Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Exécuté par Veronique (20-12-2016 13:44:09)
Exécuté depuis C:\Users\Veronique\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-26 17:39:44)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-347313316-3756737253-4142799880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-347313316-3756737253-4142799880-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-347313316-3756737253-4142799880-1005 - Limited - Enabled)
Invité (S-1-5-21-347313316-3756737253-4142799880-501 - Limited - Disabled)
Veronique (S-1-5-21-347313316-3756737253-4142799880-1008 - Administrator - Enabled) => C:\Users\Veronique
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Aiseesoft Blu-ray Ripper 7.1.20 (HKLM-x32\...\{D1B455C8-C170-44fe-8A90-31263B5153C2}_is1) (Version: 7.1.20 - Aiseesoft Studio)
Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
AxCrypt 2.1.1481.0 (HKLM-x32\...\{18db8d8e-e8a9-4911-a0bb-978f5341daeb}) (Version: 2.1.1481.0 - AxCrypt AB)
AxCrypt 2.1.1481.0 (Version: 2.1.1481.0 - AxCrypt AB) Hidden
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{EEC54E03-486F-411E-BAC0-EC9FC4642465}) (Version: 4.5.7.6452 - Canneverbe Limited)
Clavier+ 10.7.0 (HKLM\...\Clavier+_is1) (Version: 10.7.0 - Guillaume Ryder)
davehope.co.uk Product Key Finder (HKLM-x32\...\Product Key Finder_is1) (Version: - davehope.co.uk)
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.20 - Infonautics GmbH, Switzerland)
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.29 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Cleaner Free 3.2.7 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.7 - DigitalVolcano Software Ltd) <==== ATTENTION
EaseUS Partition Master 11.9 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Edraw Max Fr 8.4 (HKLM-x32\...\Edraw Max Fr_is1) (Version: - EdrawSoft)
Egypte 2 (HKLM-x32\...\Egypte 2) (Version: - )
Exact Audio Copy 1.2 (HKLM-x32\...\Exact Audio Copy) (Version: 1.2 - Andre Wiethoff)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 5.15 - NCH Software)
FirstClass Client (HKLM-x32\...\{E49C4A6D-7655-4D0A-A083-664D99D825CA}) (Version: 12.014 - OpenText)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Freeplane (HKLM\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version: 1.5.17 - Open source)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
IHMC CmapTools v6.01 (HKLM-x32\...\IHMC CmapTools v6.01) (Version: 6.0.1.0 - Institute for Human & Machine Cognition)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
KeePass Password Safe 1.31 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.31 - Dominik Reichl)
LibreOffice 5.1.3.2 (HKLM-x32\...\{5F7475A1-6240-4753-BE3E-61499621EC42}) (Version: 5.1.3.2 - The Document Foundation)
Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Manager (x32 Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden
Microsoft Office XP Professional avec FrontPage (HKLM-x32\...\{9028040C-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.5 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mises à jour NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Movavi Screen Capture Studio 7 (HKLM-x32\...\Movavi Screen Capture Studio 7) (Version: 7.3.0 - Movavi)
NVIDIA Pilote 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Pilote graphique 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
OpenProj (HKLM-x32\...\{13702021-43FB-480C-912F-D9B74A538288}) (Version: 1.4.0 - Serena Software Inc.)
Panneau de configuration NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd)
Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Skype⢠7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.19 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VUE 3.3.0 (HKLM-x32\...\VUE) (Version: 3.3.0 - Tufts University)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 2.3.14 - Winzipper Pvt Ltd.) <==== ATTENTION
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare PDFelement(Build 5.10.1) (HKLM-x32\...\{5CA0183F-6D90-4615-91A5-F1A8A2014E83}_is1) (Version: 5.10.1.0 - Wondershare Software Co.,Ltd.)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-347313316-3756737253-4142799880-1008_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Veronique\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-347313316-3756737253-4142799880-1008_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Veronique\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-347313316-3756737253-4142799880-1008_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Veronique\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {09639FBD-99B6-4118-AA06-AA87C29906BA} - System32\Tasks\{FA138E58-1B42-475D-8FA9-6520CB41AE83} => pcalua.exe -a "C:\Program Files\VeraCrypt\VeraCrypt Setup.exe" -c /u
Task: {0F3BE783-5386-420C-B179-57490DBD6AB1} - \WPD\SqmUpload_S-1-5-21-347313316-3756737253-4142799880-1006 -> Pas de fichier <==== ATTENTION
Task: {1001CB7B-6DEF-4FA9-9F70-56CB6ED865CC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {25DEB4BF-34AF-410C-BA49-A3E34ED5AB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {27D7238E-7792-448C-9DCE-D6F90ADBA9AF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Pas de fichier <==== ATTENTION
Task: {28B03954-37A8-4761-BB11-B8488C50A818} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {34DE6219-AB6F-4F80-878B-702E0C697880} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-10] (Dropbox, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3CEE569D-A899-4B8D-A6F8-85A314E19972} - System32\Tasks\{7173D3FC-F8FA-84ED-C740-58F232329872} => C:\Users\emmanuel\AppData\Roaming\PRICEF~1\SyncTask.exe <==== ATTENTION
Task: {46B7210E-6B64-4122-A571-0FE97BD424B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {487D621D-5DCC-4F34-83E1-3F80C162AE37} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347313316-3756737253-4142799880-1008UA => C:\Users\Veronique\AppData\Local\Google\Update\GoogleUpdate.exe [2016-09-27] (Google Inc.)
Task: {4CB9D5EE-44C2-446A-8014-973ACCE475C2} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {59708BE9-0EE7-47DF-A728-86B3F2278C47} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {689BE7D5-209A-4F90-8985-024C9A4AB6FD} - System32\Tasks\SafeZone scheduled Autoupdate 1469552660 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {760BEA98-3B3A-4B87-A0AD-FF6D68A0D01B} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-04-19] (Tracker Software Products (Canada) Ltd.)
