Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by valentin at 2015-06-08 12:35:46
Running from C:\Users\valentin\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-1228946083-175145342-2104422197-500 - Administrator - Disabled)
Invité (S-1-5-21-1228946083-175145342-2104422197-501 - Limited - Disabled)
valentin (S-1-5-21-1228946083-175145342-2104422197-1001 - Administrator - Enabled) => C:\Users\valentin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Reader XI (11.0.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoCAD 2014 - Français (French) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - Français (French) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - Français (French) (HKLM\...\AutoCAD 2014 - Français (French)) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
BlueGriffon version 1.7.2 (HKLM-x32\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 1.7.2 - Disruptive Innovations SAS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon MP210 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Centre Souris et Claviers Microsoft (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Cuisine Délinia 4.2.169 (HKLM-x32\...\Cuisine Délinia_is1) (Version: - Leroy Merlin)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.15.0134 - Fujitsu Technology Solutions)
Dropbox (HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Joomeo Desktop version 1.6.13 (HKLM-x32\...\{BD15DA74-BBE0-45AF-8B86-2EE90DC312E1}_is1) (Version: 1.6.13 - AIRSENS - Joomeo)
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Lapeyre Cuisines 3D (HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\SquareClock_Production_Lapeyre_Kitchen_Web) (Version: - SquareClock SAS)
Logitrace V12 (HKLM-x32\...\{C938308A-B386-48C8-98FE-AD4C56B52F07}) (Version: 12.0.13 - Demlog PROfirst Group)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{9017040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mises à jour NVIDIA 2.4.3.22 (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Pilote graphique 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
Package de pilotes Windows - Suunto Suunto USB Serial Port (08/26/2014 2.12.00) (HKLM\...\EB03F565E6E2AB08DF065DF044C182B3199A9CE8) (Version: 08/26/2014 2.12.00 - Suunto)
Panneau de configuration NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
Placolog (HKLM-x32\...\Placolog_is1) (Version: - Bpb Placo)
Rapport (x32 Version: 3.5.1404.84 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - )
Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\SIUSBXP&10C4&EA61) (Version: - )
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Suunto DM5 (HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\7d5fc44d63ac1d3e) (Version: 1.2.32.5119 - Suunto)
Suunto USB Driver (HKLM\...\SuuntoUSBFTDIVista_is1) (Version: 2.12.00.0 - Suunto Oy)
Trusteer Sécurité des points d'accès (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.84 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WeatherLink 6.0.3 (HKLM-x32\...\{E344C807-7DE0-4CC2-81BB-1F895CF8CBDF}) (Version: 6.0.3 - Davis Instruments Corp.)
WebAcappella4 (HKLM-x32\...\WebAcappella4_is1) (Version: - Intuisphere)
WinRAR 4.00 (32 bits) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Workplace Protect (HKLM\...\{D30E5802-6676-4E65-B1DF-5C2AACC15C59}) (Version: 1.02.0007 - Fujitsu Technology Solutions)
Xvid 1.1.3 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\fr-FR\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-05-2015 20:51:45 Windows Update
01-06-2015 13:15:38 Point de contrôle planifié
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 17:25 - 2013-08-22 17:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07168606-8C0B-4E1A-BD35-CDEDA099FFB0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-22] (Microsoft Corporation)
Task: {11F4C540-4B08-46D2-A4CE-397DD3F1805E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {139A12F5-E919-424D-B3D0-005A89CE75EB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {24CF579B-4254-47FB-871D-020EBC0F52B7} - System32\Tasks\Fujitsu\DeskUpdate => C:\Program Files (x86)\Fujitsu\DeskUpdate\ducmd.exe [2013-12-11] (Fujitsu Technology Solutions)
Task: {432C66C1-39B0-473C-B454-E673E1E990EF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {49F1902E-603D-402D-A389-888C6320913A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5C6AB7DD-374B-463D-ADF7-D4F7CA3EB527} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5DF25997-A8AD-4FC4-9E66-24AC072D9F4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {69515E11-4656-47E6-8EDA-7D23B199745C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {6F7CF14D-BAFF-4B8A-B100-0919FCC3C8BB} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {75F6D56E-D93E-47B3-BD77-F64D92CFE4F7} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {76DBDD34-0DA5-4983-B885-0A1C27C06B83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {97C25332-883D-4C15-B594-2994A905A333} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {A91F2736-4815-4C7D-81CA-9045D12674CA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {E6E010E3-FBEE-4A28-B183-E0C0D90BD668} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {F8E58716-1E44-4744-8C71-F5866AC36389} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FDB4503B-E330-4444-87D4-4810396EB4D5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-01-18 05:42 - 2014-11-13 01:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-08 22:50 - 2015-05-08 22:50 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-05-06 09:57 - 2015-05-01 20:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-08 12:34 - 2015-06-08 12:34 - 00043008 _____ () c:\users\valentin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2crwwi.dll
