Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 16-10-2017 Exécuté par Philippe (18-10-2017 04:11:50) Exécuté depuis C:\Users\Philippe\Desktop Windows 10 Home Version 1607 161220-1747 (X64) (2016-09-25 03:11:20) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3663380393-2238160461-2364308735-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3663380393-2238160461-2364308735-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3663380393-2238160461-2364308735-1003 - Limited - Enabled) Invité (S-1-5-21-3663380393-2238160461-2364308735-501 - Limited - Disabled) Philippe (S-1-5-21-3663380393-2238160461-2364308735-1001 - Administrator - Enabled) => C:\Users\Philippe ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 3.3 (HKLM\...\Virtual Printer SDK Patch_is1) (Version: - ) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated) Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.) Antidote 8 (HKLM-x32\...\{09AAAB09-6DBA-4DD9-9865-54597D3FBCA8}) (Version: 8.05.1877 - Druide informatique inc.) Apowersoft Gestionnaire de Smartphone version 2.7.4 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.7.4 - APOWERSOFT LIMITED) Assistant de téléchargement (HKLM-x32\...\{92154A3C-9BB7-49D7-A571-4EB6373FA5AD}) (Version: 6.65.13 - Druide informatique inc.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.3 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS) BitTorrent (HKLM-x32\...\BitTorrent) (Version: - BitTorrent, Inc) CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.64.73 - Conexant) Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.273.11 - Conexant Systems) CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Driver Easy 5.1.6 (HKLM\...\DriverEasy_is1) (Version: 5.1.6 - Easeware) DriverEasy 4.5.0.0 (HKLM-x32\...\DriverEasy 4.5.0.0) (Version: 4.5.0.0 - Easeware) Dropbox (HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\Dropbox) (Version: 37.3.28 - Dropbox, Inc.) Étude pour l'amélioration du produit HP DeskJet 3630 series (HKLM\...\{A90C7D4F-30F2-4A8E-A7D6-003F67E9433C}) (Version: 40.11.1107.1739 - HP Inc.) Facebook Gameroom 1.8.6429.23271 (HKLM-x32\...\{D71E0CAE-F4B3-499E-B515-396B02139A39}) (Version: 1.8.6429.23271 - Facebook) FastStone Capture 8.0 (HKLM-x32\...\FastStone Capture) (Version: 8.0 - FastStone Soft) Flash Video Capture 4.11.3 build 6430 (HKLM-x32\...\Flash Video Capture_is1) (Version: - FlashVideoCapture.com) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.8.49.213 - Foxit Software Inc.) Foxit PhantomPDF (HKLM-x32\...\{A33E42AC-6A09-4373-96AA-B2806431A938}) (Version: 6.1.5.624 - Foxit Corporation) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation) Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.) Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.) Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.) Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.) Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.) GanttProject (HKLM-x32\...\GanttProject) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.62 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden HP Deskjet 2540 series Aide (HKLM-x32\...\{2FAD0F16-4309-4D22-AE73-F4CCA737D013}) (Version: 30.0.0 - Hewlett Packard) HP DeskJet 3630 series Aide (HKLM-x32\...\{08F5B0C6-D24D-4327-BA56-F8E00C1A6878}) (Version: 35.0.0 - Hewlett Packard) HP Dropbox Plugin (HKLM-x32\...\{6401399A-F5DA-4C04-87AA-E8107DF00751}) (Version: 36.0.41.58587 - HP) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Google Drive Plugin (HKLM-x32\...\{63BCC696-0FB4-4E9C-8144-2DA4F248FC17}) (Version: 36.0.41.58587 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{ED5CE45D-842B-4C18-A002-87E16EA39BB3}) (Version: 12.8.37.11 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - ) Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Driver Update Utility 2.2 (HKLM-x32\...\{3EE9923D-3045-46AB-9CAA-E375993AEB4A}) (Version: 2.2.0.1 - Intel) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{C2EB37FD-30D2-42E4-B195-0F64C2F44E57}) (Version: 18.1.1539.2349 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{75895d95-3e4b-42b6-8440-97a0e234aeb3}) (Version: 17.0.2 - Intel Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) KB4023057 (HKLM\...