Task: {815A8CB0-D2AF-42BC-92DF-6B03119152E8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {85A2EF35-70A7-4ED6-9413-168FF388D7E8} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {86461F0F-1207-4325-9B93-2CFBC73287BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {870437BD-0A5D-4534-B1C6-09CB571D282A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {89468DFD-BBA1-462C-AEA3-8A2BDEA194E3} - \WPD\SqmUpload_S-1-5-21-347313316-3756737253-4142799880-1008 -> Pas de fichier <==== ATTENTION
Task: {8AF48978-6DB9-4AB5-8840-19198A7A8D1A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {8B77B1C9-620E-4D9C-B20F-FC54891C1585} - System32\Tasks\emmanuelGummiestInterjectionalV2 => Rundll32.exe PtomainPretzels.dll,main 7 1 <==== ATTENTION
Task: {9294A2C3-61DF-405A-B74C-2D44F99DD313} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Vincent\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {964FA542-EC1B-4F51-BF21-F7ABDB67D9E4} - \WPD\SqmUpload_S-1-5-21-347313316-3756737253-4142799880-1001 -> Pas de fichier <==== ATTENTION
Task: {AC91D2B7-C4D9-4F85-AB38-C6A1F77D2343} - \WPD\SqmUpload_S-1-5-21-347313316-3756737253-4142799880-1007 -> Pas de fichier <==== ATTENTION
Task: {AF84442F-1774-4BAE-B24A-9F4420E1126D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {BB0C633D-CE0F-4BF7-9989-00AFDB3438E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-20] (Google Inc.)
Task: {BBB3AFF0-003D-4906-9BA9-258C86F212D8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-10] (Dropbox, Inc.)
Task: {BE21CE71-5F9F-4FD9-B35A-D498F9273708} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {DB268ABD-95FA-44D3-B795-2D762E09AAE9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {E6A47B74-BE2C-44CC-A680-3063FB71AA98} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347313316-3756737253-4142799880-1008Core => C:\Users\Veronique\AppData\Local\Google\Update\GoogleUpdate.exe [2016-09-27] (Google Inc.)
Task: {E8A46BEB-FEEC-4677-8A74-41F70D750CF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-20] (Google Inc.)
Task: {F1529042-55B9-43DE-AA6E-2E7D87F6421F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {F208D75B-129D-4976-9344-020D4D330E3F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-04] (AVAST Software)
Task: {F4AB0C2D-6A71-4FA8-8D1B-C24E1D7DC34A} - System32\Tasks\Prervasghonert Reports => C:\Program Files (x86)\Shedoght\peruther.exe
Task: {FA843350-B3CF-426D-8E3D-082E542246DD} - System32\Tasks\{24D39061-79D3-48C2-B65B-7623D11A06FC} => pcalua.exe -a C:\Users\Veronique\AppData\Local\{83BEB5E2-A716-D95A-CA8E-FCB2EEE6002A}\uninst.exe -c -FN="C:\Users\Veronique\AppData\Roaming\{83E3B558-A6B1-D82E-CD87-FFFC115502C2}\helperupdate.exe"-P=/Uninstall /s /noun /DelSelfDir
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
Task: C:\WINDOWS\Tasks\{7173D3FC-F8FA-84ED-C740-58F232329872}.job => C:\Users\emmanuel\AppData\Roaming\PRICEF~1\SyncTask.exe <==== ATTENTION
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
Shortcut: C:\Users\Veronique\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
Shortcut: C:\Users\Veronique\Favorites\Windows Utility Software.lnk -> hxxp:�
==================== Modules chargés (Avec liste blanche) ==============
2016-12-20 10:15 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-10 16:37 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-26 18:15 - 2016-01-29 11:49 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-10 16:37 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-10 16:37 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2016-09-26 18:45 - 2016-09-26 18:45 - 01864384 _____ () C:\Users\Veronique\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-26 19:07 - 2016-09-26 19:07 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-10 16:38 - 2016-11-11 10:23 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-12 19:42 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-12 19:42 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-12 19:42 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-12 19:42 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-12 19:42 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-12 19:42 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-14 23:00 - 2016-12-14 23:01 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 23:00 - 2016-12-14 23:01 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 23:00 - 2016-12-14 23:01 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 23:00 - 2016-12-14 23:01 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-04 00:48 - 2016-09-04 00:48 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-20 12:45 - 2016-12-20 12:45 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16122000\algo.dll
2016-09-04 00:48 - 2016-09-04 00:48 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-09-27 09:37 - 2016-08-31 18:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-09-27 09:37 - 2016-08-31 18:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-09-27 09:37 - 2016-08-31 18:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-09-27 09:37 - 2016-08-31 18:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-06-20 22:55 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-12-20 13:38 - 2016-12-20 13:38 - 00098816 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32api.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00110080 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\pywintypes27.dll
2016-12-20 13:38 - 2016-12-20 13:38 - 00364544 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\pythoncom27.dll
2016-12-20 13:38 - 2016-12-20 13:38 - 00320512 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32com.shell.shell.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00914432 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_hashlib.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 01176576 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._core_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00806400 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._gdi_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00816128 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._windows_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 01067008 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._controls_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00733184 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._misc_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00682496 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\pysqlite2._sqlite.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00088064 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_ctypes.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00686080 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\unicodedata.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00119808 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32file.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00108544 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32security.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00007168 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\hashobjs_ext.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00017920 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\thumbnails_ext.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00088064 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\usb_ext.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00012800 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\common.time34.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00018432 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32event.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00167936 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32gui.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00046080 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_socket.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 01303552 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_ssl.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00128512 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_elementtree.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00127488 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\pyexpat.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00038912 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32inet.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00036864 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_psutil_windows.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00524248 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\windows._lib_cacheinvalidation.