Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:27-02-2016 Exécuté par Mohamad el youssef (2016-03-01 18:49:51) Exécuté depuis C:\Users\Mohamad el youssef\Desktop Windows 8.1 (X64) (2015-02-11 03:52:26) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-256792108-823242960-1942189825-500 - Administrator - Disabled) Invité (S-1-5-21-256792108-823242960-1942189825-501 - Limited - Disabled) Mohamad (S-1-5-21-256792108-823242960-1942189825-1002 - Limited - Enabled) => C:\Users\Mohamad Mohamad el youssef (S-1-5-21-256792108-823242960-1942189825-1001 - Administrator - Enabled) => C:\Users\Mohamad el youssef ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Protection antivirus et antispyware McAfee (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Protection antivirus et antispyware McAfee (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: Pare-feu McAfee (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Abaqus 6.9 Extended Functionality HTML Documentation (HKLM-x32\...\Abaqus 6.9 Extended Functionality HTML Documentation) (Version: 6.9.0.0 - Dassault Systemes Simulia Corp.) Abaqus 6.9-EF1 (HKLM-x32\...\Abaqus 6.9-EF1) (Version: 6.9.0.0 - Dassault Systemes Simulia Corp.) Abaqus FLEXnet License Server (HKLM-x32\...\Abaqus FLEXnet License Server) (Version: 6.9.0.0 - Dassault Systemes Simulia Corp.) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated) Apple Application Support (32 bits) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS) ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.19 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) Dassault Systemes Software B20 (HKLM\...\Dassault Systemes B20_0) (Version: - ) Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes) Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) ExpressCache (HKLM\...\{44EAE7F6-8BBF-4C3F-A573-3CD5A3C067FA}) (Version: 1.3.110.0 - Condusiv Technologies) femm 4.2 15Nov2013 (HKLM-x32\...\FEMM_is1) (Version: - ) Free Download Manager 3.9.7 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG) Free Zip Opener (HKLM-x32\...\Free Zip Opener) (Version: 1.0 - BlueCPA) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation) ISI ResearchSoft - Export Helper (HKLM-x32\...\ISI ResearchSoft - Export Helper) (Version: - ) iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.) McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7080 - McAfee, Inc.) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation) Microsoft Office Professionnel Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-256792108-823242960-1942189825-1001\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) MountainsMap Universal - Demo (HKLM-x32\...\Pioneer.exe) (Version: - ) MPLAB X IDE v3.10 (HKLM-x32\...\MPLAB X IDE v3.10 v3.10) (Version: v3.10 - Microchip) NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation) NVIDIA Graphics Driver 333.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.60 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.103 - Skype Technologies S.A.) Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - ) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden Viber (HKU\S-1-5-21-256792108-823242960-1942189825-1001\...\{7de2db6a-6f4b-4b45-82b9-57d5d7f1c952}) (Version: 5.4.0.1664 - Viber Media Inc.) Viber (x32 Version: 5.4.0.1664 - Viber Media Inc.) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.3.532 - ASUS Cloud Corporation) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent) Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) Zotero Standalone 4.0.26.4 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.26.4 (x86 en-US)) (Version: 4.0.26.4 - Zotero) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-256792108-823242960-1942189825-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0011002F-217E-41CD-942B-6685C2114248} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {0DC0B0E5-23BC-4DD8-BD1D-EB919B17949E} - System32\Tasks\{B3A79F93-1FE0-4AED-97BC-612581AE4340} => pcalua.exe -a "F:\CatiaV5R20-64 bits\V5R20x64\i4target.exe" -d "F:\CatiaV5R20-64 bits\V5R20x64" Task: {15BA01E6-0DBF-4E2A-A707-7022B7D7443F} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS) Task: {1CCE48FA-EB3F-4F5C-879C-9C367DDEC197} - System32\Tasks\{64213190-CB3A-4723-9338-7D8B73EE2158} => pcalua.exe -a "F:\CatiaV5R20-64 bits\V5R20x64\i4target.exe" -d "F:\CatiaV5R20-64 bits\V5R20x64" Task: {33CD4A03-0981-48A1-9E80-FDDBD5390865} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30] (Realtek Semiconductor) Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.) Task: {4B89C543-DF0D-45DC-BC03-5E265BFA2D3F} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {4F3F2843-15A2-4714-9993-495FBCEBF419} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {5A7BC7AA-A313-44C2-B4C5-98F140C7865E} - System32\Tasks\{D66C5EB9-E193-421F-8EF1-AAE955F280E8} => pcalua.exe -a "F:\CatiaV5R20-64 bits\V5R20x64\i4tgtid.exe" -d "F:\CatiaV5R20-64 bits\V5R20x64" Task: {5F8FB061-A60C-4597-ABF0-F68F4C64B977} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f093410e3aec => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-30] (Google Inc.) Task: {6137D15E-C6D5-446E-AF8C-7F81BA54A0D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-30] (Google Inc.) Task: {79E3EED9-8C5B-43A6-8E78-F6FFF0686769} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {80C15194-A1D1-4E2C-BF54-BD24088F754E} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {88A48971-E02D-4A2A-BE45-AA33859CC60C} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-30] (Realtek Semiconductor) Task: {88E9C53A-AE17-41F5-BDAB-A7B03F27E8B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-10] (Microsoft Corporation) Task: {95259611-B151-4E25-96C3-9ADEAD8BFB0A} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf5c8d5dd3ee => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-30] (Google Inc.) Task: {9D1A49C0-AB33-49CF-A32B-4B8C1B58D83B} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-256792108-823242960-1942189825-1001 => C:\Users\Mohamad el youssef\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-03] (Microsoft Corporation) Task: {A89586F1-7DB2-4A90-BE0F-52B9A23A69F9} - System32\Tasks\{32B722D8-D444-436D-889A-FBD0E715E10E} => pcalua.exe -a "C:\Users\Mohamad el youssef\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor Task: {BEB60132-B2CF-4F56-AC51-C0D70B0E02F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {C928890D-0B0B-44E0-9536-8E5A17B1A752} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf5c8d7d3d69 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-30] (Google Inc.) Task: {E1A6A46D-D027-462D-9401-2CFAF5D01DDC} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.) Task: {ED5DECA8-E597-49B6-B9EC-7A28E3F34CA4} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] () Task: {F598ED87-CFF7-42B3-8490-E28D59656D13} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-07-29] (AsusTek) Task: {FA9183B4-6027-4F85-86DD-F0287E962D0A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.) Task: {FFD8148D-6D0C-4CC0-B9CB-B3EC1C94A66B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-30] (Google Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf5c8d5dd3ee.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf5c8d7d3d69.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f093410e3aec.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2015-01-05 03:59 - 2014-09-15 00:19 - 00117568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2002-10-11 12:30 - 2002-10-11 12:30 - 00069632 _____ () C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B20\rayserver.exe 2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-08-27 20:45 - 2014-08-27 20:45 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2014-08-27 20:41 - 2014-08-27 20:41 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll 2014-08-27 20:47 - 2014-08-27 20:47 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2015-11-09 13:26 - 2015-11-09 13:26 - 51657424 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\Viber.exe 2015-08-21 08:07 - 2015-08-21 08:07 - 01382696 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.2.3.532\AsusWSService.exe 2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-06-03 21:01 - 2014-06-03 21:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-06-03 21:01 - 2014-06-03 21:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-06-03 21:01 - 2014-06-03 21:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll 2014-06-03 21:01 - 2014-06-03 21:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll 2015-12-15 23:33 - 2015-10-28 21:00 - 04932688 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll 2015-11-09 13:19 - 2015-11-09 13:19 - 00089088 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\qfacebook.dll 2015-11-09 13:19 - 2015-11-09 13:19 - 00389632 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\imageformats\qsvg.dll 2015-09-29 04:58 - 2015-09-29 04:58 - 00012288 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\QtQuick.2\qtquick2plugin.dll 2015-09-29 17:25 - 2015-09-29 17:25 - 00690176 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-09-29 17:26 - 2015-09-29 17:26 - 00057856 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-09-29 04:58 - 2015-09-29 04:58 - 00012288 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\QtQuick\Window.2\windowplugin.dll 2015-09-29 05:04 - 2015-09-29 05:04 - 00184320 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\QtMultimedia\declarative_multimedia.dll 2015-09-29 04:58 - 2015-09-29 04:58 - 00044032 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\QtQml\StateMachine\qtqmlstatemachine.dll 2015-09-29 04:58 - 2015-09-29 04:58 - 00012288 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\QtQml\Models.2\modelsplugin.dll 2015-09-29 17:34 - 2015-09-29 17:34 - 00425984 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\QtLocation\declarative_location.dll 2015-09-29 05:03 - 2015-09-29 05:03 - 00065024 _____ () C:\Users\Mohamad el youssef\AppData\Local\Viber\QtPositioning\declarative_positioning.dll 2016-02-19 21:22 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll 2016-02-19 21:22 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll 2015-01-05 03:54 - 2013-09-03 17:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== EXE Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-256792108-823242960-1942189825-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg DNS Servers: 10.188.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\...\StartupApproved\Run: => "BCSSync" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "ROGNB" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{F35E5A82-4B48-4E47-BDBE-ACF562F68E2F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{D56FAA87-C5F0-4541-B952-BB9D816D840D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{7B5DA2D5-36ED-4039-8FDA-5FF5B0E9F56E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{19DAC9AE-B0EC-42CC-A7CB-03D377FC5591}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{1579FBA6-5EE6-4E33-A08C-95EFE581B21D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6C9AF0CC-D7EB-4579-8006-CB8E884E554D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2734EA49-CA5C-4AB3-AB9C-8054D1199080}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{72873B19-5B45-42CD-B84A-579B39B9C0D9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{03641B25-D473-48D3-B3EB-AD46AA9C784A}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{436C53DC-78D4-4713-864B-350F27B88B45}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F85D45B1-AA6E-4FE0-B85C-48A4F4ED3C52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{26BC95D7-3B6B-4020-8E73-A1E630A16250}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D9547CD9-D688-47EC-BF68-BD2BBEA45225}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{66580186-7BCD-46E3-8FDB-EA09F54A559A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D238C0FC-5CC0-41F0-9B97-D5355B6FCB3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A9AE55C4-DA4A-4101-9460-E7A0D187CB45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8B645C1F-FBC2-4C22-A7D2-151AB1DFF6D5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{26F5765A-2808-45ED-915D-CBD6A8FA2259}C:\simulia\abaqus\6.9-ef1\exec\abqcaek.exe] => (Block) C:\simulia\abaqus\6.9-ef1\exec\abqcaek.exe