\{0C050BEE-16BE-4998-8959-2A421433DB6E}) (Version: 2.5.0.0 - Microsoft Corporation) Leawo Blu-ray Player version 1.9.1.4 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.9.1.4 - leawo Software) Logiciel de base du périphérique HP Deskjet 2540 series (HKLM\...\{3330B490-86DE-4E57-AE3A-14AECC0ACC52}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Logiciel de base du périphérique HP DeskJet 3630 series (HKLM\...\{A571C4EB-3B62-4CA2-A2B3-ADB55387339B}) (Version: 40.11.1107.1739 - HP Inc.) Ma-Config.com (64 bits) (HKLM\...\{9EA21438-935A-48F9-88D4-A0341406E12A}) (Version: 4.0.323 - Cybelsoft) Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version: - ) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Language Pack 2013 - French/Français (HKLM\...\Office15.OMUI.fr-fr) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mises à jour NVIDIA 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.15.54 - NVIDIA Corporation) Hidden Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 56.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 fr)) (Version: 56.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla) My Drivers 5.1 (HKLM\...\My Drivers_is1) (Version: 5.1 - Huntersoft) NetWorx 5.4.2 (HKLM\...\NetWorx_is1) (Version: - Softperfect) NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) O&O Defrag Professional (HKLM\...\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}) (Version: 19.0.87 - O&O Software GmbH) Opera Stable 48.0.2685.39 (HKLM-x32\...\Opera 48.0.2685.39) (Version: 48.0.2685.39 - Opera Software) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Package de pilotes Windows - ASUS (ATP) Mouse (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS) Panneau de configuration NVIDIA 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.33 - NVIDIA Corporation) Hidden PDF Editeur 5 (HKLM-x32\...\PDF Editeur 5) (Version: - ) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.1 - pdfforge) PhotoFiltre 7 (HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\PhotoFiltre 7) (Version: - ) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Polar FlowSync version 2.6.2 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.6.2 - Polar Electro Oy) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6446 - Realtek Semiconductor Corp.) Realtek USB Fast Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.13.106.2014 - Realtek) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.500 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.15.54 - NVIDIA Corporation) Hidden SketchUp 2017 (HKLM\...\{7B8F376D-7D82-41A4-A14E-6DAAA426CBD9}) (Version: 17.2.2555 - Trimble Navigation Limited) SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.) Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit) Sothink SWF Catcher (HKLM-x32\...\{49273419-5179-4866-9F71-5CF346F302CF}_is1) (Version: 2.6 - SourceTec Software Co., LTD) Spotify (HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer) Tom Clancys Rainbow Six Siege (HKLM-x32\...\{4DF7C0AF-0F67-4283-A323-9BE47E56F013}_is1) (Version: 1.1.0.0 - Ubisoft) TomTom HOME (HKLM-x32\...\{B581E191-A2C1-4CE3-907E-9FE3C728750C}) (Version: 2.9.91 - Nom de votre société) TomTom MyDrive Connect 4.1.1.2797 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.1.2797 - TomTom) Unity Web Player (HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\UnityWebPlayer) (Version: 5.2.5f1 - Unity Technologies ApS) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team) vqx8kF2rK3H version 1.0 (HKLM-x32\...\{1fd06d23-1810-464b-b9c5-b92c28776962}_is1) (Version: 1.0 - ) <==== ATTENTION WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 7 Logon Background Changer (HKLM-x32\...\{2E6044C5-3495-485F-91BC-46D1B6430E51}) (Version: 1.5.2 - Julien MANICI) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. ) Wondershare PDF Editor(Build 3.6.0) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.6.0.10 - Wondershare Software Co.,Ltd.) XMIND 2008 (HKLM-x32\...