Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 30-11-2017 Exécuté par THAVOT (02-12-2017 11:39:35) Exécuté depuis C:\Users\THAVOT\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2015-03-25 10:58:28) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-1319549148-3833967164-3563294612-500 - Administrator - Disabled) Invité (S-1-5-21-1319549148-3833967164-3563294612-501 - Limited - Disabled) THAVOT (S-1-5-21-1319549148-3833967164-3563294612-1000 - Administrator - Enabled) => C:\Users\THAVOT ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated) Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Apple Application Support (32 bits) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) BleachBit (HKLM-x32\...\BleachBit) (Version: 1.12 - BleachBit) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) Disconnect Desktop (HKLM-x32\...\{5339EADE-2D0C-4F66-95CE-0502F8DE2BEF}) (Version: 2.0.5 - Disconnect) Hidden Disconnect Desktop (HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\Disconnect Desktop 2.0.5) (Version: 2.0.5 - Disconnect) DriversCloud.com (64 bits) (HKLM\...\{8B044631-6E1E-4A0B-8E7F-8CB932CC660F}) (Version: 10.0.5.3 - Cybelsoft) Dropbox (HKLM-x32\...\Dropbox) (Version: 39.4.49 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden f.lux (HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\Flux) (Version: - f.lux Software LLC) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.) GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.397.0 - International GeoGebra Institute) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) GoPro App (HKLM-x32\...\{FA856359-2B03-4ABC-AC82-E69AF9F405CE}) (Version: 5.6.509 - GoPro, Inc.) Hidden GoPro Studio 2.5.6 (HKLM-x32\...\{8850d4d9-a0fc-453f-ba03-ec084375d0c2}) (Version: 2.5.6.509 - GoPro, Inc.) iTunes (HKLM\...\{27F29B96-1914-4F48-BD76-07E98D7832C6}) (Version: 12.7.1.14 - Apple Inc.) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig) Kaspersky Anti-Virus (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Kaspersky Software Updater (HKLM-x32\...\{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab) Hidden Kaspersky Software Updater (HKLM-x32\...\InstallWIX_{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab) Launcher GFACE (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden Microsoft .NET Framework 4.7 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation) Mozilla Firefox 57.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 57.0.1 (x64 fr)) (Version: 57.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla) My.com Game Center (HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\MyComGames) (Version: 3.194 - My.com B.V.) NetLogo 6.0.1 (HKLM\...\{0FD6F254-ACD0-43BA-A45C-4935D1666B7F}) (Version: 6.0.1 - CCL) OpenOffice 4.1.4 (HKLM-x32\...\{4138A847-021B-4C26-B6BF-220B2446F603}) (Version: 4.14.9787 - Apache Software Foundation) PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.0.22.32360 - pdfforge GmbH) PDF Architect 5 Create Module (HKLM\...\{0E25DE98-E56E-4259-B554-F1360BB2DC22}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden PDF Architect 5 Edit Module (HKLM\...\{EE01D8D7-2DD0-4C43-BF42-D9C8FC8DAE99}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden PDF Architect 5 View Module (HKLM\...\{4DC94B75-B036-474D-8AC8-E2D055C95FBD}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH) PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.33.0 - Goversoft LLC) RogueKiller version 12.11.26.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.26.0 - Adlice Software) Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.) SOLIDWORKS 2016 x64 Edition SP0.1 (HKLM\...\{768F3B65-1695-47B7-9002-B11400CB111D}) (Version: 24.101.6 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS 2016 x64 Edition SP0.1 (HKLM-x32\...\SolidWorks Installation Manager 20160-40001-1100-100) (Version: 24.0.1.6 - SolidWorks Corporation) SOLIDWORKS 2016 x64 French Resources (HKLM\...\{F83DD2AE-7DD6-4EDD-923C-BCE01E9EEDAD}) (Version: 24.101.6 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Composer 2016 SP0.1 x64 Edition (HKLM\...\{36CE77E6-4DB3-48C0-91E8-0F4AA3721597}) (Version: 24.01.6 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS eDrawings 2016 x64 Edition SP0.1 (HKLM\...\{83EF22F4-10FA-4F05-A958-170A87712A23}) (Version: 16.0.5009 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Electrical 2016 SP0.1 x64 Edition (HKLM\...\{064914EF-A0D8-447D-8E5C-E888CA8FD467}) (Version: 24.01.6 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS Explorer 2016 SP0.1 x64 Edition (HKLM\...