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00011264 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32crypt.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00123392 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._wizard.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00077312 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._html2.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00027648 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_multiprocessing.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00020480 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_yappi.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00035840 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32process.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00078848 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._animate.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00024064 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32pipe.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00010240 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\select.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00025600 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32pdh.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00017408 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32profile.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00022528 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32ts.pyd
2016-07-26 17:53 - 2016-07-26 17:53 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-07 18:45 - 2016-10-08 16:48 - 01506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-09-07 18:45 - 2016-07-21 10:54 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-11-12 17:50 - 2016-11-11 21:36 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-11-12 17:50 - 2016-11-11 21:36 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-11-12 17:50 - 2016-11-11 21:36 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-11-12 17:50 - 2016-11-11 21:36 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-11-12 17:50 - 2016-11-11 21:37 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-12-15 21:37 - 2016-11-11 21:36 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-12-15 21:37 - 2016-11-11 21:37 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-12-15 21:37 - 2016-11-11 21:36 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-11-12 17:50 - 2016-11-11 21:38 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-12-15 21:37 - 2016-11-11 21:36 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-12-15 21:37 - 2016-11-11 21:38 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-11-12 17:50 - 2016-11-11 21:37 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-12-15 21:37 - 2016-11-11 21:35 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-12-15 21:37 - 2016-12-12 15:16 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-12-15 21:37 - 2016-12-05 21:07 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-12-15 21:37 - 2016-12-12 15:16 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-12-15 21:37 - 2016-12-12 15:16 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-11-12 17:50 - 2016-11-11 21:37 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-12-15 21:37 - 2016-12-12 15:17 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-12-15 21:37 - 2016-12-12 15:17 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-12-15 21:37 - 2016-12-12 15:17 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-12-15 21:37 - 2016-11-11 21:42 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-12-15 21:37 - 2016-11-11 21:42 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-12-15 21:37 - 2016-12-12 15:16 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-12-15 21:37 - 2016-12-12 15:17 - 00171320 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\...\localhost -> localhost
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2013-08-22 14:25 - 2016-11-07 20:04 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\Veronique\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-347313316-3756737253-4142799880-1008\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-347313316-3756737253-4142799880-1008\...\StartupApproved\Run: => "movavi_screencapturestudio_7.3.0_screencapture"
HKU\S-1-5-21-347313316-3756737253-4142799880-1008\...\StartupApproved\Run: => "Uninstall C:\Users\Veronique\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{28D1FB08-8763-4687-8B65-8F7BBDA37DCC}] => C:\ProgramData\Fishlose\Fishlose.exe
FirewallRules: [{5B25EBBD-F921-4786-8A43-B86E5B567CE9}] => C:\Program Files (x86)\Fishlose\Update\FishloseUpdate.exe
FirewallRules: [{4B6A2FA9-2C57-4F59-9C0B-27AB43D39B44}] => C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{8102A9B2-8A3F-4C6C-80EC-FC5B8BA15CDE}] => C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe
FirewallRules: [{CF4541F7-7826-4A61-9B0B-E13345B07C41}] => C:\Users\Veronique\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{7A1035A2-CA42-49E5-AD9D-3DDCF4C25998}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8CE2403F-F24F-4BD5-9DC7-44DCDF8083FB}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E79A9B39-40AB-4370-9A40-B2318CF94F39}] => LPort=810
FirewallRules: [TCP Query User{8382609C-77F5-484E-839B-F3CC65C426CE}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{33DCB230-0AC2-4A18-A282-6DDBD0FED9C9}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C0D5182E-3931-47B5-96CD-06EEAFAF94E5}] => LPort=1688
FirewallRules: [{59113217-DB55-4312-8518-36583ACACEF5}] => C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{FFEA8625-9B9A-46E0-A2A4-C6D676DBA7FD}] => C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{506724E4-1382-45D4-84E9-48B1493BFEBD}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{A397F54B-2FE8-4FC8-AD7B-67AA40B7A547}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{AE606C22-4FE2-4FB7-BED4-F066B42BF249}C:\program files (x86)\legness\application\chrome.exe] => C:\program files (x86)\legness\application\chrome.exe
FirewallRules: [UDP Query User{3772077E-35A1-4BB8-AC8D-9BA8792B9E36}C:\program files (x86)\legness\application\chrome.exe] => C:\program files (x86)\legness\application\chrome.exe
FirewallRules: [TCP Query User{4DF42A7F-7F1C-49D0-8AC2-21FCD55C81B8}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe] => C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe
FirewallRules: [UDP Query User{D9D9F6B6-E312-4193-9AB2-4F62A140DF32}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe] => C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe
FirewallRules: [{BF9C2404-5A0F-4B98-9298-5267C2BCC9F2}] => C:\Program Files (x86)\Tooleat\Application\chrome.exe
FirewallRules: [{36ECE917-4090-4632-9C12-8B36E2D4B187}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{E7B4FB1F-2889-44F4-9B43-4529BD25A60C}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D7D8031D-85CD-40A9-9714-52BBA0D8B41A}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EB73F556-1FEC-4E02-BEF3-0CEA631FF70A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{374F8268-884C-4306-AE80-944E6D88A060}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D7C6B789-4CA1-4D84-8A96-E6E9B8066137}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
19-12-2016 10:48:34 Windows Update
19-12-2016 10:49:30 Windows Update
19-12-2016 11:47:31 Opération de restauration
19-12-2016 15:46:41 Sauvegarde Windows
19-12-2016 16:07:19 manuel
19-12-2016 17:02:55 Programme dâinstallation pour les modules Windows
==================== Ãléments en erreur du Gestionnaire de périphériques =============
Name: Clavier standard PS/2
Description: Clavier standard PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Claviers standard)
Service: i8042prt
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.
Name: Souris Microsoft PS/2
Description: Souris Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (12/20/2016 01:38:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Ãchec de lâactivation des licences (slui.exe) avec le code dâerreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (12/20/2016 01:29:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Ãchec de lâactivation des licences (slui.exe) avec le code dâerreur suivant :
hr=0x8007139F
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/20/2016 12:54:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Ãchec de lâactivation des licences (slui.exe) avec le code dâerreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (12/20/2016 12:53:09 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Le fichier spécifié est introuvable.