\XMIND 2008) (Version: 2.1.0.0 - Mango Software Labs China) XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\MoteurIntegration.exe (Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\MoteurIntegration.exe (Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\AgentAntidote.exe (Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\Antidote.exe (Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 8\Programmes64\Antidote.exe (Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3663380393-2238160461-2364308735-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> Pas de fichier ContextMenuHandlers1: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> Pas de fichier ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Pas de fichier ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-09-27] (Foxit Corporation) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-10] (Foxit Corporation) ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH) ContextMenuHandlers1: [PDFManagerExt] -> {59E4A616-E484-44B5-95FB-7F430B35E8FE} => -> Pas de fichier ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\system32\IObitSmartDefragExtension.dll [2015-01-10] (IObit) ContextMenuHandlers1: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> Pas de fichier ContextMenuHandlers1: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Pas de fichier ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-04-28] (WinZip Computing, S.L.) ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH) ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> Pas de fichier ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-04-28] (WinZip Computing, S.L.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation) ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-30] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-11] (NVIDIA Corporation) ContextMenuHandlers6: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> Pas de fichier ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\system32\IObitSmartDefragExtension.dll [2015-01-10] (IObit) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-04-28] (WinZip Computing, S.L.) ContextMenuHandlers1_S-1-5-21-3663380393-2238160461-2364308735-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-3663380393-2238160461-2364308735-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-3663380393-2238160461-2364308735-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Philippe\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-13] (Dropbox, Inc.) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {09A55D25-2C74-4683-B0A3-940AEB4D01BA} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2017-01-13] (Easeware) Task: {09FE3538-825F-4691-AE02-D1529AFD508D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {0B6DDCD5-0B45-4E84-8637-9279F01AE5C6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3663380393-2238160461-2364308735-1001Core => C:\Users\Philippe\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {1AD82922-3248-4372-BE2E-99E8229FC8BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-10-11] (Microsoft Corporation) Task: {1B1D51B4-61B3-4C6E-AF2D-9A207E49D421} - System32\Tasks\FEjGVYhNUPgt7u1 => C:\Users\Philippe\AppData\Roaming\FEjGVYhNUPgt7u1.exe <==== ATTENTION Task: {1CCA8D45-5792-44D2-ADC0-851EE84AB5B4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-17] (Adobe Systems Incorporated) Task: {1F141044-D29F-415B-A2E4-B4F703CDFA30} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {20E8FE69-1980-421B-884A-8F0DCD3D56C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-09-15] (HP Inc.) Task: {281E5E83-99DE-47B3-ADFA-A58B88440FCF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {2A82AFA5-1096-4116-904D-04798EA586FC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {2B996AFC-B5B7-4A41-84DE-D898787A5157} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {2C90B419-23CC-4AD3-B6D9-FAC7EB797D3A} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {39FB2854-DD71-4C5A-B453-C9446B3D7051} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.) Task: {3C70EAE3-42E8-4894-A622-CE840367FCB4} - System32\Tasks\HPCeeScheduleForPhilippe => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {3F8B9D90-BA6C-4C4B-B88B-149408384CF4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2017-09-20] (Piriform Ltd) Task: {4E3781B0-D332-480C-A96B-76B32994207B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.) Task: {50F359DA-2862-4380-85BB-50BE11B7E58D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {54EDFA69-F544-433F-AD35-5C4DA698FF24} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.) Task: {668DAC53-1A9E-4893-9848-7DFFB97A7BE9} - System32\Tasks\Driver Booster SkipUAC (Philippe) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {67F76897-3EC7-4243-AF2A-7B88202E9AF9} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {6A40B780-2667-444F-BEE2-6965DC30DFE7} - System32\Tasks\Bluetooth Driver Installer => C:\Users\Philippe\AppData\Local\Temp\is-22HHK.tmp\prsetup.exe <==== ATTENTION Task: {6EB453D1-33DC-43D3-8CB4-BD930D0E1513} - System32\Tasks\VJIIOU => C:\Users\Philippe\AppData\Roaming\VJIIOU.exe <==== ATTENTION Task: {7539F9BA-B71A-4BE8-B2DB-1579D1F56770} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.) Task: {7A46989D-A1C8-4AC9-AA3A-5045D8B7A6C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {7C044869-400E-4194-AD3D-70A28BA782E0} - System32\Tasks\Opera scheduled Autoupdate 1417888038 => C:\Program Files (x86)\Opera\launcher.exe [2017-10-10] (Opera Software) Task: {87323562-A433-4AF5-8368-394C22191E19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18] (Google Inc.) Task: {91C9C02D-E3C0-4B1E-9AAE-56349009B89D} - System32\Tasks\FKBA => C:\Users\Philippe\AppData\Roaming\FKBA.exe <==== ATTENTION Task: {980EDBFD-DDC3-4E59-93E4-6D58F36B172A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.) Task: {9995AE7B-46CC-4799-9237-C29841DEB263} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {9C82D8E8-D87A-4483-8F60-1956D0C2233B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18] (Google Inc.) Task: {ACECEB14-FD0F-4DFA-B458-83C33B3643D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-17] (Adobe Systems Incorporated) Task: {AD3F62E2-6C0E-4C5A-BBFD-807919A3BB40} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.) Task: {B80F2D19-195A-4D42-B393-C29B2C3E3B16} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {BA6C06A0-3119-4A20-9294-A4CE70460D7D} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] () Task: {BD2D88F7-24E4-4D61-A332-CE2C124316AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2017-09-27] (HP Inc.) Task: {C2A737C4-4BCF-41D7-9F2B-0BA4C13E2299} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {C9DCD384-0FED-4F3E-90E5-A205B7536FAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN5A91H2W3 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-25] (HP Inc.) Task: {D10FD6E3-4F1E-4242-91D9-99F2CB2C3BA0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.) Task: {DE19504E-D47F-4033-83AA-2E9031154BBD} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [2017-02-08] (HP Inc.) Task: {DF330268-AE85-45E4-869E-B327B6BA1A52} - \SuperClick Auto Updater 1.10.0.16 Pending Update -> Pas de fichier <==== ATTENTION Task: {E31B65D8-A558-481F-A1EB-79477BB1E60C} - System32\Tasks\IXYENYOE => C:\Users\Philippe\AppData\Roaming\IXYENYOE.exe <==== ATTENTION Task: {E33BE4CC-598E-4840-9431-9AC97963F2A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-25] (HP Inc.) Task: {E5EEC684-0C0D-4456-964F-81815F3BC31E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek) Task: {F2F44C5D-DB9A-4F89-99E3-921D75D11825} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe Task: {F5B68B43-63A4-41A6-B7A2-4678F8DEC0B4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3663380393-2238160461-2364308735-1001UA => C:\Users\Philippe\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {F8C83BCA-36D9-477F-B990-4309417017F5} - System32\Tasks\RRKRRRL => C:\Users\Philippe\AppData\Roaming\RRKRRRL.exe <==== ATTENTION Task: {FA96C756-9C3E-4697-B8D9-142FA1306465} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\WINDOWS\Tasks\FEjGVYhNUPgt7u1.job => C:\Users\Philippe\AppData\Roaming\FEjGVYhNUPgt7u1.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\FKBA.job => C:\Users\Philippe\AppData\Roaming\FKBA.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\HPCeeScheduleForPhilippe.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\IXYENYOE.job => C:\Users\Philippe\AppData\Roaming\IXYENYOE.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\RRKRRRL.job => C:\Users\Philippe\AppData\Roaming\RRKRRRL.