\{41E08694-1890-4B39-9D1C-B9D27A1D67B3}) (Version: 24.01.6 - Dassault Systèmes SolidWorks Corp) Hidden SOLIDWORKS Flow Simulation 2016 SP0.1 x64 Edition (HKLM\...\{0B7C2320-1D2F-42F1-9941-C88C6B7AB0D5}) (Version: 24.01.7 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS Inspection 2016 SP0.1 x64 Edition (HKLM\...\{EAE4694D-8E6E-4BEB-BD29-E9572717BA6E}) (Version: 24.01.6 - Dassault Systemes SolidWorks Corp) Hidden SOLIDWORKS Plastics 2016 SP0.1 x64 Edition (HKLM\...\{DF6A3557-CE70-4357-81CF-E33CCB5E750D}) (Version: 24.01.6 - Dassault Systemes SolidWorks Corp) Hidden Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.) TI-Nspire™ CX CAS Student Software (HKLM-x32\...\{57D4221F-F978-490C-A8FC-7677F49660CA}) (Version: 4.5.0.1180 - Texas Instruments Inc.) UCheck version 2.3.1.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 2.3.1.0 - Adlice Software) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) VFW_Codec32 (HKLM-x32\...\{AFEF72F3-EDEC-4B70-BB25-4CEA1FCBF425}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (HKLM\...\{4C110871-BAC2-43D8-A892-C30FD0F58D83}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Warface My.Com (HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\Warface My.Com) (Version: 1.27 - My.com B.V.) WhoCrashed 5.51 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) WinDirStat 1.1.2 (HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\WinDirStat) (Version: - ) WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wise Disk Cleaner 9.58 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 9.58 - WiseCleaner.com, Inc.) Wise Registry Cleaner 9.4.7 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 9.4.7 - WiseCleaner.com, Inc.) WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft) ZebHelpProcess 2016 (HKLM-x32\...\ZebHelpProcess_is1) (Version: 2015 - Nicolas Coolman) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.) ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-09-09] (AO Kaspersky Lab) ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-07-05] (pdfforge GmbH) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2016-09-17] () ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-09-09] (AO Kaspersky Lab) ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2016-09-17] () ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2016-09-17] () ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-09-09] (AO Kaspersky Lab) ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2016-09-17] () ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.) ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-09-09] (AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2016-09-17] () ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {10C10044-4BAC-49E2-88DB-C6F8A7444816} - System32\Tasks\AdobeAAMUpdater-1.0-THAVOT-PC-THAVOT => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {25E12B56-858D-48B3-ADEF-3EB0260BE8EA} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig) Task: {463AAF0D-7476-4BB4-9FAB-1D04E701D5DD} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent Task: {463AAF0D-7476-4BB4-9FAB-1D04E701D5DD} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-07-13] (Microsoft Corporation) Task: {491D53CE-7A71-4174-B426-FE429A208174} - System32\Tasks\{247371ED-4DC9-432D-BD39-72068BC3855A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag" Task: {50A1A631-86D0-4924-9CF7-239D7347CEB6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-22] (Adobe Systems Incorporated) Task: {67552F8F-7158-4419-88C3-4EAC5FCCAE11} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd) Task: {7BED89C9-345A-47DE-B5A4-837E44404AFA} - System32\Tasks\{96A28DF7-198A-439F-82AB-71399F6AA610} => C:\Windows\system32\pcalua.exe -a C:\Users\THAVOT\Downloads\QuickTimeInstaller.exe -d C:\Users\THAVOT\Downloads Task: {7F7D2EE6-E0C5-4EEF-8D00-B210A7DDC8FD} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [2017-12-01] (Goversoft LLC) Task: {8702F36C-E659-439E-8EFC-BD5EDF4284E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd) Task: {A897D14B-287E-48E4-98D9-C662BC2AFD70} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {A897D14B-287E-48E4-98D9-C662BC2AFD70} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-07-13] (Microsoft Corporation) Task: {AB220D9D-8C85-4DC1-9CE0-FDC8B5F3F051} - System32\Tasks\{E5A2E751-9D2C-4661-9436-427124F7C931} => C:\Windows\system32\pcalua.exe -a "C:\Users\THAVOT\Desktop\Nouveau dossier\pymol-1_1eval-bin-win32\pymol-1_1eval-bin-win32\SETUP.EXE" -d "C:\Users\THAVOT\Desktop\Nouveau dossier\pymol-1_1eval-bin-win32\pymol-1_1eval-bin-win32" Task: {CE531243-F5B1-4F4E-945B-7320983F66A1} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime Task: {CE531243-F5B1-4F4E-945B-7320983F66A1} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-07-13] (Microsoft Corporation) Task: {D686A418-AE76-4183-A05A-0BE3316EAAD1} - System32\Tasks\{FC785A58-E9E1-4811-8BED-3494C57E8CF9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ZebHelpProcess\ZHPHep.exe" -d "C:\Program Files (x86)\ZebHelpProcess" Task: {E2BB469A-3F74-4A83-B206-70208D27DE4B} - System32\Tasks\{0671DB03-D95F-4668-841A-9711C33BFB07} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ZebHelpProcess\ZHPHep.exe" -d "C:\Program Files (x86)\ZebHelpProcess" Task: {E829B1CE-DE5F-470A-B18D-368E95E8ADF7} - \WiseCleaner\WDCSkipUAC -> Pas de fichier <==== ATTENTION Task: {F588F58A-CDCF-4172-B118-C737DCA37394} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {F588F58A-CDCF-4172-B118-C737DCA37394} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent Task: {F588F58A-CDCF-4172-B118-C737DCA37394} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-07-13] (Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2015-08-04 00:25 - 2015-08-04 00:25 - 000214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 000817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 003650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll 2015-08-04 00:25 - 2015-08-04 00:25 - 000127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-01-13 13:56 - 2017-01-13 13:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-20 23:37 - 2015-10-20 23:37 - 000178184 _____ () C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe 2016-06-10 01:41 - 2016-06-10 01:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2016-09-17 10:41 - 2016-09-17 10:41 - 003525431 _____ () C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll 2017-09-09 11:41 - 2017-09-09 11:41 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\kpcengine.2.3.dll 2015-05-26 15:46 - 2015-05-26 15:46 - 000094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [134] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\localhost -> localhost IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\...\1001movie.com -> 1001movie.com Il y a 6091 plus de sites. ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2009-07-14 03:34 - 2017-07-08 14:11 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-1319549148-3833967164-3563294612-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\THAVOT\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SOLIDWORKS 2016 Démarrage rapide.lnk => C:\Windows\pss\SOLIDWORKS 2016 Démarrage rapide.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Téléchargement en arrière-plan de SOLIDWORKS.lnk => C:\Windows\pss\Téléchargement en arrière-plan de SOLIDWORKS.lnk.CommonStartup MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BingSvc => C:\Users\THAVOT\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: f.lux => "C:\Users\THAVOT\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow MSCONFIG\startupreg: gflauncher => "C:\Program Files (x86)\Crytek\GFACE Launcher\live\gflauncher.exe" --autostart MSCONFIG\startupreg: GoPro Studio Importer => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe MSCONFIG\startupreg: RIM PeerManager => "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{1B2444C5-B91E-4D65-8AEC-9E713E4296D3}] => (Allow) LPort=48113 FirewallRules: [{4AA93DCE-94CE-4691-A74F-856979CF9F07}] => (Allow) LPort=48114 FirewallRules: [TCP Query User{1FAC1477-0BFC-4443-97FA-187C917AC9DF}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [UDP Query User{2E8D3B92-4D59-4ED5-BE5D-3CAA7DA9B1BE}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [TCP Query User{083A49E2-2C5D-4242-BB76-B1C0DB60CADD}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [UDP Query User{EA4DF720-DD89-40B9-89A6-7423E4437628}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [TCP Query User{9593DA50-C2B6-4B99-808A-01D5EE8860B7}C:\program files (x86)\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe FirewallRules: [UDP Query User{27BA1004-FA79-4B6D-A397-912A66A3B9F6}C:\program files (x86)\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe FirewallRules: [TCP Query User{FCDF4725-64D8-41DC-B647-823FB2E24F34}C:\program files (x86)\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire cx cas student software\jre\bin\java.exe FirewallRules: [UDP Query User{AE51B147-03B0-4801-8939-C377C534A9E7}C:\program files (x86)\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire cx cas student software\jre\bin\java.exe FirewallRules: [TCP Query User{E96A7532-ABAF-4E81-9B08-A2043E5816A4}C:\program files (x86)\ti education\ti-nspire cx cas student software\ti-diagnostics\ti-diagnostic.