Error: (12/20/2016 12:46:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Fixe_Orange)
Description: Ãchec de lâactivation de lâapplication Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec lâerreur : -2147024865 Pour plus dâinformations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (12/20/2016 12:46:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Fixe_Orange)
Description: Ãchec de lâactivation de lâapplication Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec lâerreur : -2144927141 Pour plus dâinformations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (12/20/2016 12:44:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Ãchec de lâactivation des licences (slui.exe) avec le code dâerreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (12/20/2016 12:42:56 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Le fichier spécifié est introuvable.
Error: (12/20/2016 12:33:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte dâactivation a échoué pour « C:\$Recycle.Bin\S-1-5-21-347313316-3756737253-4142799880-1008\$R4J10BO.exe ».
Assembly dépendant 54.0.2840.71,language="*",type="win32",version="54.0.2840.71" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (12/20/2016 10:38:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Fixe_Orange)
Description: Ãchec de lâactivation de lâapplication Microsoft.Windows.Photos_8wekyb3d8bbwe!App avec lâerreur : -2144927142 Pour plus dâinformations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Erreurs système:
=============
Error: (12/20/2016 01:40:58 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/20/2016 01:37:57 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres dâautorisation propres à lâapplication nâaccordent pas lâautorisation Local Activation pour lâapplication serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et lâAPPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de lâutilisateur (S-1-5-18) depuis lâadresse LocalHost (avec LRPC) sâexécutant dans le SID Non disponible du conteneur dâapplications (Non disponible). Cette autorisation de sécurité peut être modifiée à lâaide de lâoutil dâadministration Services de composants.
Error: (12/20/2016 01:00:46 PM) (Source: DCOM) (EventID: 10010) (User: Fixe_Orange)
Description: Le serveur {0002DF02-0000-0000-C000-000000000046} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/20/2016 12:56:24 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/20/2016 12:53:25 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres dâautorisation propres à lâapplication nâaccordent pas lâautorisation Local Activation pour lâapplication serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et lâAPPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de lâutilisateur (S-1-5-18) depuis lâadresse LocalHost (avec LRPC) sâexécutant dans le SID Non disponible du conteneur dâapplications (Non disponible). Cette autorisation de sécurité peut être modifiée à lâaide de lâoutil dâadministration Services de composants.
Error: (12/20/2016 12:52:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Windows Search nâa pas pu démarrer en raison de lâerreur :
Lâéchec dâune ouverture de session a empêché le démarrage du service.
Error: (12/20/2016 12:52:20 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service WSearch nâa pas pu ouvrir de session en tant que NT AUTHORITY\SYSTEM avec le mot de passe actuellement configuré en raison de lâerreur suivante :
Cette demande nâest pas prise en charge.
Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).
Error: (12/20/2016 12:51:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service BrYNSvc sâest terminé de façon inattendue pour la 1ème fois.
Error: (12/20/2016 12:51:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Search sâest terminé de manière inattendue. Ceci sâest produit 1 fois. Lâaction corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
Error: (12/20/2016 12:51:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service PDF Architect 4 Manager sâest terminé de façon inattendue pour la 1ème fois.
CodeIntegrity:
===================================
Date: 2016-12-20 10:16:11.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2016-12-20 10:16:11.773
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2016-12-20 10:16:11.761
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2016-12-20 09:36:37.958
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-20 09:27:07.213
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-20 09:05:33.203
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-19 19:57:54.725
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-19 19:44:09.265
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-19 19:14:09.319
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-19 18:59:09.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
� �
�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=� �I�n�f�o�s� �M�é�m�o�i�r�e� �=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=� � �
� �
�P�r�o�c�e�s�s�e�u�r�:� �P�e�n�t�i�u�m�(�R�)� �D�u�a�l�-�C�o�r�e� �C�P�U� �E�5�5�0�0� �@� �2�.�8�0�G�H�z� �
�P�o�u�r�c�e�n�t�a�g�e� �d�e� �m�é�m�o�i�r�e� �u�t�i�l�i�s�é�e�:� �7�6�%� �
�M�é�m�o�i�r�e� �p�h�y�s�i�q�u�e� �-� �R�A�M� �-� �t�o�t�a�l�e�:� �4�0�9�5�.�2�4� �M�B� �
�M�é�m�o�i�r�e� �p�h�y�s�i�q�u�e� �-� �R�A�M� �-� �d�i�s�p�o�n�i�b�l�e�:� �9�6�3�.�5�2� �M�B� �
�M�é�m�o�i�r�e� �v�i�r�t�u�e�l�l�e� �t�o�t�a�l�e�:� �8�1�9�1�.�2�4� �M�B� �
�M�é�m�o�i�r�e� �v�i�r�t�u�e�l�l�e� �d�i�s�p�o�n�i�b�l�e�:� �4�6�4�9�.�3� �M�B� �
� �
�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=� �L�e�c�t�e�u�r�s� �=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=� �
� �
Drive a: (Dossiers Privés) (Fixed) (Total:97.66 GB) (Free:97.4 GB) NTFS
Drive c: (Packard Bell) (Fixed) (Total:289.45 GB) (Free:239.26 GB) NTFS
Drive d: (Documents) (Fixed) (Total:191.96 GB) (Free:148.44 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 4B3398FA)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Not Active) - (Size=17 GB) - (Type=27)
Partition 3: (Active) - (Size=100 MB) - (Type=42)
Partition 4: (Not Active) - (Size=289.5 GB) - (Type=42)
==================== Fin de Addition.txt ============================
Exécuté par Veronique (20-12-2016 13:44:09)