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\VJIIOU.job => C:\Users\Philippe\AppData\Roaming\VJIIOU.exe <==== ATTENTION ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 22:57 - 2016-12-09 12:29 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2013-12-04 09:44 - 2013-12-04 09:44 - 000200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-12-04 09:44 - 2013-12-04 09:44 - 000054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-12-04 09:44 - 2013-12-04 09:44 - 000034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2016-04-16 15:17 - 2016-04-16 18:08 - 000066872 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe 2016-04-16 15:17 - 2016-04-16 18:45 - 000107832 _____ () C:\WINDOWS\SysWoW64\PnkBstrB.exe 2017-10-17 15:51 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-10-17 15:51 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2016-09-25 05:22 - 2016-09-25 05:22 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-11 20:19 - 2016-12-21 09:09 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-11 20:19 - 2016-12-21 08:54 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-11 20:19 - 2016-12-21 08:48 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-11 20:19 - 2016-12-21 08:48 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-11 20:19 - 2016-12-21 08:48 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-01-11 20:19 - 2016-12-21 08:48 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-11 20:19 - 2016-12-21 08:53 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-06-24 00:11 - 2016-11-30 22:57 - 000401888 _____ () C:\WINDOWS\system32\igfxTray.exe 2014-04-04 18:46 - 2014-04-04 18:46 - 000106824 _____ () C:\Program Files (x86)\Druide\Antidote 8\Programmes64\libwebsocketsDruide_8.dll 2016-08-04 05:26 - 2017-02-04 15:17 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll 2017-09-07 18:12 - 2017-09-07 18:12 - 000077824 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2017-10-18 03:52 - 2017-10-17 10:08 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libglesv2.dll 2017-10-18 03:52 - 2017-10-17 10:08 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libegl.dll 2017-10-18 03:11 - 2017-10-10 09:23 - 091444312 _____ () C:\Program Files (x86)\Opera\48.0.2685.39_0\opera_browser.dll 2017-10-18 03:11 - 2017-10-10 09:23 - 004197464 _____ () C:\Program Files (x86)\Opera\48.0.2685.39_0\libglesv2.dll 2017-10-18 03:11 - 2017-10-10 09:23 - 000101464 _____ () C:\Program Files (x86)\Opera\48.0.2685.39_0\libegl.dll 2017-08-23 07:05 - 2017-08-23 07:05 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-23 07:05 - 2017-08-23 07:05 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-08-23 07:05 - 2017-08-23 07:05 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-08-23 07:05 - 2017-08-23 07:05 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll 2015-12-30 12:55 - 2015-11-06 13:05 - 000618784 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2015-10-12 20:05 - 2015-10-12 05:05 - 000013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-04-04 18:46 - 2014-04-04 18:46 - 000091976 _____ () C:\Program Files (x86)\Druide\Antidote 8\Programmes32\libwebsocketsDruide_8.dll 2017-10-05 14:13 - 2015-11-19 15:56 - 001759232 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll 2017-01-12 20:51 - 2013-07-24 10:24 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2013-04-27 10:24 - 2013-04-27 10:24 - 000071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll 2014-09-13 19:52 - 2013-12-09 16:26 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] AlternateDataStreams: C:\ProgramData\Temp:DBC416F8 [128] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 15:25 - 2017-10-17 16:31 - 000000857 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Philippe\AppData\Roaming\Microsoft\Windows Photo Viewer\Papier peint de la Visionneuse de photos Windows.jpg DNS Servers: 185.156.172.178 - 185.93.180.131 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run: => "cAudioFilterAgent" HKLM\...\StartupApproved\Run: => "DptfPolicyLpmServiceHelper" HKLM\...\StartupApproved\Run: => "NetWorx" HKLM\...\StartupApproved\Run32: => "WebStorage" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "NvBackend" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\StartupFolder: => "Envoyer à OneNote.lnk" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Philippe\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3663380393-2238160461-2364308735-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{5B06EA2A-E4A9-4936-B69B-C6C24C71213E}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{48818B4E-C21C-48C9-A1C5-75895F88212B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{57FA4301-E41D-43E6-88C7-E2B8000191EB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe FirewallRules: [{280BA88F-E715-48A8-9254-2D345E8EB992}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe FirewallRules: [{C57CDE0B-3D57-4E4D-B196-47BF804BC624}] => (Allow) C:\Program Files\ma-config.com\x64\maconfservice.exe FirewallRules: [{BC049EF3-0BA6-42C5-9069-9DB8D283855F}] => (Allow) C:\Program Files\ma-config.com\x64\maconfservice.exe FirewallRules: [{F2A12AE5-A644-46AF-8AFD-F16C7DB04623}] => (Allow) LPort=48113 FirewallRules: [{9ECB65A3-8B72-4B42-B48B-DBD9F82276E1}] => (Allow) LPort=48113 FirewallRules: [{110D9F4C-7591-491E-8B64-507351008DA3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{87FA6495-26ED-43FE-98E5-DFD59571D02E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E4075036-C0E9-45E3-AF38-D17127C1744B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1E7BD486-298D-4E13-9EA4-997766ABB793}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1CC3BF9C-1FA5-4C82-BEBD-A4EAE0D9F7F3}] => (Allow) C:\Program Files (x86)\BitTorrent\bittorrent.exe FirewallRules: [{C74143E7-19FF-4523-96BD-1267C7ECAF28}] => (Allow) C:\Program Files (x86)\BitTorrent\bittorrent.exe FirewallRules: [{F760D37D-ABAD-4305-904C-FFE9C0C6CF55}] => (Allow) LPort=1688 FirewallRules: [{978C251B-FFBB-4A69-8123-793DB56BB3EC}] => (Block) E:\marvel heroes game\unrealengine3\binaries\win64\marvelheroes2015.exe FirewallRules: [{4A0D5EF3-070C-4085-A033-5176C22555C2}] => (Block) E:\marvel heroes game\unrealengine3\binaries\win64\marvelheroes2015.exe FirewallRules: [UDP Query User{269F991F-68D6-49A4-896C-F439325125C0}E:\marvel heroes game\unrealengine3\binaries\win64\marvelheroes2015.exe] => (Allow) E:\marvel heroes game\unrealengine3\binaries\win64\marvelheroes2015.exe FirewallRules: [TCP Query User{50FC8816-4FFE-4B99-8CC3-3312275DD65E}E:\marvel heroes game\unrealengine3\binaries\win64\marvelheroes2015.exe] => (Allow) E:\marvel heroes game\unrealengine3\binaries\win64\marvelheroes2015.exe FirewallRules: [UDP Query User{1D2CD94C-B19B-4953-B2D7-77EA04893C16}C:\program files (x86)\cheat engine 6.4\cheatengine-x86_64.exe] => (Block) C:\program files (x86)\cheat engine 6.4\cheatengine-x86_64.exe FirewallRules: [TCP Query User{A54021D9-0E9F-4859-AF7D-1269E17021B1}C:\program files (x86)\cheat engine 6.4\cheatengine-x86_64.exe] => (Block) C:\program files (x86)\cheat engine 6.4\cheatengine-x86_64.exe FirewallRules: [{CC9B0979-E26F-4CCB-810C-79BDEAE4F58E}] => (Allow) C:\Users\Philippe\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{F7DFBD22-CB3C-4EB8-B09D-CA0D3F80F21C}] => (Allow) C:\Users\Philippe\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{544087F8-8C7F-49BA-8619-DE937438683B}] => (Allow) C:\Users\Philippe\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{FEB05BDE-E2ED-4AFF-9FDD-D2673BC986B2}] => (Allow) C:\Users\Philippe\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{903A6FA0-BE0B-430C-9134-75EEBE4C4E2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{45FEECCB-EA79-44DA-B718-CB9629CC5D4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C99CCCD7-0663-4C21-B82A-EF6CCAC76B6A}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{EF9013AC-8525-4914-A7A1-954C9E46D832}] => (Allow) LPort=5357 FirewallRules: [{02290E9F-EB99-48F1-B11B-03AF16C1BA7D}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{B31166C7-FF7D-4E2E-9B84-33EB0BCE5DA7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{69DE97FE-D430-4B9C-8D6B-DE294EBD5AE0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EA20058C-593D-442C-A9A7-320C1FBAAA53}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{DC492579-DEC3-406E-BE42-726A9025457F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [UDP Query User{06DDE26D-28B8-4D09-B1CE-4915046ED371}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{C4342C39-7F5E-440A-B27B-8ED00D4BA372}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{F767AEFF-F349-4C75-BBF6-317A94E3E9D8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{B988B27B-439E-49AD-807F-7C4B0F9ADCD2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{2E26F0E9-7B78-4516-BF15-E71F19ECA242}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{04538342-99DA-4448-B6AB-87D206C21FAE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{B7A808E5-397B-4759-BBD9-E7484CF07F43}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DCBE1506-BD09-4788-8A7E-B3C11B5611B2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [TCP