2015-03-05 01:45 - 2015-03-05 01:45 - 00750080 _____ () C:\Users\valentin\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 01:45 - 2015-03-05 01:45 - 00047616 _____ () C:\Users\valentin\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 01:45 - 2015-03-05 01:45 - 00865280 _____ () C:\Users\valentin\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 01:45 - 2015-03-05 01:45 - 00200704 _____ () C:\Users\valentin\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\valentin\Desktop\EXE Liste matériel maison banquier.xlsx:com.dropbox.attributes
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1228946083-175145342-2104422197-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\valentin\AppData\Roaming\Microsoft\Windows Photo Viewer\Papier peint de la Visionneuse de photos Windows.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\StartupApproved\Run: => "uTorrent"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{90097236-9B05-43DA-8078-9304FA5EA1C1}] => (Allow) LPort=50248
FirewallRules: [{15EB4024-DCA2-4CF6-A7AE-DC70F775AB6C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{73AED292-9264-4883-A20A-6CB64B1E4DDC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{69FEE93C-DC81-4F4A-BE7F-9C7FA5683766}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CED5FE11-0132-494A-A924-4728176439E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3C4C3BE7-B74F-40D4-8B37-A75E9B14A134}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5D7AFFF4-3012-41E3-B380-35082B91B87F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9FAB3BCC-39B0-4EAC-9CE4-F692DBEDA594}] => (Allow) C:\Users\valentin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FCAD7978-9009-4CC4-8EFA-947CEDC1A381}] => (Allow) C:\Users\valentin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DC3C74AE-0519-4B0C-8A3B-4939D8067281}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5492EDB3-5B5E-4841-8349-1695549DDA5D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B427651-5732-4A30-9F52-629D59F56654}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85A0AE12-DE52-4157-A0A6-6141063CEAAC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4A085DFC-6635-443E-9345-CA7176F78E80}] => (Allow) C:\Users\valentin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CBC931E6-8CB8-4779-BC3A-5D1EC42D2F40}] => (Allow) C:\Users\valentin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6210982A-7441-4CE0-89A1-73C73D07686B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{46946DB0-6285-476D-B41C-8BFFE5BE9AB1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/08/2015 00:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante GWXUX.exe, version : 6.3.9600.17813, horodatage : 0x554a15f3
Nom du module défaillant : ntdll.dll, version : 6.3.9600.17736, horodatage : 0x550f4336
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003d85e
ID du processus défaillant : 0x1024
Heure de début de l’application défaillante : 0xGWXUX.exe0
Chemin d’accès de l’application défaillante : GWXUX.exe1
Chemin d’accès du module défaillant: GWXUX.exe2
ID de rapport : GWXUX.exe3
Nom complet du package défaillant : GWXUX.exe4
ID de l’application relative au package défaillant : GWXUX.exe5
Error: (06/08/2015 00:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante LogonUI.exe, version : 6.3.9600.17415, horodatage : 0x5450541b
Nom du module défaillant : FWPCredentialProvider.dll, version : 1.2.7.0, horodatage : 0x523aa7c4
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000000d097
ID du processus défaillant : 0x120
Heure de début de l’application défaillante : 0xLogonUI.exe0
Chemin d’accès de l’application défaillante : LogonUI.exe1
Chemin d’accès du module défaillant: LogonUI.exe2
ID de rapport : LogonUI.exe3
Nom complet du package défaillant : LogonUI.exe4
ID de l’application relative au package défaillant : LogonUI.exe5
Error: (06/08/2015 00:15:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante LogonUI.exe, version : 6.3.9600.17415, horodatage : 0x5450541b
Nom du module défaillant : FWPCredentialProvider.dll, version : 1.2.7.0, horodatage : 0x523aa7c4
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000000d097
ID du processus défaillant : 0x1c8
Heure de début de l’application défaillante : 0xLogonUI.exe0
Chemin d’accès de l’application défaillante : LogonUI.exe1
Chemin d’accès du module défaillant: LogonUI.exe2
ID de rapport : LogonUI.exe3
Nom complet du package défaillant : LogonUI.exe4
ID de l’application relative au package défaillant : LogonUI.exe5
Error: (06/08/2015 11:59:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante LogonUI.exe, version : 6.3.9600.17415, horodatage : 0x5450541b
Nom du module défaillant : FWPCredentialProvider.dll, version : 1.2.7.0, horodatage : 0x523aa7c4
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000000d097
ID du processus défaillant : 0x50
Heure de début de l’application défaillante : 0xLogonUI.exe0
Chemin d’accès de l’application défaillante : LogonUI.exe1
Chemin d’accès du module défaillant: LogonUI.exe2
ID de rapport : LogonUI.exe3
Nom complet du package défaillant : LogonUI.exe4
ID de l’application relative au package défaillant : LogonUI.exe5
