Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01 Exécuté par Proprietaire (2016-06-25 10:19:28) Exécuté depuis d:\Proprietaire\Desktop Windows 8.1 (Update) (X64) (2014-11-05 15:43:08) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-77845738-3147174072-3024510652-500 - Administrator - Disabled) Invité (S-1-5-21-77845738-3147174072-3024510652-501 - Limited - Disabled) Proprietaire (S-1-5-21-77845738-3147174072-3024510652-1001 - Administrator - Enabled) => C:\Users\Proprietaire ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} FW: Kaspersky Anti-Virus (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.25 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0925-000001000000}) (Version: 9.25.00.0 - Igor Pavlov) AIO_CDA_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDA_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden Apple Application Support (32 bits) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ArcSoft Panorama Maker 3.0 (HKLM-x32\...\{1CABB679-3958-44AA-BFFF-4E68A2684255}) (Version: - ) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS) Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden C3100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden c3100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Cue Master Gold (x32 Version: 2.2.0.95 - WildTangent) Hidden Déclimag (HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\Déclimag) (Version: - ) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden FotoStation Easy (HKLM-x32\...\{67DD948A-974D-41B7-9723-036BCFA45232}) (Version: - ) Game Explorer Categories - casual (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Game Explorer Categories - enthusiast (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Game Explorer Categories - family (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Game Explorer Categories - kids (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Game Explorer Categories - touch (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Golf Adventure Galaxy (x32 Version: 2.2.0.95 - WildTangent) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) iPod for Windows 2006-03-23 (HKLM-x32\...\InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}) (Version: 4.7.0 - Nom de votre société) iPod for Windows 2006-03-23 (x32 Version: 4.7.0 - Nom de votre société) Hidden iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation) Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Anti-Virus (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden LibreOffice 5.0.3.2 (HKLM-x32\...\{D61E7AA0-0380-49B9-8DDD-7685E2306176}) (Version: 5.0.3.2 - The Document Foundation) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Microsoft Money (HKLM-x32\...\Money2005b) (Version: 14 - Microsoft) Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Midnight Pool 3D (x32 Version: 2.2.0.95 - WildTangent) Hidden Mises à jour NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden Nikon View 5 (HKLM-x32\...\{AAB84E83-C8DF-4752-9DFC-2E2A48EE5E9F}) (Version: - ) NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Pilote graphique 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.46 - NVIDIA Corporation) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Package de pilotes Windows - Suunto Suunto USB Driver Package (08/26/2014 2.12.00) (HKLM\...\6759C176496DA6E57280DB1948CC3FB9A16F4E4B) (Version: 08/26/2014 2.12.00 - Suunto) Package de pilotes Windows - Suunto Suunto USB Driver Package (09/29/2014 2.12.00) (HKLM\...\3D392BE6FE3837A879F66CD2FE2495A8333519C4) (Version: 09/29/2014 2.12.00 - Suunto) Package de pilotes Windows - Suunto Suunto USB Serial Port (08/26/2014 2.12.00) (HKLM\...\EB03F565E6E2AB08DF065DF044C182B3199A9CE8) (Version: 08/26/2014 2.12.00 - Suunto) Package de pilotes Windows - Suunto Suunto USB Serial Port (09/29/2014 2.12.00) (HKLM\...\887334C8506E5619845C34DE5DD41B8756BF57B1) (Version: 09/29/2014 2.12.00 - Suunto) Panneau de configuration NVIDIA 359.46 (Version: 359.46 - NVIDIA Corporation) Hidden PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.0 - Tracker Software Products Ltd) PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.309.0 - Tracker Software Products (Canada) Ltd.) PHOTOfunSTUDIO 5.1 HD Edition (HKLM-x32\...\{959282E3-55A9-49D8-B885-D27CF8A2FD82}) (Version: 5.01.130 - Panasonic Corporation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.) Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATTENTION Royal Challenge Solitaire (x32 Version: 3.0.2.48 - WildTangent) Hidden Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Suunto DM5 (HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\7d5fc44d63ac1d3e) (Version: 1.2.46.6004 - Suunto) Suunto USB Driver (HKLM\...