Query User{B0E9D349-826E-407E-B51B-9AF965980088}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{D2189103-B74F-425C-A356-E5F2B6F05300}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{1A5FC256-2DF5-4BC0-866D-E9D40CAFEA65}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{C4CDC15E-AEAE-4881-A5A9-C5785D2C6AAB}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{0F0A295C-4AD0-4A6D-9C5F-AE624E342624}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [UDP Query User{11775AB0-206C-440C-8E66-22530C0CA044}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [{0A71EF25-E829-4E40-AFB3-A25ACB726035}] => (Block) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [{AF5BEE9B-CAB6-4003-BF77-17A2A619BE0C}] => (Block) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [{7C3E91A3-37C0-4A17-941E-DCFAE57209CB}] => (Allow) C:\Program Files\NetWorx\networx.exe FirewallRules: [{9730E73C-237D-42C5-9B4D-2C3D4A362D32}] => (Allow) C:\Program Files\NetWorx\networx.exe FirewallRules: [{2A374902-068B-480A-AC91-CA2A9033D87A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{FDAE139E-ACDF-459A-AB9C-57E168296C83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{DC3AB33F-9D9E-4673-9CD9-B7168FB487D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{D2BE1CB7-0A19-4078-A00B-3ADE3FB00703}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F4762BB7-85FB-439E-810C-F739AAB23BFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{45BCF74C-2553-43CC-966C-FC1064017737}C:\users\philippe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philippe\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2A6EC399-FA9A-490C-8A79-AF9CFBE89DB0}C:\users\philippe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philippe\appdata\roaming\spotify\spotify.exe FirewallRules: [{D1CE8930-441B-4FE8-90FC-7EB5AEF20ADB}] => (Block) C:\users\philippe\appdata\roaming\spotify\spotify.exe FirewallRules: [{C2C100C4-0E33-4DE4-8C9B-F577A5C0916C}] => (Block) C:\users\philippe\appdata\roaming\spotify\spotify.exe FirewallRules: [{292DDB6C-C5F8-4A8E-97AE-F8E92FB224D2}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe FirewallRules: [{313948D9-ADA1-41FE-8BC8-C54711A5E2E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{401C297D-9CEF-486C-841B-B759A4CCFCAA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{FEB8F0BE-1B82-4D80-B289-43177A187DFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{52442728-534E-41C6-865D-4E8B5109100F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{14605159-67F6-4789-9DF8-C4E2653F7618}] => (Allow) LPort=5354 FirewallRules: [{C4CFA34E-C55D-4DAC-8329-1ACC58A017F5}] => (Allow) LPort=5354 FirewallRules: [{10F57ABB-124B-4DF9-8BFD-A262E7F174BB}] => (Allow) LPort=5354 FirewallRules: [{DCDD9153-CFAF-4E32-9692-D4989FA5D7CA}] => (Allow) LPort=5354 FirewallRules: [{53BAF774-A34F-4464-A126-DBF634739BF1}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\DeviceSetup.exe FirewallRules: [{29507FB3-88BF-451A-A4FE-A07A841B9D09}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{2E98F9D8-4ADB-4462-BE7D-05DB01C9FDF1}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.39\opera.exe FirewallRules: [{D6907CA7-0C4E-483D-85D6-F3A7D2D88D75}] => (Allow) C:\WINDOWS\explorer.exe FirewallRules: [{9C8CD73A-A64B-44B2-82D6-B90608D83076}] => (Allow) C:\WINDOWS\system32\rundll32.exe FirewallRules: [{AAC87B1A-3763-44A6-80D9-3BA99A0E54A3}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.39_0\opera.exe FirewallRules: [{EC1674BE-BC39-4E3E-8E87-3BB16B0E0D41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{350D337A-D841-48BD-B5FF-895EB9F92046}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Points de restauration ========================= 12-10-2017 16:48:45 Windows Update 15-10-2017 18:05:49 Windows Update 17-10-2017 00:16:27 Removed Bonjour ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (10/18/2017 04:04:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante FacebookGameroom.exe, version : 1.8.6429.23271, horodatage : 0x598a173e Nom du module défaillant : libcef.dll, version : 3.2987.1601.0, horodatage : 0x5984c1cd Code d’exception : 0x4000001f Décalage d’erreur : 0x00742ccc ID du processus défaillant : 0x1510 Heure de début de l’application défaillante : 0x01d347b50941b3b6 Chemin d’accès de l’application défaillante : C:\Users\Philippe\AppData\Local\Facebook\Games\FacebookGameroom.exe Chemin d’accès du module défaillant: C:\Users\Philippe\AppData\Local\Facebook\Games\libcef.dll ID de rapport : 4959673a-da85-4cc8-b598-d0efe1d83d21 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/18/2017 04:03:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DOC_MATHE) Description: Le package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel a été interrompu, car sa suspension a été trop longue. Error: (10/18/2017 03:59:56 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11002.3418) TYPE: ERROR MODULE: DPTF TIME 29371 ms DPTF Build Version: 8.2.11002.3418 DPTF Build Date: Nov 18 2016 15:16:47 Source File: ..\..\..\..\Sources\Policies\LpmPolicy\LpmPolicy.cpp @ line 1027 Executing Function: LpmPolicy::getLpmModeFromPowerSettingsValue Message: Invalid version in validateLpm Policy: LPM Policy [4] Error: (10/18/2017 03:59:55 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value. Error: (10/18/2017 03:59:55 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetBrightnessSettingInDriver: p_handle is NULL. Error: (10/18/2017 03:59:55 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver. Error: (10/18/2017 03:59:55 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetBrightnessSettingFromDriver: p_handle is NULL. Error: (10/18/2017 03:59:55 AM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfParticipantDisplayService ConnectToDptfDisplayDriver: SetupDiEnumDeviceInterfaces() failed. Last error = [0x00000103] Error: (10/18/2017 03:59:55 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfPolicyCriticalService ServiceMain: ServiceStart() failed. Error: (10/18/2017 03:59:55 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfPolicyCriticalService ServiceStart: ConnectToDptfFrameworkDriver() failed. Erreurs système: ============= Error: (10/18/2017 04:06:53 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/18/2017 04:05:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Optimisation de livraison est en attente de démarrage. Error: (10/18/2017 04:05:08 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {B91D5831-B1BD-4608-8198-D72E155020F7} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/18/2017 04:02:58 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} et l’APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/18/2017 04:00:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/18/2017 04:00:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/18/2017 04:00:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/18/2017 04:00:19 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/18/2017 03:59:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Service Partage réseau du Lecteur Windows Media dépend du service Windows Search qui n’a pas pu démarrer en raison de l’erreur : L’échec d’une ouverture de session a empêché le démarrage du service. Error: (10/18/2017 03:59:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Search n’a pas pu démarrer en raison de l’erreur : L’échec d’une ouverture de session a empêché le démarrage du service. CodeIntegrity: =================================== Date: 2017-10-18 04:03:05.266 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2017-10-17 00:18:59.946 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-17 00:18:59.940 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-17 00:18:59.643 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-17 00:18:59.639 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-17 00:18:57.946 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-17 00:18:57.943 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-17 00:18:57.522 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-17 00:18:57.518 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-17 00:18:47.420 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Pourcentage de mémoire utilisée: 47% Mémoire physique - RAM - totale: 8080.95 MB Mémoire physique - RAM - disponible: 4239.66 MB Mémoire virtuelle totale: 9808.95 MB Mémoire virtuelle disponible: 5857.11 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:99.1 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:251.93 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 12D02F59) Partition: GPT. ==================== Fin de Addition.txt ============================