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: AUTORITE NT)
Description: Le filtre d’événement avec la requête « select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration' » n’a pas pu être réactivé dans l’espace de noms « //./root » à cause de l’erreur 0x80041033. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root la requête « select * from __TimerEvent » dont la classe cible « __TimerEvent » n’existe pas. La requête sera ignorée.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/CIMV2 la requête « select * from __TimerEvent » dont la classe cible « __TimerEvent » n’existe pas. La requête sera ignorée.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/CIMV2 la requête « select * from __SystemEvent » dont la classe cible « __SystemEvent » n’existe pas. La requête sera ignorée.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root la requête « select * from __SystemEvent » dont la classe cible « __SystemEvent » n’existe pas. La requête sera ignorée.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/subscription la requête « select * from __TimerEvent » dont la classe cible « __TimerEvent » n’existe pas. La requête sera ignorée.
System errors:
=============
Error: (06/08/2015 00:33:49 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:33:47 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:24:48 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:24:46 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:24:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 12:19:38 le 08/06/2015 n’était pas prévu.
Error: (06/08/2015 00:22:23 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:22:20 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:20:00 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:19:58 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:19:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 12:14:23 le 08/06/2015 n’était pas prévu.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 4033.89 MB
Available physical RAM: 2306.82 MB
Total Pagefile: 4865.89 MB
Available Pagefile: 3207.35 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:463.54 GB) (Free:318.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Données) (Fixed) (Total:434.85 GB) (Free:126.78 GB) NTFS
Drive f: (LINUX) (Fixed) (Total:14.63 GB) (Free:14.63 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End of log ============================
Ran by valentin at 2015-06-08 12:35:46
Running from C:\Users\valentin\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-1228946083-175145342-2104422197-500 - Administrator - Disabled)
Invité (S-1-5-21-1228946083-175145342-2104422197-501 - Limited - Disabled)
valentin (S-1-5-21-1228946083-175145342-2104422197-1001 - Administrator - Enabled) => C:\Users\valentin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Reader XI (11.0.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoCAD 2014 - Français (French) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - Français (French) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - Français (French) (HKLM\...\AutoCAD 2014 - Français (French)) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
BlueGriffon version 1.7.2 (HKLM-x32\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 1.7.2 - Disruptive Innovations SAS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon MP210 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Centre Souris et Claviers Microsoft (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Cuisine Délinia 4.2.169 (HKLM-x32\...\Cuisine Délinia_is1) (Version: - Leroy Merlin)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.15.0134 - Fujitsu Technology Solutions)
Dropbox (HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Joomeo Desktop version 1.6.13 (HKLM-x32\...\{BD15DA74-BBE0-45AF-8B86-2EE90DC312E1}_is1) (Version: 1.6.13 - AIRSENS - Joomeo)
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Lapeyre Cuisines 3D (HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\SquareClock_Production_Lapeyre_Kitchen_Web) (Version: - SquareClock SAS)
Logitrace V12 (HKLM-x32\...\{C938308A-B386-48C8-98FE-AD4C56B52F07}) (Version: 12.0.13 - Demlog PROfirst Group)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{9017040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mises à jour NVIDIA 2.4.3.22 (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Pilote graphique 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
Package de pilotes Windows - Suunto Suunto USB Serial Port (08/26/2014 2.12.00) (HKLM\...\EB03F565E6E2AB08DF065DF044C182B3199A9CE8) (Version: 08/26/2014 2.12.00 - Suunto)
Panneau de configuration NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
Placolog (HKLM-x32\...\Placolog_is1) (Version: - Bpb Placo)
Rapport (x32 Version: 3.5.1404.84 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - )
Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\SIUSBXP&10C4&EA61) (Version: - )
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Suunto DM5 (HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\7d5fc44d63ac1d3e) (Version: 1.2.32.5119 - Suunto)
Suunto USB Driver (HKLM\...\SuuntoUSBFTDIVista_is1) (Version: 2.12.00.0 - Suunto Oy)
Trusteer Sécurité des points d'accès (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.84 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WeatherLink 6.0.3 (HKLM-x32\...\{E344C807-7DE0-4CC2-81BB-1F895CF8CBDF}) (Version: 6.0.3 - Davis Instruments Corp.)