Exécuté depuis C:\Users\Veronique\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-26 17:39:44)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-347313316-3756737253-4142799880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-347313316-3756737253-4142799880-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-347313316-3756737253-4142799880-1005 - Limited - Enabled)
Invité (S-1-5-21-347313316-3756737253-4142799880-501 - Limited - Disabled)
Veronique (S-1-5-21-347313316-3756737253-4142799880-1008 - Administrator - Enabled) => C:\Users\Veronique
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Aiseesoft Blu-ray Ripper 7.1.20 (HKLM-x32\...\{D1B455C8-C170-44fe-8A90-31263B5153C2}_is1) (Version: 7.1.20 - Aiseesoft Studio)
Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
AxCrypt 2.1.1481.0 (HKLM-x32\...\{18db8d8e-e8a9-4911-a0bb-978f5341daeb}) (Version: 2.1.1481.0 - AxCrypt AB)
AxCrypt 2.1.1481.0 (Version: 2.1.1481.0 - AxCrypt AB) Hidden
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{EEC54E03-486F-411E-BAC0-EC9FC4642465}) (Version: 4.5.7.6452 - Canneverbe Limited)
Clavier+ 10.7.0 (HKLM\...\Clavier+_is1) (Version: 10.7.0 - Guillaume Ryder)
davehope.co.uk Product Key Finder (HKLM-x32\...\Product Key Finder_is1) (Version: - davehope.co.uk)
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.20 - Infonautics GmbH, Switzerland)
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.29 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Cleaner Free 3.2.7 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.7 - DigitalVolcano Software Ltd) <==== ATTENTION
EaseUS Partition Master 11.9 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Edraw Max Fr 8.4 (HKLM-x32\...\Edraw Max Fr_is1) (Version: - EdrawSoft)
Egypte 2 (HKLM-x32\...\Egypte 2) (Version: - )
Exact Audio Copy 1.2 (HKLM-x32\...\Exact Audio Copy) (Version: 1.2 - Andre Wiethoff)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 5.15 - NCH Software)
FirstClass Client (HKLM-x32\...\{E49C4A6D-7655-4D0A-A083-664D99D825CA}) (Version: 12.014 - OpenText)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Freeplane (HKLM\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version: 1.5.17 - Open source)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
IHMC CmapTools v6.01 (HKLM-x32\...\IHMC CmapTools v6.01) (Version: 6.0.1.0 - Institute for Human & Machine Cognition)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
KeePass Password Safe 1.31 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.31 - Dominik Reichl)
LibreOffice 5.1.3.2 (HKLM-x32\...\{5F7475A1-6240-4753-BE3E-61499621EC42}) (Version: 5.1.3.2 - The Document Foundation)
Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Manager (x32 Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden
Microsoft Office XP Professional avec FrontPage (HKLM-x32\...\{9028040C-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.5 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mises à jour NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Movavi Screen Capture Studio 7 (HKLM-x32\...\Movavi Screen Capture Studio 7) (Version: 7.3.0 - Movavi)
NVIDIA Pilote 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Pilote graphique 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
OpenProj (HKLM-x32\...\{13702021-43FB-480C-912F-D9B74A538288}) (Version: 1.4.0 - Serena Software Inc.)
Panneau de configuration NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd)
Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Skype⢠7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.19 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VUE 3.3.0 (HKLM-x32\...\VUE) (Version: 3.3.0 - Tufts University)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 2.3.14 - Winzipper Pvt Ltd.) <==== ATTENTION
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare PDFelement(Build 5.10.1) (HKLM-x32\...\{5CA0183F-6D90-4615-91A5-F1A8A2014E83}_is1) (Version: 5.10.1.0 - Wondershare Software Co.,Ltd.)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-347313316-3756737253-4142799880-1008_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Veronique\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-347313316-3756737253-4142799880-1008_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Veronique\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-347313316-3756737253-4142799880-1008_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Veronique\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {09639FBD-99B6-4118-AA06-AA87C29906BA} - System32\Tasks\{FA138E58-1B42-475D-8FA9-6520CB41AE83} => pcalua.exe -a "C:\Program Files\VeraCrypt\VeraCrypt Setup.exe" -c /u
Task: {0F3BE783-5386-420C-B179-57490DBD6AB1} - \WPD\SqmUpload_S-1-5-21-347313316-3756737253-4142799880-1006 -> Pas de fichier <==== ATTENTION
Task: {1001CB7B-6DEF-4FA9-9F70-56CB6ED865CC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {25DEB4BF-34AF-410C-BA49-A3E34ED5AB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {27D7238E-7792-448C-9DCE-D6F90ADBA9AF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Pas de fichier <==== ATTENTION
Task: {28B03954-37A8-4761-BB11-B8488C50A818} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {34DE6219-AB6F-4F80-878B-702E0C697880} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-10] (Dropbox, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3CEE569D-A899-4B8D-A6F8-85A314E19972} - System32\Tasks\{7173D3FC-F8FA-84ED-C740-58F232329872} => C:\Users\emmanuel\AppData\Roaming\PRICEF~1\SyncTask.exe <==== ATTENTION
Task: {46B7210E-6B64-4122-A571-0FE97BD424B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {487D621D-5DCC-4F34-83E1-3F80C162AE37} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347313316-3756737253-4142799880-1008UA => C:\Users\Veronique\AppData\Local\Google\Update\GoogleUpdate.exe [2016-09-27] (Google Inc.)
Task: {4CB9D5EE-44C2-446A-8014-973ACCE475C2} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {59708BE9-0EE7-47DF-A728-86B3F2278C47} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {689BE7D5-209A-4F90-8985-024C9A4AB6FD} - System32\Tasks\SafeZone scheduled Autoupdate 1469552660 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {760BEA98-3B3A-4B87-A0AD-FF6D68A0D01B} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-04-19] (Tracker Software Products (Canada) Ltd.)
