Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27-07-2016 Exécuté par Lea (2016-07-29 13:27:24) Exécuté depuis C:\Users\Lea\Desktop Windows 10 Home Version 1511 (X64) (2016-04-10 07:26:19) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-1759209700-2904807195-3043021573-500 - Administrator - Disabled) Alexandra (S-1-5-21-1759209700-2904807195-3043021573-1004 - Limited - Enabled) => C:\Users\Alexandra DefaultAccount (S-1-5-21-1759209700-2904807195-3043021573-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1759209700-2904807195-3043021573-1003 - Limited - Enabled) Invité (S-1-5-21-1759209700-2904807195-3043021573-501 - Limited - Disabled) Lea (S-1-5-21-1759209700-2904807195-3043021573-1001 - Administrator - Enabled) => C:\Users\Lea ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.17) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden Apple Application Support (32 bits) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6201 - AVG Technologies) AVG 2015 (Version: 15.0.4627 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.6201 - AVG Technologies) Hidden AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.2.18 - AVG Technologies) AVS Video Editor 7.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.1.3.263 - Online Media Technologies Ltd.) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden Canon MP180 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP180) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.10.5422 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.43.1 - Dropbox, Inc.) Hidden Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company) Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\HPConnectedMusic) (Version: 1.1 (build 126) hp - Meridian Audio Ltd) HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{ED5CE45D-842B-4C18-A002-87E16EA39BB3}) (Version: 12.4.18.7 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.24.1790 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3368 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation) Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle) Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office Famille et Etudiant 2013 - fr-fr (HKLM\...\HomeStudentRetail - fr-fr) (Version: 15.0.4841.1002 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated) Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Lea\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {028567EE-7566-4CCC-81B7-93365FF3F899} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated) Task: {0313EAC4-4172-4CC3-9439-A60B4F9C8253} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated) Task: {03552D0C-9780-4D81-AD3F-FEF80E0A51AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard) Task: {049150E7-E978-493B-AD11-6D7003FC6373} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {072E75B9-F3B0-4A68-B7E2-58D169C31740} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION Task: {0D842778-98E0-4B0D-A68C-91837F11B0E8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-11] (Dropbox, Inc.) Task: {0EA2DFB4-31FA-42EB-A324-36BD2E249720} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {1D80C171-22EB-44DD-B29F-A7AF7746DDB1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {2166E093-3CE1-4982-B173-5116DEA94C2A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {242FB930-685E-4A1F-ADB3-876ECF10EF89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {2593A86F-F7C2-4B06-BAF8-15B5E917A411} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {4A38BA59-4C55-4CE5-B5A7-2963BBE1F08B} - System32\Tasks\HPCeeScheduleForLea => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {5FF98279-B396-4371-80EF-313FBC831300} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {63B4D951-D760-4C3E-AC71-775FFD5530E0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {71BD049B-B589-46BC-869F-7E28358CC48B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation) Task: {7E7E04F5-94CB-48E1-9719-A8619D1AA3BC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {87530B8A-87D1-45DC-ADF4-15D88D3E291A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {92767BB8-3160-4FDB-B2C9-A111A164B4BA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.) Task: {963626E0-0E6F-4EC8-AF13-A93BCACFB372} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {963CA1CD-79AF-45E7-B48A-2C0B61874C95} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.) Task: {9951133E-8C64-4042-A470-6F713F3C26AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11] (Google Inc.) Task: {A04C7DD5-F01D-4E9B-816D-BBEB0D635C1E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {B15E4375-BAF7-422C-BF43-0B113B3C1668} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-05-17] (Synaptics Incorporated) Task: {B240A112-5AA0-4130-AE9B-584CE4E3D0AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {B77CC3BE-60A9-464F-9FA9-4E45793B7336} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {B847C935-3798-4A8A-A253-68C40E06254C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {B9CC63B8-E112-445D-AB20-D462A2C34D98} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation) Task: {C74787B1-E4B7-4A50-8E33-AA9B8F2269DC} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.) Task: {E7A8ECB9-2AEC-46EA-9BEF-AE6D5F9C32DE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-11] (Dropbox, Inc.) Task: {EA95266E-44DB-46EE-9353-5FDEAEE3C230} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {EAEFAD97-FB3D-4B45-9304-056E96EF5F47} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd) Task: {F1C21998-B2EA-429C-BFD2-95F4F7C9C351} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11] (Google Inc.) Task: {F34375B5-F261-4D0D-9C62-4163F4FD3E9C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForLea.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\Lea\Favorites\Site de téléchargement NCH Software.lnk -> hxxp://www.nchsoftware.com/fr/index.html ShortcutWithArgument: C:\Users\Lea\Desktop\Personne 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Lea\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Lea\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default ==================== Modules chargés (Avec liste blanche) ============== 2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2014-07-30 09:54 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-07-15 01:22 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-15 01:22 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-23 21:10 - 2016-05-23 21:10 - 00959168 _____ () C:\Users\Lea\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-07-15 01:22 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-02-13 14:52 - 2016-02-13 14:52 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-15 01:24 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-07-15 01:22 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-15 01:22 - 2016-07-01 05:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-07-15 01:22 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-15 01:22 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-19 01:08 - 2015-12-19 01:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2014-03-28 13:36 - 2014-03-28 13:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2016-06-01 20:15 - 2016-06-01 20:15 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2016-05-23 21:10 - 2016-05-23 21:10 - 00679624 _____ () C:\Users\Lea\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-06-11 12:49 - 2016-06-07 03:58 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-07-13 21:51 - 2016-06-07 03:58 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-07-13 21:51 - 2016-06-07 03:59 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2016-07-13 21:51 - 2016-06-07 03:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-06-11 12:49 - 2016-06-07 03:58 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-06-11 12:49 - 2016-06-07 03:58 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-07-13 21:51 - 2016-06-07 03:58 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-06-11 12:49 - 2016-07-05 20:00 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-06-11 12:49 - 2016-06-07 03:58 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-07-13 21:51 - 2016-07-05 19:59 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-06-11 12:49 - 2016-06-07 03:59 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-07-13 21:51 - 2016-07-05 19:59 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-07-13 21:51 - 2016-07-05 19:59 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-07-13 21:51 - 2016-06-07 04:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-07-13 21:51 - 2016-07-05 19:59 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-06-11 12:49 - 2016-06-07 03:58 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2016-07-13 21:51 - 2016-06-07 03:59 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2016-07-13 21:51 - 2016-07-05 19:59 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-07-13 21:51 - 2016-06-07 04:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-07-13 21:51 - 2016-07-05 20:00 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-07-13 21:51 - 2016-03-12 02:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2016-07-13 21:51 - 2016-07-05 20:00 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-07-13 21:51 - 2016-07-05 20:00 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-06-11 12:49 - 2016-06-07 03:59 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-07-13 21:51 - 2016-07-05 20:00 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-06-11 12:49 - 2016-06-07 04:00 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2016-06-11 12:49 - 2016-07-05 20:00 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-06-18 00:14 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-06-18 00:14 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll 2014-06-27 21:34 - 2014-03-12 08:34 - 00866056 _____ () C:\Program Files (x86)\CyberLink\YouCam\subsys\BigBang\Runtime\UNO.dll 2014-06-27 21:34 - 2011-08-24 04:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\YouCam\koan\_ctypes.pyd 2014-06-27 21:34 - 2011-08-24 04:39 - 00053248 _____ () C:\Program Files (x86)\CyberLink\YouCam\koan\_socket.pyd 2014-06-27 21:34 - 2011-08-24 04:39 - 00655360 _____ () C:\Program Files (x86)\CyberLink\YouCam\koan\_ssl.pyd 2014-06-27 21:34 - 2013-12-17 12:19 - 00057344 _____ () C:\Program Files (x86)\CyberLink\YouCam\subsys\YouCam\XUControl.dll 2014-06-27 21:34 - 2014-03-12 08:34 - 00311048 _____ () C:\Program Files (x86)\CyberLink\YouCam\subsys\YouCam\BlackCat.dll 2014-06-27 21:34 - 2012-07-24 05:06 - 00255272 _____ () C:\Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CLAvatar.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\Lea\Downloads\avast_free_antivirus_setup_online.exe:BDU [0] AlternateDataStreams: C:\Users\Lea\Downloads\mp3el2.exe:BDU [0] AlternateDataStreams: C:\Users\Lea\Downloads\wlsetup-web.exe:BDU [0] AlternateDataStreams: C:\Users\Lea\Downloads\x264enc5.exe:BDU [0] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\123simsen.com -> www.123simsen.com Il y a 7866 plus de sites. ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 15:25 - 2015-08-11 14:24 - 00450773 ___RA C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Il y a 15463 plus de lignes. ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lea\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\papier peint de la galerie de photos.jpg DNS Servers: 212.27.40.241 - 212.27.40.240 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) MSCONFIG\Services: 4abaf598 => 2 MSCONFIG\Services: a34dfee7-ea86-4e1d-88fb-46171610240f => 2 MSCONFIG\Services: AERTFilters => 2 MSCONFIG\Services: cae99edb => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: hufubibu => 2 MSCONFIG\Services: meresotu => 2 MSCONFIG\Services: MyAdGuardianMonitor => 2 MSCONFIG\Services: MyrwewNebg => 2 MSCONFIG\Services: omniserv => 2 MSCONFIG\Services: Service Mgr OnStage => 2 MSCONFIG\Services: shopperz04082015 Updater => 2 MSCONFIG\Services: tusytojo => 2 MSCONFIG\Services: Update Mgr OnStage => 2 MSCONFIG\Services: Update Product Deals => 2 MSCONFIG\Services: Util Product Deals => 2 HKLM\...\StartupApproved\Run: => "InstallerLauncher" HKLM\...\StartupApproved\Run: => "shopperz04082015" HKLM\...\StartupApproved\Run: => "shopperz0408201564" HKU\S-1-5-21-1759209700-2904807195-3043021573-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_39A5AEA3A876DA8E0BEB5E8F6BF5D054" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{3726169F-D137-4C6A-99B3-F405E41CC595}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0C3EAE2B-9F6D-4C4B-AFA2-18358EDEF804}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{98F9CD5C-727E-4621-A02E-992C542245B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9F95A7D9-2AFE-4818-A8FE-E54E5DA26570}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4066337C-F6BC-4941-A6EB-29AB4C88D03A}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{D2DC92F1-1739-4600-A9D1-08AABB3C3270}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{7FAEB633-FC3C-46F3-ABFA-44354B88E57F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{911E7719-4347-4A32-9016-9FFA084B53F4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{ECF95AAB-640A-4FB0-AAE7-ECB86536C507}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{E2C73602-513B-48E6-868E-69277A1C692E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{4204084A-1288-4620-9C1A-2B3D8547811F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{A4F25A1F-D69E-4B1E-931D-063AE8CFE281}] => (Allow) LPort=1900 FirewallRules: [{6ABAC2DC-9298-4D57-B49A-CB49B7F3EFCF}] => (Allow) LPort=2869 FirewallRules: [{04B7311A-CB2D-4CAF-BDC3-52AF39F4B1CE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6105B818-0196-41F9-924F-28945BE9DFBD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{3A69E04E-6A2B-48A3-9C11-80B0AD2DF9B8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{0425649B-4EA3-4724-BBB5-D0D783AD857E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{3C2B808B-BD64-43C9-B5B5-4569D7140946}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{D36AAEA5-1383-460D-A407-53707658E955}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{D55778C4-B8E5-44DB-84F0-0D6584F70BDC}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{A0133AF5-A936-4040-87D4-AB12E598DFE0}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{FB635502-9B9E-453E-8DAF-8DB251B76CD0}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{37A5D721-0753-4066-A8BF-E933ABE9D353}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{C0646557-D5CC-4E2A-A7AD-CCD5C6BF52C9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{1B1A0529-8C60-4D2C-AF1F-DD5945BDFF7C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{EB649BF0-D514-4E89-BE2D-F874B0B35100}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{904801B1-4C26-4313-89C6-425368BA8A7E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{A3CBE7B8-EB5A-49F7-BAB8-E2291E8BCFC4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{E688171B-9B40-4C70-8431-A13FA71D220B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{F9E44399-58DC-4D80-99D4-4AE69B7642CD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Points de restauration ========================= 28-07-2016 10:34:34 Ce jour après ZHPDiag ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (07/29/2016 01:20:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ClientCore.exe, version : 8.0.1.11, horodatage : 0x5335c2a0 Nom du module défaillant : autheng.dll, version : 0.0.0.0, horodatage : 0x5335c015 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000030517 ID du processus défaillant : 0x1768 Heure de début de l’application défaillante : 0xClientCore.exe0 Chemin d’accès de l’application défaillante : ClientCore.exe1 Chemin d’accès du module défaillant: ClientCore.exe2 ID de rapport : ClientCore.exe3 Nom complet du package défaillant : ClientCore.exe4 ID de l’application relative au package défaillant : ClientCore.exe5 Error: (07/29/2016 12:55:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ClientCore.exe, version : 8.0.1.11, horodatage : 0x5335c2a0 Nom du module défaillant : autheng.dll, version : 0.0.0.0, horodatage : 0x5335c015 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000030517 ID du processus défaillant : 0x16b8 Heure de début de l’application défaillante : 0xClientCore.exe0 Chemin d’accès de l’application défaillante : ClientCore.exe1 Chemin d’accès du module défaillant: ClientCore.exe2 ID de rapport : ClientCore.exe3 Nom complet du package défaillant : ClientCore.exe4 ID de l’application relative au package défaillant : ClientCore.exe5 Error: (07/29/2016 11:57:56 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (07/29/2016 11:54:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ClientCore.exe, version : 8.0.1.11, horodatage : 0x5335c2a0 Nom du module défaillant : autheng.dll, version : 0.0.0.0, horodatage : 0x5335c015 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000030517 ID du processus défaillant : 0xbec Heure de début de l’application défaillante : 0xClientCore.exe0 Chemin d’accès de l’application défaillante : ClientCore.exe1 Chemin d’accès