Addition.txt

Document joint : GHjkdA0u1YT_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 08-08-2017
Exécuté par patrick (09-08-2017 10:02:31)
Exécuté depuis C:\Users\patrick\Desktop
Windows 10 Home Version 1703 (X64) (2017-04-17 17:09:37)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

Administrateur (S-1-5-21-117991831-3880302699-1860231628-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-117991831-3880302699-1860231628-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-117991831-3880302699-1860231628-1005 - Limited - Enabled)
Invité (S-1-5-21-117991831-3880302699-1860231628-501 - Limited - Disabled)
patrick (S-1-5-21-117991831-3880302699-1860231628-1002 - Administrator - Enabled) => C:\Users\patrick
pbrie (S-1-5-21-117991831-3880302699-1860231628-1003 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.9.1.24376 - Avira Operations GmbH & Co. KG)
BNC Express 7 (HKLM-x32\...\{02F5B621-D825-4030-9186-3A5EAFD3E5BF}) (Version: 07.16.0008 - Trèfle Rouge)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.223.227 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.850 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG7500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7500_series) (Version: 1.01 - Canon Inc.)
Canon MG7500 series On-screen Manual (HKLM-x32\...\Canon MG7500 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
chartInstall (HKLM-x32\...\{2CF96265-0F15-4645-8440-625BDC5516A2}) (Version: 1.5.6 - MEMSOFT)
CloudBerry Explorer for Amazon S3 5.0.3 (HKLM\...\CloudBerry Explorer for Amazon S3) (Version: 5.0.3 - CloudBerryLab)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.5.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3702 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3625 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3626 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DxO Optics Pro 9 (HKLM\...\{5B2FFCEF-3F02-482D-A0BD-4C450E7A109F}) (Version: 9.5.2 - DxO Labs)
EaseUS Partition Master 11.10 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Enregistrement utilisateur de Canon MG7500 series (HKLM-x32\...\Enregistrement utilisateur de Canon MG7500 series) (Version: - ‭Canon Inc.)
Evernote v. 5.1.1 (HKLM-x32\...\{19ABCFE2-7EED-11E3-B98A-00163E98E7D6}) (Version: 5.1.1.2334 - Evernote Corp.)
Firefox Developer Edition 54.0a2 (x86 fr) (HKLM-x32\...\Firefox Developer Edition 54.0a2 (x86 fr)) (Version: 54.0a2 - Mozilla)
Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 4.71 - Janos Mathe)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{8126E380-F9C6-4317-9CEE-9BBDDAB676E5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.06 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.4.19.3 - HP Inc.)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{B11FEAD6-F19E-473E-A8B1-AE58C058F575}) (Version: 12.7.22.13 - HP Inc.)
HUAWEI HiLink Switch Driver 1.2.0.0 (HKLM-x32\...\HUAWEI HiLink Switch Driver) (Version: 1.2.0.0 - )
InPixio Photo Maximizer Pro (HKLM-x32\...\{33DB8C17-40C9-4629-B6D4-05A4C7E8AA86}) (Version: 1.00.24758 - Avanquest Software)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.06 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.06 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
LeechFTP (HKLM-x32\...\LeechFTP) (Version: - )
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.8229.2103 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mobirise (HKLM-x32\...\Mobirise_is1) (Version: - Mobirise.com)
Mozilla Firefox 53.0.3 (x86 fr) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 fr)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0a2 - Mozilla)
MS Comptes Bancaires 10.0.5 (HKLM-x32\...\MS Comptes Bancaires_is1) (Version: 10.0.5 - MSoft informatique)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2103 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2103 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2103 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Opera Stable 46.0.2597.57 (HKLM-x32\...\Opera 46.0.2597.57) (Version: 46.0.2597.57 - Opera Software)
Oxygène 9.04 (HKLM-x32\...\Oxygène) (Version: 9.04 - Memsoft)
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.0.22.32360 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{F2458BF2-1679-4021-A4DA-01E43C2764AC}) (Version: 5.0.24.33400 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{36ED97CE-5D43-4762-B012-38F5FB436739}) (Version: 5.0.24.33400 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{A4FBFCF3-A3FD-4A76-A504-4945A26054A4}) (Version: 5.0.24.33400 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.3 - pdfforge GmbH)
Photomizer Pro (HKLM-x32\...\{41B5224D-6857-4D8B-0001-C8949A33B608}) (Version: 2.0.14.110 - Engelmann Media GmbH)
RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.7316 - CyberLink Corp.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Spotify (HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Topaz Adjust 5 (64-bit) (HKLM-x32\...\Topaz Adjust 5 (64-bit)) (Version: 5.0.0 - Topaz Labs)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.0.0 - Topaz Labs)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.19 - IDRIX)
VirusKeeper 2017 Ultimate (HKLM-x32\...\VirusKeeper 2017 Ultimate_is1) (Version: 16.0.0 - AxBx)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebFlow (HKLM-x32\...\{33254274-ADAE-417B-B2D6-5AE11A8CFC4F}) (Version: 5.0.38 - WebProof A/S) Hidden
Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth (11/19/2013 12.0.0.9050) (HKLM\...\842F79923C68674AEB21691125DD165B4B2B4ADD) (Version: 11/19/2013 12.0.0.9050 - Broadcom Corporation)
XnViewMP 0.85 (HKLM\...\XnViewMP_is1) (Version: 0.85 - Gougelet Pierre-e)
ZIP Password Recovery Magic v6.1.1.255 (HKLM-x32\...\ZIP Password Recovery Magic_is1) (Version: - Password Recovery Magic Studio Ltd.)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-01-08] (Cyberlink)
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-05-08] (pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-01-08] (Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-25] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {01CA1942-9772-41F8-B089-16E55A98CC1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-06-28] (HP Inc.)
Task: {01F438CF-F68C-46B0-8874-C25929AAEBA6} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_patrick => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2016-01-31] (H.D.S. Hungary)
Task: {19E05F0C-E7A9-4647-93AC-91941001DC35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {19F192B7-F51A-42D8-BAB2-F9DB0BC61497} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-18] (Microsoft Corporation)
Task: {1A41A8B7-CC33-406B-8D01-1B5CC4A1902A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {217484FD-1165-452E-ABCD-56833AB543E1} - System32\Tasks\0ca0035275e11792ef846ff0c55fdfa4 => sc start 0ca0035275e11792ef846ff0c55fdfa4 <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37219804-F796-47A2-9C81-CC7DF7AD7E88} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-07] ()
Task: {3A815211-4D6D-4A66-AB70-FA8740BCD3D2} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.)
Task: {6BE06C3D-9406-4277-897F-E280C2FCDD6B} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2014-02-12] ()
Task: {7D630CC5-3C23-4698-B3A7-EA0088EEDEE4} - System32\Tasks\NetPad => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\NetPad\NetPad.dll",bGyjGyoI <==== ATTENTION
Task: {7EEDC70E-48BD-4AE7-9246-36BBC570CA28} - System32\Tasks\Opera scheduled Autoupdate 1491930336 => C:\Program Files\Opera\launcher.exe [2017-07-18] (Opera Software)
Task: {8BD8D951-71B3-4750-B8A9-4DA4DBC81004} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {8D3C41C4-3F4A-4852-9DAB-B31CA2E5A571} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {95997DD0-10FA-4483-BF88-92B6635F5184} - System32\Tasks\HPCeeScheduleForpatrick => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {9761AE2A-612E-4E3E-8008-E46206332200} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {9BA98D68-5E36-4364-B6C4-A07498F6ED10} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {9F2168C5-8143-47E2-B7C2-7B29B296E771} - System32\Tasks\YCMServiceAgent => c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {C82F3240-70A1-4FCB-8B85-7B21E59FE49B} - \WPD\SqmUpload_S-1-5-21-117991831-3880302699-1860231628-1002 -> Pas de fichier <==== ATTENTION
Task: {C8FEEC23-FCD1-4ED2-B95B-7157640B99DE} - \WPD\SqmUpload_S-1-5-21-117991831-3880302699-1860231628-1001 -> Pas de fichier <==== ATTENTION
Task: {CA3146B3-B950-4186-9645-CFC5E69CCA74} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-18] (Microsoft Corporation)
Task: {CCEF9719-09AE-4BE7-A223-811CEBC87661} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {CE6455F1-B6FF-483B-AC71-48DC30CD6975} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-01] (Microsoft Corporation)
Task: {DBB0EBC2-5931-4766-BCB5-63BDF2C66356} - System32\Tasks\{F8743921-4BFE-4222-B123-31EBB6981651} => rundll32.exe "C:\Users\patrick\AppData\Local\Microsoft\TaskPlay\caches.dat",StaticCache
Task: {E29C5644-6085-4763-AF88-BDE6D2985554} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {F05585E2-DC31-4359-B902-C4CB9365D771} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {F376F1CA-0798-4B1D-A57E-00C269C26AB5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {F76B2C44-A61A-4521-8C8F-05425364D06D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-07] ()
Task: {FAF9A3A0-2AA1-48EC-8179-20C9434C1FF9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForpatrick.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