Task: {815A8CB0-D2AF-42BC-92DF-6B03119152E8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {85A2EF35-70A7-4ED6-9413-168FF388D7E8} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {86461F0F-1207-4325-9B93-2CFBC73287BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {870437BD-0A5D-4534-B1C6-09CB571D282A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {89468DFD-BBA1-462C-AEA3-8A2BDEA194E3} - \WPD\SqmUpload_S-1-5-21-347313316-3756737253-4142799880-1008 -> Pas de fichier <==== ATTENTION
Task: {8AF48978-6DB9-4AB5-8840-19198A7A8D1A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {8B77B1C9-620E-4D9C-B20F-FC54891C1585} - System32\Tasks\emmanuelGummiestInterjectionalV2 => Rundll32.exe PtomainPretzels.dll,main 7 1 <==== ATTENTION
Task: {9294A2C3-61DF-405A-B74C-2D44F99DD313} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Vincent\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {964FA542-EC1B-4F51-BF21-F7ABDB67D9E4} - \WPD\SqmUpload_S-1-5-21-347313316-3756737253-4142799880-1001 -> Pas de fichier <==== ATTENTION
Task: {AC91D2B7-C4D9-4F85-AB38-C6A1F77D2343} - \WPD\SqmUpload_S-1-5-21-347313316-3756737253-4142799880-1007 -> Pas de fichier <==== ATTENTION
Task: {AF84442F-1774-4BAE-B24A-9F4420E1126D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {BB0C633D-CE0F-4BF7-9989-00AFDB3438E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-20] (Google Inc.)
Task: {BBB3AFF0-003D-4906-9BA9-258C86F212D8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-10] (Dropbox, Inc.)
Task: {BE21CE71-5F9F-4FD9-B35A-D498F9273708} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {DB268ABD-95FA-44D3-B795-2D762E09AAE9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {E6A47B74-BE2C-44CC-A680-3063FB71AA98} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347313316-3756737253-4142799880-1008Core => C:\Users\Veronique\AppData\Local\Google\Update\GoogleUpdate.exe [2016-09-27] (Google Inc.)
Task: {E8A46BEB-FEEC-4677-8A74-41F70D750CF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-20] (Google Inc.)
Task: {F1529042-55B9-43DE-AA6E-2E7D87F6421F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {F208D75B-129D-4976-9344-020D4D330E3F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-04] (AVAST Software)
Task: {F4AB0C2D-6A71-4FA8-8D1B-C24E1D7DC34A} - System32\Tasks\Prervasghonert Reports => C:\Program Files (x86)\Shedoght\peruther.exe
Task: {FA843350-B3CF-426D-8E3D-082E542246DD} - System32\Tasks\{24D39061-79D3-48C2-B65B-7623D11A06FC} => pcalua.exe -a C:\Users\Veronique\AppData\Local\{83BEB5E2-A716-D95A-CA8E-FCB2EEE6002A}\uninst.exe -c -FN="C:\Users\Veronique\AppData\Roaming\{83E3B558-A6B1-D82E-CD87-FFFC115502C2}\helperupdate.exe"-P=/Uninstall /s /noun /DelSelfDir
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
Task: C:\WINDOWS\Tasks\{7173D3FC-F8FA-84ED-C740-58F232329872}.job => C:\Users\emmanuel\AppData\Roaming\PRICEF~1\SyncTask.exe <==== ATTENTION
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
Shortcut: C:\Users\Veronique\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
Shortcut: C:\Users\Veronique\Favorites\Windows Utility Software.lnk -> hxxp:�
==================== Modules chargés (Avec liste blanche) ==============
2016-12-20 10:15 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-10 16:37 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-26 18:15 - 2016-01-29 11:49 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-10 16:37 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-10 16:37 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2016-09-26 18:45 - 2016-09-26 18:45 - 01864384 _____ () C:\Users\Veronique\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-26 19:07 - 2016-09-26 19:07 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-10 16:38 - 2016-11-11 10:23 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-12 19:42 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-12 19:42 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-12 19:42 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-12 19:42 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-12 19:42 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-12 19:42 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-14 23:00 - 2016-12-14 23:01 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 23:00 - 2016-12-14 23:01 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 23:00 - 2016-12-14 23:01 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 23:00 - 2016-12-14 23:01 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-04 00:48 - 2016-09-04 00:48 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-20 12:45 - 2016-12-20 12:45 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16122000\algo.dll
2016-09-04 00:48 - 2016-09-04 00:48 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-09-27 09:37 - 2016-08-31 18:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-09-27 09:37 - 2016-08-31 18:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-09-27 09:37 - 2016-08-31 18:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-09-27 09:37 - 2016-08-31 18:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-06-20 22:55 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-12-20 13:38 - 2016-12-20 13:38 - 00098816 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32api.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00110080 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\pywintypes27.dll
2016-12-20 13:38 - 2016-12-20 13:38 - 00364544 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\pythoncom27.dll
2016-12-20 13:38 - 2016-12-20 13:38 - 00320512 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32com.shell.shell.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00914432 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_hashlib.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 01176576 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._core_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00806400 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._gdi_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00816128 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._windows_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 01067008 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._controls_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00733184 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._misc_.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00682496 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\pysqlite2._sqlite.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00088064 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_ctypes.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00686080 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\unicodedata.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00119808 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32file.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00108544 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32security.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00007168 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\hashobjs_ext.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00017920 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\thumbnails_ext.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00088064 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\usb_ext.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00012800 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\common.time34.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00018432 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32event.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00167936 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32gui.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00046080 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_socket.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 01303552 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_ssl.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00128512 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_elementtree.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00127488 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\pyexpat.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00038912 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32inet.