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire cx cas student software\ti-diagnostics\ti-diagnostic.exe FirewallRules: [UDP Query User{9D4DA442-3F34-4EE1-B9FD-1E02ACB72AB4}C:\program files (x86)\ti education\ti-nspire cx cas student software\ti-diagnostics\ti-diagnostic.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire cx cas student software\ti-diagnostics\ti-diagnostic.exe FirewallRules: [{9B2DA6C0-B6F0-422A-9365-192DF56593A0}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{F8266DA1-2F8D-4D3A-8EB1-B11B0F41AACB}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [TCP Query User{D23F76CF-D57B-4DA6-A509-5D011169CADF}C:\lfs\lfs\lfs.exe] => (Block) C:\lfs\lfs\lfs.exe FirewallRules: [UDP Query User{FB7504F5-309D-4AA9-A1E3-8FB54664E878}C:\lfs\lfs\lfs.exe] => (Block) C:\lfs\lfs\lfs.exe FirewallRules: [{BABCBE90-B325-4FB1-93C0-04A2B0D89935}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{BDEDD4EF-7574-4112-9662-74CDFE0019DB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{707D03DD-CA34-4C0D-86A9-DB64E609BE22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C701A7BF-BCFA-4AFA-AE1B-8FDBE94CE96F}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe FirewallRules: [{1B41222B-4874-423A-96A7-B839D8154735}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe FirewallRules: [TCP Query User{BC7B8D43-7ADA-4820-85A2-7A839A43A34A}C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe] => (Allow) C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe FirewallRules: [UDP Query User{53E6198C-3205-4167-A11D-D7283C31140B}C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe] => (Allow) C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe FirewallRules: [{C986B14F-4812-47A1-9DFB-4352049E119B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DE8E6D95-1456-4D9D-B5FC-0E72C5EE4F09}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{459F1312-0FEA-48ED-A32C-4574BF031D71}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9DFF02C4-A488-4ADE-994E-8C263ABF0591}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{341586D1-309D-4572-9C83-2C6BF327FC72}] => (Allow) D:\MyGames\Warface My.Com\Bin32Release\Game.exe FirewallRules: [{54724D96-E573-4CA0-AF81-358F506B0BDC}] => (Allow) D:\MyGames\Warface My.Com\Bin32Release\Game.exe FirewallRules: [TCP Query User{E87C6A0F-6B7A-40E4-9F90-75B02E092D04}C:\program files\netlogo 6.0.1\hubnet client.exe] => (Allow) C:\program files\netlogo 6.0.1\hubnet client.exe FirewallRules: [UDP Query User{28D516DB-6360-4EC9-949B-5D21A41B31F4}C:\program files\netlogo 6.0.1\hubnet client.exe] => (Allow) C:\program files\netlogo 6.0.1\hubnet client.exe FirewallRules: [TCP Query User{BBCEE9CC-7135-4743-AA95-6BBC705CE24B}C:\program files\netlogo 6.0.1\netlogo.exe] => (Allow) C:\program files\netlogo 6.0.1\netlogo.exe FirewallRules: [UDP Query User{2A600319-81EA-4264-8F71-CD43897AFFC7}C:\program files\netlogo 6.0.1\netlogo.exe] => (Allow) C:\program files\netlogo 6.0.1\netlogo.exe FirewallRules: [TCP Query User{7152064D-5420-45B0-8E34-EC020E8FEB04}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{6AA62A8D-C5CD-4399-92C2-F33313F1496B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{1F4033C2-E6A4-4CA7-9A8C-2B2A2540F29D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{251861F5-DFE6-4B23-AAA9-EFDE5BD62382}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{35183A37-DE07-485A-ABA1-AD157BD457C4}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{C8F26E8F-CD48-45CB-B79C-1C577A432262}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe ==================== Points de restauration ========================= 02-12-2017 10:56:36 02/12/17 ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (11/30/2017 03:16:21 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 224: DNSServiceGetAddrInfo v4v6 THAVOT-PC.local. Error: (11/30/2017 03:16:21 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 224: Could not write data to client because of error - aborting connection Error: (11/30/2017 03:16:21 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: send_msg ERROR: failed to write 83 of 83 bytes to fd 224 errno 10053 (Une connexion établie a été abandonnée par un logiciel de votre ordinateur hôte.) Error: (11/30/2017 01:48:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Adobe Spaces Helper.exe, version : 0.0.0.0, horodatage : 0x57fde35d Nom du module défaillant : libcef.dll, version : 3.2526.1347.0, horodatage : 0x572d0cf0 