==================== Modules chargés (Avec liste blanche) ==============

2014-02-07 11:24 - 2014-02-07 11:24 - 002108928 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-02-07 11:21 - 2014-02-07 11:21 - 000035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-02-07 11:21 - 2014-02-07 11:21 - 000021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-02-07 11:21 - 2014-02-07 11:21 - 000055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-02-07 11:40 - 2014-02-07 11:40 - 000368528 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-02-07 11:40 - 2014-02-07 11:40 - 000714128 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2017-05-05 14:36 - 2013-06-28 15:28 - 000084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-08-04 10:53 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 07:11 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-02-07 11:28 - 2014-02-07 11:28 - 000065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2017-05-23 16:49 - 2017-05-23 16:49 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-08-01 08:41 - 2017-08-01 08:41 - 010631168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-08-01 08:41 - 2017-08-01 08:41 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-08-01 08:42 - 2017-08-01 08:42 - 024054272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-08-01 08:42 - 2017-08-01 08:42 - 009161728 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-06-13 08:31 - 2017-06-13 08:31 - 003500456 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000769536 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
2017-06-07 23:03 - 2017-06-07 23:04 - 000017408 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.1434.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
2017-06-07 23:03 - 2017-06-07 23:03 - 015667712 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.1434.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.dll
2017-03-20 07:12 - 2017-03-20 07:12 - 004123032 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.1434.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-07-17 00:51 - 2016-07-17 00:51 - 000291328 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.1434.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-08-09 04:51 - 2017-08-09 04:52 - 013259456 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8400.40745.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-08-09 04:51 - 2017-08-09 04:52 - 001199808 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8400.40745.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-08-01 08:32 - 2017-07-18 06:18 - 089013336 _____ () C:\Program Files\Opera\46.0.2597.57\opera_browser.dll
2017-08-01 08:32 - 2017-07-18 06:18 - 003930712 _____ () C:\Program Files\Opera\46.0.2597.57\libglesv2.dll
2017-08-01 08:32 - 2017-07-18 06:18 - 000100440 _____ () C:\Program Files\Opera\46.0.2597.57\libegl.dll
2017-08-04 11:14 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-08-04 11:14 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-04 11:14 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-04 11:14 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-05-17 17:19 - 2007-10-20 09:00 - 000139264 _____ () C:\Program Files (x86)\AxBx\VirusKeeper 2017 Ultimate\VK_SSCAN.DLL
2017-04-05 17:42 - 2013-08-08 23:25 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-12 11:23 - 2017-08-04 13:02 - 067117168 _____ () C:\Users\patrick\AppData\Roaming\Spotify\libcef.dll
2017-04-12 11:23 - 2017-08-04 13:02 - 002253424 _____ () C:\Users\patrick\AppData\Roaming\Spotify\libglesv2.dll
2017-04-12 11:23 - 2017-08-04 13:02 - 000086640 _____ () C:\Users\patrick\AppData\Roaming\Spotify\libegl.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000156672 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000367104 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000079872 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000856576 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\System_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 000680960 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000105984 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000208384 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\system_malloc_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 057066301 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 000145920 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000081422 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 000769024 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 000918528 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000429056 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000151552 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 000162304 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\z_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:11 - 001787392 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\WRTBridge_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 000119296 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 000947712 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 195090765 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\App.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 000516608 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 001082368 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\iconv_osmeta.dll
2017-06-24 10:10 - 2017-06-24 10:10 - 006681907 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_93.955.37739.0_x86__8xx8rvfyw5nnt\JavaScriptCore_osmeta.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\ProgramData\Temp:31D9EFCC [135]
AlternateDataStreams: C:\Users\patrick\Documents\apshavre48.ppp:SummaryInformation [211]
AlternateDataStreams: C:\Users\patrick\Documents\apshavre48.ppp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)