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00036864 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_psutil_windows.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00524248 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\windows._lib_cacheinvalidation.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00011264 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32crypt.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00123392 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._wizard.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00077312 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._html2.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00027648 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_multiprocessing.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00020480 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\_yappi.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00035840 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32process.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00078848 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\wx._animate.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00024064 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32pipe.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00010240 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\select.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00025600 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32pdh.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00017408 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32profile.pyd
2016-12-20 13:38 - 2016-12-20 13:38 - 00022528 ____R () C:\Users\Veronique\AppData\Local\Temp\_MEI30282\win32ts.pyd
2016-07-26 17:53 - 2016-07-26 17:53 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-07 18:45 - 2016-10-08 16:48 - 01506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-09-07 18:45 - 2016-07-21 10:54 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-11-12 17:50 - 2016-11-11 21:36 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-11-12 17:50 - 2016-11-11 21:36 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-11-12 17:50 - 2016-11-11 21:36 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-11-12 17:50 - 2016-11-11 21:36 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-11-12 17:50 - 2016-11-11 21:37 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-12-15 21:37 - 2016-11-11 21:36 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-12-15 21:37 - 2016-11-11 21:37 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-12-15 21:37 - 2016-11-11 21:36 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-11-12 17:50 - 2016-11-11 21:38 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-12-15 21:37 - 2016-11-11 21:36 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-12-15 21:37 - 2016-11-11 21:38 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-11-12 17:50 - 2016-11-11 21:38 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-11-12 17:50 - 2016-11-11 21:37 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-12-15 21:37 - 2016-11-11 21:35 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-12-15 21:37 - 2016-12-12 15:16 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-12-15 21:37 - 2016-12-05 21:07 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-12-15 21:37 - 2016-12-12 15:16 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-12-15 21:37 - 2016-12-12 15:16 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-11-12 17:50 - 2016-11-11 21:37 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-12-15 21:37 - 2016-12-12 15:17 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-12-15 21:37 - 2016-12-12 15:17 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-12-15 21:37 - 2016-12-12 15:17 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-12-15 21:37 - 2016-11-11 21:42 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-12-15 21:37 - 2016-11-11 21:42 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-12-15 21:37 - 2016-12-12 15:16 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-12-15 21:37 - 2016-12-12 15:17 - 00171320 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-11-12 17:50 - 2016-11-11 21:39 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-11-12 17:50 - 2016-12-12 15:17 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-15 21:37 - 2016-12-12 15:16 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\...\localhost -> localhost
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2013-08-22 14:25 - 2016-11-07 20:04 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\Veronique\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-347313316-3756737253-4142799880-1008\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-347313316-3756737253-4142799880-1008\...\StartupApproved\Run: => "movavi_screencapturestudio_7.3.0_screencapture"
HKU\S-1-5-21-347313316-3756737253-4142799880-1008\...\StartupApproved\Run: => "Uninstall C:\Users\Veronique\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{28D1FB08-8763-4687-8B65-8F7BBDA37DCC}] => C:\ProgramData\Fishlose\Fishlose.exe
FirewallRules: [{5B25EBBD-F921-4786-8A43-B86E5B567CE9}] => C:\Program Files (x86)\Fishlose\Update\FishloseUpdate.exe
FirewallRules: [{4B6A2FA9-2C57-4F59-9C0B-27AB43D39B44}] => C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{8102A9B2-8A3F-4C6C-80EC-FC5B8BA15CDE}] => C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe
FirewallRules: [{CF4541F7-7826-4A61-9B0B-E13345B07C41}] => C:\Users\Veronique\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{7A1035A2-CA42-49E5-AD9D-3DDCF4C25998}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8CE2403F-F24F-4BD5-9DC7-44DCDF8083FB}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E79A9B39-40AB-4370-9A40-B2318CF94F39}] => LPort=810
FirewallRules: [TCP Query User{8382609C-77F5-484E-839B-F3CC65C426CE}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{33DCB230-0AC2-4A18-A282-6DDBD0FED9C9}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C0D5182E-3931-47B5-96CD-06EEAFAF94E5}] => LPort=1688
FirewallRules: [{59113217-DB55-4312-8518-36583ACACEF5}] => C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{FFEA8625-9B9A-46E0-A2A4-C6D676DBA7FD}] => C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{506724E4-1382-45D4-84E9-48B1493BFEBD}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{A397F54B-2FE8-4FC8-AD7B-67AA40B7A547}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{AE606C22-4FE2-4FB7-BED4-F066B42BF249}C:\program files (x86)\legness\application\chrome.exe] => C:\program files (x86)\legness\application\chrome.exe
FirewallRules: [UDP Query User{3772077E-35A1-4BB8-AC8D-9BA8792B9E36}C:\program files (x86)\legness\application\chrome.exe] => C:\program files (x86)\legness\application\chrome.exe
FirewallRules: [TCP Query User{4DF42A7F-7F1C-49D0-8AC2-21FCD55C81B8}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe] => C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe
FirewallRules: [UDP Query User{D9D9F6B6-E312-4193-9AB2-4F62A140DF32}C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe] => C:\program files (x86)\ihmc cmaptools\jre\bin\javaw.exe
FirewallRules: [{BF9C2404-5A0F-4B98-9298-5267C2BCC9F2}] => C:\Program Files (x86)\Tooleat\Application\chrome.exe
FirewallRules: [{36ECE917-4090-4632-9C12-8B36E2D4B187}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{E7B4FB1F-2889-44F4-9B43-4529BD25A60C}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D7D8031D-85CD-40A9-9714-52BBA0D8B41A}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EB73F556-1FEC-4E02-BEF3-0CEA631FF70A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{374F8268-884C-4306-AE80-944E6D88A060}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D7C6B789-4CA1-4D84-8A96-E6E9B8066137}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
19-12-2016 10:48:34 Windows Update
19-12-2016 10:49:30 Windows Update
19-12-2016 11:47:31 Opération de restauration
19-12-2016 15:46:41 Sauvegarde Windows
19-12-2016 16:07:19 manuel
19-12-2016 17:02:55 Programme dâinstallation pour les modules Windows
==================== Ãléments en erreur du Gestionnaire de périphériques =============
Name: Clavier standard PS/2
Description: Clavier standard PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Claviers standard)
Service: i8042prt
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.