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000002656a19 ID du processus défaillant : 0xf6c Heure de début de l’application défaillante : 0x01d369d130961488 Chemin d’accès de l’application défaillante : C:\Program Files\Adobe\Adobe Photoshop CC 2017\Required\Plug-Ins\Spaces\Adobe Spaces Helper.exe Chemin d’accès du module défaillant: C:\Program Files\Adobe\Adobe Photoshop CC 2017\Required\Plug-Ins\Spaces\libcef.dll ID de rapport : d0048247-d5cc-11e7-a8ce-0220ccfb0401 Error: (11/28/2017 11:04:07 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 604: ERROR: read_msg errno 0 (L’opération a réussi.) Error: (11/28/2017 11:04:07 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ERROR: mDNSPlatformReadTCP - recv: 10053 Error: (11/28/2017 11:04:07 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 620: DNSServiceGetAddrInfo v4v6 THAVOT-PC.local. Error: (11/28/2017 11:04:07 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 620: Could not write data to client because of error - aborting connection Error: (11/28/2017 11:04:07 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: send_msg ERROR: failed to write 83 of 83 bytes to fd 620 errno 10053 (Une connexion établie a été abandonnée par un logiciel de votre ordinateur hôte.) Error: (11/25/2017 04:49:28 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 636: ERROR: read_msg errno 0 (L’opération a réussi.) Erreurs système: ============= Error: (12/02/2017 10:11:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Service KSU s’est terminé de façon inattendue pour la 1ème fois. Error: (12/01/2017 10:07:19 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service SOLIDWORKS Electrical Collaborative Server a signalé un état actuel 0 non valide. Error: (12/01/2017 07:13:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service lmhosts. Error: (11/30/2017 10:01:25 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service SOLIDWORKS Electrical Collaborative Server a signalé un état actuel 0 non valide. Error: (11/29/2017 09:58:29 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service SOLIDWORKS Electrical Collaborative Server a signalé un état actuel 0 non valide. Error: (11/28/2017 10:51:03 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service SOLIDWORKS Electrical Collaborative Server a signalé un état actuel 0 non valide. Error: (11/27/2017 10:01:05 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service SOLIDWORKS Electrical Collaborative Server a signalé un état actuel 0 non valide. Error: (11/26/2017 10:00:36 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service SOLIDWORKS Electrical Collaborative Server a signalé un état actuel 0 non valide. Error: (11/25/2017 10:43:02 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service SOLIDWORKS Electrical Collaborative Server a signalé un état actuel 0 non valide. Error: (11/25/2017 02:43:03 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service SOLIDWORKS Electrical Collaborative Server a signalé un état actuel 0 non valide. CodeIntegrity: =================================== Date: 2016-10-29 11:18:21.392 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2016-10-29 11:18:21.360 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2016-10-29 11:18:21.314 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2016-10-29 11:18:21.282 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2016-10-29 11:18:20.768 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2016-10-29 11:18:20.721 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2016-10-29 11:18:20.674 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2016-10-29 11:18:20.627 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2016-10-29 11:18:20.112 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2016-10-29 11:18:20.081 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\THAVOT\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. ==================== Infos Mémoire =========================== Processeur: AMD Phenom(tm) II X2 555 Processor Pourcentage de mémoire utilisée: 76% Mémoire physique - RAM - totale: 4086.14 MB Mémoire physique - RAM - disponible: 950.38 MB Mémoire virtuelle totale: 8170.46 MB Mémoire virtuelle disponible: 4807.04 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:170.73 GB) (Free:70.3 GB) NTFS Drive d: () (Fixed) (Total:292.97 GB) (Free:284.52 GB) NTFS Drive g: (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 463.8 GB) (Disk ID: BC19EF09) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=170.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt ============================