==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Il y a 7936 plus de sites.

IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\123simsen.com -> www.123simsen.com

Il y a 7936 plus de sites.

==================== Hosts contenu: ==========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2013-08-22 15:25 - 2017-08-08 11:21 - 000454512 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

Il y a 15600 plus de lignes.

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-117991831-3880302699-1860231628-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\patrick\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKU\S-1-5-21-117991831-3880302699-1860231628-1002\...\StartupApproved\Run: => "Avira Phantom VPN"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{1089CE8B-7F13-434C-9640-B115155DC9BE}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [{8147FB2A-1D32-44AC-8F06-74545BD48A56}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [UDP Query User{C76ABC70-3BC1-4564-883C-17D66B38EB50}C:\users\patrick\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrick\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{37F3AC7E-F7C0-467C-8343-7B53ED7FDC75}C:\users\patrick\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrick\appdata\roaming\spotify\spotify.exe
FirewallRules: [{806072EA-A678-4BAE-B637-AC96610E9C10}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1411F3CF-CC26-4482-B7B4-16E57CB5BF56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7A473B30-C75C-401C-A382-E5BAC96B18B5}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{74F3A5F6-58D0-4150-AFCE-B11F7AD8B191}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{3CE77DA3-E6F1-465F-B118-539D8FA33D4B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{377AD2B9-CC98-4A96-98C1-8F51A07D2613}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{8A093445-9B91-4786-9FB8-F8B0871821D7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{286B22E0-4238-46D2-AA4E-C81237ECD8F5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{39624635-DBDA-4F97-BA3E-428A0ABE946C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C44D7C15-E1D2-441E-8FD5-2CD664C4CC13}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{28B68654-1DD5-4C9C-A9B4-2141E9D6CD04}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{D5893833-E08B-4CEE-861D-2A8336B5F6EA}C:\users\patrick\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\patrick\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DAE64F4B-CE82-4C35-8AF8-F64FA9A49ECB}C:\users\patrick\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\patrick\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{766391E2-7650-46B4-9FE6-C155D40993CE}F:\portableapps\wordpressportable\zmws\mysql\bin\mysqld.exe] => (Allow) F:\portableapps\wordpressportable\zmws\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C255E203-F318-48D0-B312-64260B7FAD7E}F:\portableapps\wordpressportable\zmws\mysql\bin\mysqld.exe] => (Allow) F:\portableapps\wordpressportable\zmws\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{90389AEC-DF99-4870-9EC6-E34759E76DD3}F:\portableapps\wordpressportable\zmws\zazouminiwebserver.exe] => (Allow) F:\portableapps\wordpressportable\zmws\zazouminiwebserver.exe
FirewallRules: [UDP Query User{CBBC38D2-0DE1-4525-B546-CCCA650F4EFE}F:\portableapps\wordpressportable\zmws\zazouminiwebserver.exe] => (Allow) F:\portableapps\wordpressportable\zmws\zazouminiwebserver.exe
FirewallRules: [{6BC9D88E-9D80-4E36-B034-E7E8EB761941}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FE9E4AD3-89BE-49B4-BF86-C7A742355AE1}] => (Allow) C:\Program Files\Opera\46.0.2597.39\opera.exe
FirewallRules: [{D0DF7A4D-60D8-48A0-AFC5-F3087B36B8C0}] => (Allow) C:\Program Files\Opera\46.0.2597.57\opera.exe
FirewallRules: [{8D4475A7-0AB1-472E-8AD7-30DB692C4AB1}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{191AAC21-9953-4EE7-ADC0-8B4F41819643}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{B3FD5662-98C3-4069-8B6B-6C95F657F803}] => (Allow) C:\Windows\System32\rundll32.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Points de restauration =========================