Name: Souris Microsoft PS/2
Description: Souris Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (12/20/2016 01:38:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Ãchec de lâactivation des licences (slui.exe) avec le code dâerreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (12/20/2016 01:29:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Ãchec de lâactivation des licences (slui.exe) avec le code dâerreur suivant :
hr=0x8007139F
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/20/2016 12:54:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Ãchec de lâactivation des licences (slui.exe) avec le code dâerreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (12/20/2016 12:53:09 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Le fichier spécifié est introuvable.
Error: (12/20/2016 12:46:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Fixe_Orange)
Description: Ãchec de lâactivation de lâapplication Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec lâerreur : -2147024865 Pour plus dâinformations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (12/20/2016 12:46:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Fixe_Orange)
Description: Ãchec de lâactivation de lâapplication Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec lâerreur : -2144927141 Pour plus dâinformations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (12/20/2016 12:44:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Ãchec de lâactivation des licences (slui.exe) avec le code dâerreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (12/20/2016 12:42:56 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Le fichier spécifié est introuvable.
Error: (12/20/2016 12:33:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte dâactivation a échoué pour « C:\$Recycle.Bin\S-1-5-21-347313316-3756737253-4142799880-1008\$R4J10BO.exe ».
Assembly dépendant 54.0.2840.71,language="*",type="win32",version="54.0.2840.71" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (12/20/2016 10:38:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Fixe_Orange)
Description: Ãchec de lâactivation de lâapplication Microsoft.Windows.Photos_8wekyb3d8bbwe!App avec lâerreur : -2144927142 Pour plus dâinformations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Erreurs système:
=============
Error: (12/20/2016 01:40:58 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/20/2016 01:37:57 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres dâautorisation propres à lâapplication nâaccordent pas lâautorisation Local Activation pour lâapplication serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et lâAPPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de lâutilisateur (S-1-5-18) depuis lâadresse LocalHost (avec LRPC) sâexécutant dans le SID Non disponible du conteneur dâapplications (Non disponible). Cette autorisation de sécurité peut être modifiée à lâaide de lâoutil dâadministration Services de composants.
Error: (12/20/2016 01:00:46 PM) (Source: DCOM) (EventID: 10010) (User: Fixe_Orange)
Description: Le serveur {0002DF02-0000-0000-C000-000000000046} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/20/2016 12:56:24 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/20/2016 12:53:25 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres dâautorisation propres à lâapplication nâaccordent pas lâautorisation Local Activation pour lâapplication serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et lâAPPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de lâutilisateur (S-1-5-18) depuis lâadresse LocalHost (avec LRPC) sâexécutant dans le SID Non disponible du conteneur dâapplications (Non disponible). Cette autorisation de sécurité peut être modifiée à lâaide de lâoutil dâadministration Services de composants.
Error: (12/20/2016 12:52:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Windows Search nâa pas pu démarrer en raison de lâerreur :
Lâéchec dâune ouverture de session a empêché le démarrage du service.
Error: (12/20/2016 12:52:20 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service WSearch nâa pas pu ouvrir de session en tant que NT AUTHORITY\SYSTEM avec le mot de passe actuellement configuré en raison de lâerreur suivante :
Cette demande nâest pas prise en charge.
Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).
Error: (12/20/2016 12:51:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service BrYNSvc sâest terminé de façon inattendue pour la 1ème fois.
Error: (12/20/2016 12:51:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Search sâest terminé de manière inattendue. Ceci sâest produit 1 fois. Lâaction corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
Error: (12/20/2016 12:51:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service PDF Architect 4 Manager sâest terminé de façon inattendue pour la 1ème fois.
CodeIntegrity:
===================================
Date: 2016-12-20 10:16:11.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2016-12-20 10:16:11.773
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2016-12-20 10:16:11.761
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2016-12-20 09:36:37.958
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-20 09:27:07.213
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-20 09:05:33.203
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-19 19:57:54.725
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-19 19:44:09.265
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-19 19:14:09.319
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-12-19 18:59:09.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
� �
�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=� �I�n�f�o�s� �M�é�m�o�i�r�e� �=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=� � �
� �
�P�r�o�c�e�s�s�e�u�r�:� �P�e�n�t�i�u�m�(�R�)� �D�u�a�l�-�C�o�r�e� �C�P�U� �E�5�5�0�0� �@� �2�.�8�0�G�H�z� �
�P�o�u�r�c�e�n�t�a�g�e� �d�e� �m�é�m�o�i�r�e� �u�t�i�l�i�s�é�e�:� �7�6�%� �
�M�é�m�o�i�r�e� �p�h�y�s�i�q�u�e� �-� �R�A�M� �-� �t�o�t�a�l�e�:� �4�0�9�5�.�2�4� �M�B� �
�M�é�m�o�i�r�e� �p�h�y�s�i�q�u�e� �-� �R�A�M� �-� �d�i�s�p�o�n�i�b�l�e�:� �9�6�3�.�5�2� �M�B� �
�M�é�m�o�i�r�e� �v�i�r�t�u�e�l�l�e� �t�o�t�a�l�e�:� �8�1�9�1�.�2�4� �M�B� �
�M�é�m�o�i�r�e� �v�i�r�t�u�e�l�l�e� �d�i�s�p�o�n�i�b�l�e�:� �4�6�4�9�.�3� �M�B� �
� �
�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=� �L�e�c�t�e�u�r�s� �=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=�=� �
� �
Drive a: (Dossiers Privés) (Fixed) (Total:97.66 GB) (Free:97.4 GB) NTFS
Drive c: (Packard Bell) (Fixed) (Total:289.45 GB) (Free:239.26 GB) NTFS
Drive d: (Documents) (Fixed) (Total:191.96 GB) (Free:148.44 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 4B3398FA)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Not Active) - (Size=17 GB) - (Type=27)
Partition 3: (Active) - (Size=100 MB) - (Type=42)
Partition 4: (Not Active) - (Size=289.5 GB) - (Type=42)
==================== Fin de Addition.txt ============================