\SuuntoUSBFTDIVista_is1) (Version: 2.12.00.0 - Suunto Oy) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-77845738-3147174072-3024510652-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {15DD962E-15AD-4550-801E-EE62DF1F2879} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor) Task: {1EB6932B-2697-4893-B331-600AB60472FB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {2E65DA94-EFC1-4256-86C6-8236C431513C} - System32\Tasks\{076B1C6D-6062-4476-A3FE-DB103DE16DFC} => pcalua.exe -a E:\Welcome.exe -d E:\ Task: {43CBB280-CEF5-40F6-8AE4-8400151AF159} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.) Task: {460320C5-DA82-47B5-AC47-87060D4D2D9F} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {51D404FF-1F56-4284-8C0A-111E5DF5A7B7} - System32\Tasks\KHA => C:\Users\Proprietaire\AppData\Roaming\KHA.exe <==== ATTENTION Task: {5251FB1D-1721-4EEA-9804-F31813E3D739} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {58476DAF-FDFE-41BE-8C87-4C4782DDA9E2} - System32\Tasks\{AE192855-E8A7-4D85-A46C-1B9D1A41B7F5} => pcalua.exe -a C:\Users\Proprietaire\AppData\Local\Microsoft\Windows\INetCache\IE\PQVNPV2K\DV237E.EXE -d d:\Proprietaire\Desktop Task: {634EC000-3262-4367-85C2-60784A0D6EC6} - \ReimageUpdater -> Pas de fichier <==== ATTENTION Task: {722DFEBE-C515-4B4D-9DD8-AA1E598CA2C1} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor) Task: {7949827D-99C6-4AE5-B104-357CF05CA106} - System32\Tasks\NFTVP => C:\Users\Proprietaire\AppData\Roaming\NFTVP.exe <==== ATTENTION Task: {9BA4F6C6-9259-4C0B-9BE0-3C42C466A422} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {A7DAAD52-D322-4D49-80F6-022DCEDAC0A7} - System32\Tasks\RZXLJ => C:\Users\Proprietaire\AppData\Roaming\RZXLJ.exe <==== ATTENTION Task: {BDC368C4-AD9D-4115-B866-DEE69C26FD23} - System32\Tasks\{F30EADEB-1F90-4ABC-A920-DEFE64EFDB25} => pcalua.exe -a C:\Users\Proprietaire\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION Task: {D19863A9-61FD-4FE4-B64A-B21439348DF7} - System32\Tasks\DCHVUP => C:\Users\Proprietaire\AppData\Roaming\DCHVUP.exe <==== ATTENTION Task: {E31C263D-7F11-4A65-BA24-3BB0AEE05114} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.) Task: {EA4103E0-38D5-4F07-8438-8833538E04E4} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS) Task: {F168A3DA-FE5B-4D09-8393-44BA96E12921} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\DCHVUP.job => C:\Users\Proprietaire\AppData\Roaming\DCHVUP.exe <==== ATTENTION Task: C:\Windows\Tasks\KHA.job => C:\Users\Proprietaire\AppData\Roaming\KHA.exe <==== ATTENTION Task: C:\Windows\Tasks\NFTVP.job => C:\Users\Proprietaire\AppData\Roaming\NFTVP.exe <==== ATTENTION Task: C:\Windows\Tasks\RZXLJ.job => C:\Users\Proprietaire\AppData\Roaming\RZXLJ.exe <==== ATTENTION ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-09-30 09:59 - 2016-02-15 09:26 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-02-25 23:14 - 2014-02-25 23:14 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2014-02-25 23:11 - 2014-02-25 23:11 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll 2014-02-25 23:17 - 2014-02-25 23:17 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2014-12-01 12:43 - 2002-02-25 12:26 - 00049152 _____ () C:\Program Files (x86)\FotoStation Easy\FotoStation Easy AutoLaunch.exe 2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\kpcengine.2.3.dll 2014-11-05 11:03 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-11-05 11:03 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-11-05 11:03 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2014-11-05 11:03 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2014-11-05 11:03 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll ==================== Alternate Data Streams (Avec liste blanche) ========= ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Il y a 7898 plus de sites. IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-77845738-3147174072-3024510652-1001\...\123simsen.com -> www.123simsen.com Il y a 7898 plus de sites. ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 15:25 - 2016-05-10 15:44 - 00452460 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Il y a 15521 plus de lignes. ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-77845738-3147174072-3024510652-1001\Control Panel\Desktop\\Wallpaper -> D:\Proprietaire\Pictures\Passions\Rajat Ampat 2015\P1120404.JPG DNS Servers: 212.27.40.240 - 212.27.40.241 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{B54C8436-39A1-4BCD-AD2E-DE8F5D45CADB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{47AF3B6F-C9C7-4D31-B97F-76D039B29E84}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{2E3529B9-51AA-4096-B6C2-934A98E2D5C7}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{76FCC48D-C39C-46C9-A25E-DFFCB5E605A4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{5932B6F0-5228-4E28-A89F-C29932694B0B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{1FAFD0A5-88A1-4BB5-B864-CBA60D0747DD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{6FF0F422-9AA3-4BBA-B9FD-8CC25BCDFB7F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{50B83F4C-FA49-4CFE-A003-551AEABE56CE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{EDEABEE5-47AB-4581-A9B5-F500AE418E8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{205CFED7-9F0F-413C-AAE6-92171C3C23CF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{CDD2F398-D5FC-420B-8C48-A242EDCC327E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{1B1D58A2-433C-40E4-BA6A-E8D5072C794B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{5504163E-1638-4FEE-AEFB-F43F82B4DE85}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{B157E97B-F471-4F09-8B58-5BBCA497F8CE