WebAcappella4 (HKLM-x32\...\WebAcappella4_is1) (Version: - Intuisphere)
WinRAR 4.00 (32 bits) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Workplace Protect (HKLM\...\{D30E5802-6676-4E65-B1DF-5C2AACC15C59}) (Version: 1.02.0007 - Fujitsu Technology Solutions)
Xvid 1.1.3 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\fr-FR\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1228946083-175145342-2104422197-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\valentin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-05-2015 20:51:45 Windows Update
01-06-2015 13:15:38 Point de contrôle planifié
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 17:25 - 2013-08-22 17:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07168606-8C0B-4E1A-BD35-CDEDA099FFB0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-22] (Microsoft Corporation)
Task: {11F4C540-4B08-46D2-A4CE-397DD3F1805E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {139A12F5-E919-424D-B3D0-005A89CE75EB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {24CF579B-4254-47FB-871D-020EBC0F52B7} - System32\Tasks\Fujitsu\DeskUpdate => C:\Program Files (x86)\Fujitsu\DeskUpdate\ducmd.exe [2013-12-11] (Fujitsu Technology Solutions)
Task: {432C66C1-39B0-473C-B454-E673E1E990EF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {49F1902E-603D-402D-A389-888C6320913A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5C6AB7DD-374B-463D-ADF7-D4F7CA3EB527} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5DF25997-A8AD-4FC4-9E66-24AC072D9F4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {69515E11-4656-47E6-8EDA-7D23B199745C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {6F7CF14D-BAFF-4B8A-B100-0919FCC3C8BB} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {75F6D56E-D93E-47B3-BD77-F64D92CFE4F7} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {76DBDD34-0DA5-4983-B885-0A1C27C06B83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {97C25332-883D-4C15-B594-2994A905A333} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {A91F2736-4815-4C7D-81CA-9045D12674CA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {E6E010E3-FBEE-4A28-B183-E0C0D90BD668} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {F8E58716-1E44-4744-8C71-F5866AC36389} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FDB4503B-E330-4444-87D4-4810396EB4D5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-01-18 05:42 - 2014-11-13 01:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-08 22:50 - 2015-05-08 22:50 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-05-06 09:57 - 2015-05-01 20:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-08 12:34 - 2015-06-08 12:34 - 00043008 _____ () c:\users\valentin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2crwwi.dll
2015-03-05 01:45 - 2015-03-05 01:45 - 00750080 _____ () C:\Users\valentin\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 01:45 - 2015-03-05 01:45 - 00047616 _____ () C:\Users\valentin\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 01:45 - 2015-03-05 01:45 - 00865280 _____ () C:\Users\valentin\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 01:45 - 2015-03-05 01:45 - 00200704 _____ () C:\Users\valentin\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\valentin\Desktop\EXE Liste matériel maison banquier.xlsx:com.dropbox.attributes
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1228946083-175145342-2104422197-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\valentin\AppData\Roaming\Microsoft\Windows Photo Viewer\Papier peint de la Visionneuse de photos Windows.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1228946083-175145342-2104422197-1001\...\StartupApproved\Run: => "uTorrent"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{90097236-9B05-43DA-8078-9304FA5EA1C1}] => (Allow) LPort=50248
FirewallRules: [{15EB4024-DCA2-4CF6-A7AE-DC70F775AB6C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{73AED292-9264-4883-A20A-6CB64B1E4DDC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{69FEE93C-DC81-4F4A-BE7F-9C7FA5683766}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CED5FE11-0132-494A-A924-4728176439E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3C4C3BE7-B74F-40D4-8B37-A75E9B14A134}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5D7AFFF4-3012-41E3-B380-35082B91B87F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9FAB3BCC-39B0-4EAC-9CE4-F692DBEDA594}] => (Allow) C:\Users\valentin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FCAD7978-9009-4CC4-8EFA-947CEDC1A381}] => (Allow) C:\Users\valentin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DC3C74AE-0519-4B0C-8A3B-4939D8067281}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5492EDB3-5B5E-4841-8349-1695549DDA5D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B427651-5732-4A30-9F52-629D59F56654}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85A0AE12-DE52-4157-A0A6-6141063CEAAC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4A085DFC-6635-443E-9345-CA7176F78E80}] => (Allow) C:\Users\valentin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CBC931E6-8CB8-4779-BC3A-5D1EC42D2F40}] => (Allow) C:\Users\valentin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6210982A-7441-4CE0-89A1-73C73D07686B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{46946DB0-6285-476D-B41C-8BFFE5BE9AB1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/08/2015 00:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante GWXUX.exe, version : 6.3.9600.17813, horodatage : 0x554a15f3