FirewallRules: [UDP Query User{C7034EB2-CB2E-4670-96B4-73DA4A7937E5}C:\simulia\abaqus\6.9-ef1\exec\abqcaek.exe] => (Block) C:\simulia\abaqus\6.9-ef1\exec\abqcaek.exe FirewallRules: [TCP Query User{83B92B49-DB54-44A3-890E-304A123E1F34}C:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe FirewallRules: [UDP Query User{ED9D5039-F7BD-406B-B5FD-56AB6EDC1CA6}C:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\dassault systemes\b20\win_b64\code\bin\cnext.exe FirewallRules: [{4C584928-46B7-4714-92BE-2E5D575D8027}] => (Allow) C:\Users\Mohamad el youssef\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{8934C752-2362-4A83-9F7D-7FDAC10DE248}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{10F09E7C-6664-41D7-B7BD-0787141FE1D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (03/01/2016 03:26:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante jucheck.exe, version : 2.8.60.27, horodatage : 0x55c116b1 Nom du module défaillant : jucheck.exe, version : 2.8.60.27, horodatage : 0x55c116b1 Code d’exception : 0x40000015 Décalage d’erreur : 0x00052d24 ID du processus défaillant : 0xa2c Heure de début de l’application défaillante : 0xjucheck.exe0 Chemin d’accès de l’application défaillante : jucheck.exe1 Chemin d’accès du module défaillant: jucheck.exe2 ID de rapport : jucheck.exe3 Nom complet du package défaillant : jucheck.exe4 ID de l’application relative au package défaillant : jucheck.exe5 Error: (03/01/2016 03:25:37 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (03/01/2016 09:13:40 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: AUTORITE NT) Description: There was an error with the Windows Location Provider database Error: (03/01/2016 01:38:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 13485 Error: (03/01/2016 01:38:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 13485 Error: (03/01/2016 01:38:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/01/2016 01:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6735 Error: (03/01/2016 01:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6735 Error: (03/01/2016 01:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/29/2016 10:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6234 Erreurs système: ============= Error: (03/01/2016 05:59:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service McAfee Home Network est en attente de démarrage. Error: (03/01/2016 05:55:23 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (03/01/2016 05:55:23 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (03/01/2016 05:55:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service McAfee SiteAdvisor Service n’a pas pu démarrer en raison de l’erreur : %%2 Error: (03/01/2016 05:15:03 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (03/01/2016 05:15:03 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (03/01/2016 05:14:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service McAfee SiteAdvisor Service n’a pas pu démarrer en raison de l’erreur : %%2 Error: (03/01/2016 05:13:51 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Le Gestionnaire de services de contrôle a essayé d’entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service Windows Search, mais cette action a échoué en raison de l’erreur suivante : %%1056 Error: (03/01/2016 05:13:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service MBAMScheduler s’est terminé de façon inattendue pour la 1ème fois. Error: (03/01/2016 05:13:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service MBAMService s’est terminé de façon inattendue pour la 1ème fois. CodeIntegrity: =================================== Date: 2015-06-06 04:26:38.491 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-06-06 04:26:38.351 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-06-04 21:04:05.882 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-06-04 11:21:43.708 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-06-04 11:21:43.474 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-06-03 15:23:02.156 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-06-03 15:23:01.968 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-17 11:25:47.572 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-17 11:25:47.353 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-07 10:47:34.324 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz Pourcentage de mémoire utilisée: 43% Mémoire physique - RAM - totale: 8075.19 MB Mémoire physique - RAM - disponible: 4532.77 MB Mémoire virtuelle totale: 9355.19 MB Mémoire virtuelle disponible: 5237.99 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:174.36 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:531.15 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: EF3B7645) Partition: GPT. ======================================================== Disk: 1 (Size: 22.4 GB) (Disk ID: EF3B7621) Partition: GPT. ==================== Fin de Addition.txt ============================