du module défaillant: ClientCore.exe2 ID de rapport : ClientCore.exe3 Nom complet du package défaillant : ClientCore.exe4 ID de l’application relative au package défaillant : ClientCore.exe5 Error: (07/29/2016 10:56:20 AM) (Source: COM) (EventID: 10031) (User: ) Description: {CDC82860-468D-4D4E-B7E7-C298FF23AB2C} Error: (07/29/2016 10:56:20 AM) (Source: COM) (EventID: 10031) (User: ) Description: {CDC82860-468D-4D4E-B7E7-C298FF23AB2C} Error: (07/29/2016 09:21:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ClientCore.exe, version : 8.0.1.11, horodatage : 0x5335c2a0 Nom du module défaillant : autheng.dll, version : 0.0.0.0, horodatage : 0x5335c015 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000030517 ID du processus défaillant : 0x27ac Heure de début de l’application défaillante : 0xClientCore.exe0 Chemin d’accès de l’application défaillante : ClientCore.exe1 Chemin d’accès du module défaillant: ClientCore.exe2 ID de rapport : ClientCore.exe3 Nom complet du package défaillant : ClientCore.exe4 ID de l’application relative au package défaillant : ClientCore.exe5 Error: (07/28/2016 10:24:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ClientCore.exe, version : 8.0.1.11, horodatage : 0x5335c2a0 Nom du module défaillant : autheng.dll, version : 0.0.0.0, horodatage : 0x5335c015 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000030517 ID du processus défaillant : 0x198c Heure de début de l’application défaillante : 0xClientCore.exe0 Chemin d’accès de l’application défaillante : ClientCore.exe1 Chemin d’accès du module défaillant: ClientCore.exe2 ID de rapport : ClientCore.exe3 Nom complet du package défaillant : ClientCore.exe4 ID de l’application relative au package défaillant : ClientCore.exe5 Error: (07/28/2016 09:10:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HP) Description: Le package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{59a8b873-2006-4db7-aca5-196aa0387c4f} a été interrompu, car sa suspension a été trop longue. Error: (07/28/2016 08:38:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ClientCore.exe, version : 8.0.1.11, horodatage : 0x5335c2a0 Nom du module défaillant : autheng.dll, version : 0.0.0.0, horodatage : 0x5335c015 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000030517 ID du processus défaillant : 0x1820 Heure de début de l’application défaillante : 0xClientCore.exe0 Chemin d’accès de l’application défaillante : ClientCore.exe1 Chemin d’accès du module défaillant: ClientCore.exe2 ID de rapport : ClientCore.exe3 Nom complet du package défaillant : ClientCore.exe4 ID de l’application relative au package défaillant : ClientCore.exe5 Erreurs système: ============= Error: (07/29/2016 01:24:09 PM) (Source: DCOM) (EventID: 10016) (User: HP) Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HPLeaS-1-5-21-1759209700-2904807195-3043021573-1001LocalHost (avec LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795 Error: (07/29/2016 01:22:34 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (07/29/2016 01:17:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Accès aux données utilisateur_47bc4 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/29/2016 01:17:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Stockage des données utilisateur_47bc4 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/29/2016 01:17:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Données de contacts_47bc4 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/29/2016 01:17:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Hôte de synchronisation_47bc4 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/29/2016 01:17:29 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/29/2016 12:57:45 PM) (Source: DCOM) (EventID: 10016) (User: HP) Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HPLeaS-1-5-21-1759209700-2904807195-3043021573-1001LocalHost (avec LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795 Error: (07/29/2016 12:57:24 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (07/29/2016 12:52:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Accès aux données utilisateur_886c5 s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. CodeIntegrity: =================================== Date: 2016-07-27 20:54:08.740 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-25 21:19:42.098 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-15 15:14:07.069 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 23:06:03.621 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-20 00:04:30.396 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-19 10:21:32.723 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-17 23:48:08.876 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-16 00:58:05.752 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-14 14:19:06.393 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 03:05:26.008 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Pourcentage de mémoire utilisée: 57% Mémoire physique - RAM - totale: 4027.84 MB Mémoire physique - RAM - disponible: 1726.21 MB Mémoire virtuelle totale: 7867.84 MB Mémoire virtuelle disponible: 5423.31 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:679.43 GB) (Free:624.79 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:17.42 GB) (Free:1.65 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive e: (FISTON) (CDROM) (Total:5.45 GB) (Free:0 GB) UDF Drive f: () (Removable) (Total:29.81 GB) (Free:23.77 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: F26EDE80) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: 0B26E539) Partition 1: (Active) - (Size=29.8 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt ============================