01-08-2017 12:11:10 Point de contrôle planifié
04-08-2017 11:52:20 Installé BNC Express 7

==================== Éléments en erreur du Gestionnaire de périphériques =============

==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (08/09/2017 06:20:11 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/09/2017 04:54:26 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDFileScanHelper.exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDFileScanHelper.exe » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/09/2017 04:54:26 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDFileScanLibrary.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDFileScanLibrary.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/09/2017 04:54:26 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDResources.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDResources.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/09/2017 04:54:26 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDEvents.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDEvents.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/09/2017 04:54:26 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDImmunizeLibrary.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDImmunizeLibrary.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/09/2017 04:54:26 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDLicense.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDLicense.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/09/2017 04:54:26 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDLists.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDLists.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/09/2017 04:54:26 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/09/2017 04:54:26 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\Tools.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\Tools.dll » à la ligne 2.
L’élément racine du fichier manifeste doit être assembly.

Erreurs système:
=============
Error: (08/09/2017 09:35:26 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {F3B4E234-7A68-4E43-B813-E4BA55A065F6} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (08/09/2017 09:22:02 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (08/08/2017 12:06:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service AviraPhantomVPN.

Error: (08/08/2017 12:06:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service AppCheckEnv s’est arrêté avec l’erreur :
Le module spécifié est introuvable.

Error: (08/08/2017 12:06:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN n’a pas pu démarrer.

Chemin d’accès du module : C:\WINDOWS\System32\bcmihvsrv64.dll
Code d’erreur : 126

Error: (08/08/2017 12:06:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur :
Cette demande n’est pas prise en charge.

Error: (08/08/2017 12:04:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.

Error: (08/08/2017 12:04:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.

Error: (08/08/2017 12:04:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service PDF Architect 5 Creator s’est terminé de façon inattendue pour la 1ème fois.

Error: (08/08/2017 12:04:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service Microsoft Office « Démarrer en un clic » s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.

CodeIntegrity:
===================================
Date: 2017-08-08 12:07:14.703
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-08 12:07:14.700
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-08 12:04:25.299
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-08 12:04:24.538
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-08 11:25:10.074
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-08 11:25:09.759
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-08 10:53:32.260
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-08 10:53:32.034
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-07 16:12:47.344
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-07 16:12:16.783
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i3-4150T CPU @ 3.00GHz
Pourcentage de mémoire utilisée: 52%
Mémoire physique - RAM - totale: 6034.84 MB
Mémoire physique - RAM - disponible: 2854.19 MB
Mémoire virtuelle totale: 24466.84 MB
Mémoire virtuelle disponible: 19718.06 MB

==================== Lecteurs ================================

Drive c: (Windows) (Fixed) (Total:918.4 GB) (Free:658.12 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (Recovery Image) (Fixed) (Total:11.19 GB) (Free:1.36 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive g: () (Removable) (Total:29.71 GB) (Free:7.61 GB) FAT32

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 850F0A2F)

Partition: GPT.

========================================================
Disk: 1 (Size: 29.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Fin de Addition.txt ============================

Signaler le contenu de ce document