37 - 24.202.72.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Camera Assistant Software => "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Viber => "C:\Users\maison\AppData\Local\Viber\Viber.exe" StartMinimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9B4A2F96-1C9A-4441-ACCC-4FC00F02E0F3}] => (Allow) LPort=48113
FirewallRules: [{44F9A9AF-0DD2-40D8-85FE-6F2D6C203970}] => (Allow) LPort=48113
FirewallRules: [TCP Query User{F281F6BD-CC16-4C3C-A823-2EF711F860F7}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{A28078F3-4A03-432C-92EF-8E250E91F17B}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{20B6A794-1010-47ED-A885-E334039975D3}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{E4C2B373-B5CD-40C7-AAB4-95C42DFC544E}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe
FirewallRules: [{340CFCD7-4081-4F09-8AFD-496E044A037B}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{B2774F7E-1938-4ED8-A5F5-6DF778040C19}] => (Allow) C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{62F1452D-DD71-4872-944D-728490A3E1F2}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
FirewallRules: [{27B84A20-027C-438F-B73C-7A0A19487C7A}] => (Allow) C:\Program Files\Popcorn Time\chromecast\node.exe
FirewallRules: [{8193F3F0-24FF-4E6C-B301-A52AC0F1A614}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{2A237C41-3191-409F-A538-BF7B3CB0FF14}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
07-11-2016 20:37:33 Fichiers de sauvegarde du Service Pack supprimés
16-11-2016 15:43:39 Windows Update
21-11-2016 11:52:14 Installed AVG 2016
21-11-2016 11:52:48 Installed AVG
21-11-2016 12:59:18 Removed Visual Studio 2012 x86 Redistributables
21-11-2016 13:00:55 Removed AVG
21-11-2016 13:03:00 Removed AVG 2016
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/21/2016 01:08:17 PM) (Source: MsiInstaller) (EventID: 10005) (User: maison-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG Zen -- Error 27054. CA_Error27054: SetupAction(0xE001003E): Installation failed.
Error: (11/21/2016 01:08:13 PM) (Source: MsiInstaller) (EventID: 10005) (User: maison-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG Zen -- Error 27054. CA_Error27054: SetupAction(0xE001003E): Installation failed.
Error: (11/21/2016 01:06:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: maison-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG Zen -- Error 27054. CA_Error27054: SetupAction(0xE001003E): Installation failed.
Error: (11/21/2016 01:06:31 PM) (Source: MsiInstaller) (EventID: 10005) (User: maison-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG Zen -- Error 27054. CA_Error27054: SetupAction(0xE001003E): Installation failed.
Error: (11/21/2016 01:03:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine ConvertStringSidToSid(S-1-5-21-105692332-902592685-3503110121-1000.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {9aaf0d18-9555-422e-9277-68ff3a874116}
Error: (11/21/2016 01:02:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante MsiExec.exe, version : 5.0.7601.17514, horodatage : 0x4ce792c4
Nom du module défaillant : MSIB3DB.tmp_unloaded, version : 0.0.0.0, horodatage : 0x58199266
Code d’exception : 0xc0000005
Décalage d’erreur : 0x774370d0
ID du processus défaillant : 0x1014
Heure de début de l’application défaillante : 0x01d24421509f9de8
Chemin d’accès de l’application défaillante : C:\Windows\system32\MsiExec.exe
Chemin d’accès du module défaillant: MSIB3DB.tmp
ID de rapport : b7e18360-b014-11e6-ab17-001e33489e42
Error: (11/21/2016 01:00:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine ConvertStringSidToSid(S-1-5-21-105692332-902592685-3503110121-1000.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {9aaf0d18-9555-422e-9277-68ff3a874116}
Error: (11/21/2016 01:00:21 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: maison-PC)
Description: Impossible de fermer l’application ou le service « AVG Service ».
Error: (11/21/2016 01:00:21 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: maison-PC)
Description: Impossible de fermer l’application ou le service « AVG User Interface ».
Error: (11/21/2016 01:00:21 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: maison-PC)
Description: Impossible de fermer l’application ou le service « AVG User Interface ».
System errors:
=============
Error: (11/21/2016 07:01:44 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 06:56:34 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 06:51:13 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:43:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:38:31 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:33:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:28:11 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:23:01 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:17:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
Error: (11/21/2016 02:12:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.1.133.
L’ordinateur avec l’adresse IP 192.168.1.1 n’a pas permis que le nom soit réclamé par
cet ordinateur.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
Percentage of memory in use: 46%
Total physical RAM: 3061.96 MB
Available physical RAM: 1625.91 MB
Total Virtual: 6122.21 MB
Available Virtual: 4676.15 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:154.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 52C7A709)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================