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{BCB981BE-7A6B-46ED-939C-BDE55B33621C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{CCA3F9B6-5B44-40FA-B8B6-2617A65BDEF5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{79D87C35-028C-4F56-8D1C-989B687AB9B0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{EE3762C1-6DED-4E1B-ACAB-3329426C8F62}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{930263B0-DC69-48DE-ABB7-EF8CCE5C5BD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{BEE5CB5F-EE00-497A-833D-F0DB8A5573DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{1742F50E-9B1C-4F12-8379-C6103BFF84CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{862DC3CC-1776-4567-A2B8-73BA97A408EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{6EED1E3D-0108-459B-9A44-3234D27470C4}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{3B6C22A1-3C8A-40EE-8B58-99EDE0896F7C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4F7CA88C-5F0C-4384-96D0-BDE059BD74B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{101251A7-0493-4116-B0D4-566CA335F090}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5F99E4EC-42EF-466A-A55C-38C05F220BAA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9FC7817F-C8A4-4719-AC6A-A14B03E76314}] => (Allow) C:\Program Files\iTunes\iTunes.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Points de restauration ========================= 07-06-2016 22:27:15 Windows Update 14-06-2016 22:39:15 Point de contrôle planifié 22-06-2016 21:48:33 Point de contrôle planifié ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (06/24/2016 11:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10484 Error: (06/24/2016 11:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10484 Error: (06/24/2016 11:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/24/2016 11:22:48 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (06/23/2016 10:37:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 14172 Error: (06/23/2016 10:37:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 14172 Error: (06/23/2016 10:37:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/23/2016 12:53:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1109 Error: (06/23/2016 12:53:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1109 Error: (06/23/2016 12:53:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Erreurs système: ============= Error: (06/23/2016 11:07:26 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: AUTORITE NT) Description: 0x8000002a36\??\C:\Users\Proprietaire\ntuser.dat Error: (06/22/2016 09:29:37 PM) (Source: DCOM) (EventID: 10010) (User: PC_PORTABLE) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (06/22/2016 09:29:07 PM) (Source: DCOM) (EventID: 10010) (User: PC_PORTABLE) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (06/21/2016 08:11:41 PM) (Source: DCOM) (EventID: 10016) (User: PC_PORTABLE) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC_PORTABLEProprietaireS-1-5-21-77845738-3147174072-3024510652-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (06/21/2016 08:11:41 PM) (Source: DCOM) (EventID: 10016) (User: PC_PORTABLE) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC_PORTABLEProprietaireS-1-5-21-77845738-3147174072-3024510652-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (06/21/2016 08:11:41 PM) (Source: DCOM) (EventID: 10016) (User: PC_PORTABLE) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC_PORTABLEProprietaireS-1-5-21-77845738-3147174072-3024510652-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (06/21/2016 08:11:41 PM) (Source: DCOM) (EventID: 10016) (User: PC_PORTABLE) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC_PORTABLEProprietaireS-1-5-21-77845738-3147174072-3024510652-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (06/21/2016 08:11:41 PM) (Source: DCOM) (EventID: 10016) (User: PC_PORTABLE) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC_PORTABLEProprietaireS-1-5-21-77845738-3147174072-3024510652-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (06/21/2016 08:11:41 PM) (Source: DCOM) (EventID: 10016) (User: PC_PORTABLE) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC_PORTABLEProprietaireS-1-5-21-77845738-3147174072-3024510652-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (06/21/2016 08:11:40 PM) (Source: DCOM) (EventID: 10016) (User: PC_PORTABLE) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC_PORTABLEProprietaireS-1-5-21-77845738-3147174072-3024510652-1001LocalHost (avec LRPC)Non disponibleNon disponible CodeIntegrity: =================================== Date: 2015-02-05 18:16:34.401 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\ftdibus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Pourcentage de mémoire utilisée: 31% Mémoire physique - RAM - totale: 6027.19 MB Mémoire physique - RAM - disponible: 4153.39 MB Mémoire virtuelle totale: 6987.19 MB Mémoire virtuelle disponible: 4928.1 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:327.21 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:358.94 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9E41CC2D) Partition: GPT. ==================== Fin de Addition.txt ============================