Nom du module défaillant : ntdll.dll, version : 6.3.9600.17736, horodatage : 0x550f4336
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003d85e
ID du processus défaillant : 0x1024
Heure de début de l’application défaillante : 0xGWXUX.exe0
Chemin d’accès de l’application défaillante : GWXUX.exe1
Chemin d’accès du module défaillant: GWXUX.exe2
ID de rapport : GWXUX.exe3
Nom complet du package défaillant : GWXUX.exe4
ID de l’application relative au package défaillant : GWXUX.exe5
Error: (06/08/2015 00:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante LogonUI.exe, version : 6.3.9600.17415, horodatage : 0x5450541b
Nom du module défaillant : FWPCredentialProvider.dll, version : 1.2.7.0, horodatage : 0x523aa7c4
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000000d097
ID du processus défaillant : 0x120
Heure de début de l’application défaillante : 0xLogonUI.exe0
Chemin d’accès de l’application défaillante : LogonUI.exe1
Chemin d’accès du module défaillant: LogonUI.exe2
ID de rapport : LogonUI.exe3
Nom complet du package défaillant : LogonUI.exe4
ID de l’application relative au package défaillant : LogonUI.exe5
Error: (06/08/2015 00:15:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante LogonUI.exe, version : 6.3.9600.17415, horodatage : 0x5450541b
Nom du module défaillant : FWPCredentialProvider.dll, version : 1.2.7.0, horodatage : 0x523aa7c4
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000000d097
ID du processus défaillant : 0x1c8
Heure de début de l’application défaillante : 0xLogonUI.exe0
Chemin d’accès de l’application défaillante : LogonUI.exe1
Chemin d’accès du module défaillant: LogonUI.exe2
ID de rapport : LogonUI.exe3
Nom complet du package défaillant : LogonUI.exe4
ID de l’application relative au package défaillant : LogonUI.exe5
Error: (06/08/2015 11:59:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante LogonUI.exe, version : 6.3.9600.17415, horodatage : 0x5450541b
Nom du module défaillant : FWPCredentialProvider.dll, version : 1.2.7.0, horodatage : 0x523aa7c4
Code d’exception : 0xc0000409
Décalage d’erreur : 0x000000000000d097
ID du processus défaillant : 0x50
Heure de début de l’application défaillante : 0xLogonUI.exe0
Chemin d’accès de l’application défaillante : LogonUI.exe1
Chemin d’accès du module défaillant: LogonUI.exe2
ID de rapport : LogonUI.exe3
Nom complet du package défaillant : LogonUI.exe4
ID de l’application relative au package défaillant : LogonUI.exe5
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: AUTORITE NT)
Description: Le filtre d’événement avec la requête « select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration' » n’a pas pu être réactivé dans l’espace de noms « //./root » à cause de l’erreur 0x80041033. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root la requête « select * from __TimerEvent » dont la classe cible « __TimerEvent » n’existe pas. La requête sera ignorée.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/CIMV2 la requête « select * from __TimerEvent » dont la classe cible « __TimerEvent » n’existe pas. La requête sera ignorée.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/CIMV2 la requête « select * from __SystemEvent » dont la classe cible « __SystemEvent » n’existe pas. La requête sera ignorée.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root la requête « select * from __SystemEvent » dont la classe cible « __SystemEvent » n’existe pas. La requête sera ignorée.
Error: (06/08/2015 11:21:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT)
Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/subscription la requête « select * from __TimerEvent » dont la classe cible « __TimerEvent » n’existe pas. La requête sera ignorée.
System errors:
=============
Error: (06/08/2015 00:33:49 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:33:47 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:24:48 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:24:46 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:24:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 12:19:38 le 08/06/2015 n’était pas prévu.
Error: (06/08/2015 00:22:23 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:22:20 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:20:00 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:19:58 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Error: (06/08/2015 00:19:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 12:14:23 le 08/06/2015 n’était pas prévu.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 4033.89 MB
Available physical RAM: 2306.82 MB
Total Pagefile: 4865.89 MB
Available Pagefile: 3207.35 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:463.54 GB) (Free:318.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Données) (Fixed) (Total:434.85 GB) (Free:126.78 GB) NTFS
Drive f: (LINUX) (Fixed) (Total:14.63 GB) (Free:14.63 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End of log ============================