Addition.txt

Document joint : GKhiJehD8wB_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Exécuté par fiers (07-11-2017 09:33:28)
Exécuté depuis C:\Users\fiers\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-24 07:29:46)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

Administrateur (S-1-5-21-3928293324-631842529-1542859486-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3928293324-631842529-1542859486-503 - Limited - Disabled)
fiers (S-1-5-21-3928293324-631842529-1542859486-1001 - Administrator - Enabled) => C:\Users\fiers
Invité (S-1-5-21-3928293324-631842529-1542859486-501 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{9D569A6E-C9DF-490E-93E0-7AFD28D1F9BB}) (Version: 20.23.401.14519 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{9D569A6E-C9DF-490E-93E0-7AFD28D1F9BB}) (Version: 20.23.401.14519 - Alcor Micro Corp.)
Apple Application Support (32 bits) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.11 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.16.0002 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.7 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0049 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.1.19 - ICEpower a/s)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Dashlane (HKU\S-1-5-21-3928293324-631842529-1542859486-1001\...\Dashlane) (Version: 5.0.0.10636 - Dashlane SAS)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
Drive Manager (HKLM-x32\...\{7AE0C124-77B6-4111-8BD1-26D218CE231B}) (Version: 1.0.179 - Clarus, Inc.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
ELAN SPI FingerPrinter (HKLM\...\ElanFP) (Version: 1.5.1.1 - ELAN Microelectronic Corp.)
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP DeskJet 3630 series Aide (HKLM-x32\...\{08F5B0C6-D24D-4327-BA56-F8E00C1A6878}) (Version: 35.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{6401399A-F5DA-4C04-87AA-E8107DF00751}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{63BCC696-0FB4-4E9C-8144-2DA4F248FC17}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Photosmart Plus B210 series Aide (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
iTunes (HKLM\...\{27F29B96-1914-4F48-BD76-07E98D7832C6}) (Version: 12.7.1.14 - Apple Inc.)
Logiciel de base du périphérique HP DeskJet 3630 series (HKLM\...\{A571C4EB-3B62-4CA2-A2B3-ADB55387339B}) (Version: 40.11.1107.1739 - HP Inc.)
Logiciel de base du périphérique HP Photosmart Plus B210 series (HKLM\...\{21E7471C-0D69-4292-82E7-79CD22C6EE83}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)
Malwarebytes version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.8625.2121 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3928293324-631842529-1542859486-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Python 3.5.2 (64-bit) (HKU\S-1-5-21-3928293324-631842529-1542859486-1001\...\{d46281ac-f66b-4246-8cfe-34f61512982f}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 Core Interpreter (64-bit) (HKLM\...\{E151A5E4-D373-4388-82FB-0C9F5F6CFB76}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (64-bit) (HKLM\...\{5397E020-59CB-43BF-A0FE-32B26DE98187}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (64-bit) (HKLM\...\{911FCD3E-A42F-472C-983A-0518799BFE7D}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (64-bit) (HKLM\...\{24C31CC2-A8F2-417E-A61B-5E682D39893B}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (64-bit) (HKLM\...\{A74E3253-CB6C-4214-8964-FFCEB37DB5D8}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (64-bit) (HKLM\...\{976C50E6-00DF-40A6-9E59-70A4F3EF4E32}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (64-bit) (HKLM\...\{A4B31C78-C884-4B36-BDE4-FBAD3A2A1C7E}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (64-bit) (HKLM\...\{7BA8A393-A7EB-4529-8A63-D7A4502C0D24}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (64-bit) (HKLM\...\{E5642976-7F8E-41C1-A249-419B809CA2A8}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7898 - Realtek Semiconductor Corp.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
TotalRecovery Pro (HKLM-x32\...\TotalRecovery) (Version: 10.0.11.2 - FarStone Inc.)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.1.1.8 - WildTangent)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (06/03/2016 11.0.0.11) (HKLM\...\0B4533347E894EFA3F8DC5D4B35CF2D1B1BF756F) (Version: 06/03/2016 11.0.0.11 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3928293324-631842529-1542859486-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F5ACC53A5560}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3928293324-631842529-1542859486-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-15] (AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-15] (AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-10] (Foxit Software Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-15] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b228b799720b403b\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-15] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {013F5349-1354-4181-A930-3CC61F6AB5BB} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {05EE8052-D4F4-41B6-8E4C-9FC94D4BB8E7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-30] ()
Task: {1220F8B9-C950-4FD9-A349-6B2921504875} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-15] (AVAST Software)
Task: {14FA22E8-76DA-466F-87C0-25F0DDA0E776} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-02-23] (ASUSTek Computer Inc.)
Task: {17CA71CE-94EA-4FE3-9011-DF631ABA746F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation)
Task: {41A5BA2B-18F7-4995-A74E-70DA14D0499E} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-08-05] (Realtek Semiconductor)
Task: {4C52237A-71B3-4A40-BFBF-22CF99EBEDD2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {4F7AD0A1-1AE3-4BB3-815C-DC7BA63E996A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {6430CC72-EBF8-4F8C-AF87-2CCE1878ED23} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-01-19] (ASUSTek Computer Inc.)
Task: {6DCDD24F-9C02-451A-9B12-97DA636E038D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation)
Task: {8822C151-3202-4899-8850-1B76DCF649DB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {8FC06C10-B6D1-41F3-A260-A60978ACF2A3} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {93CC7F24-CF3C-41B9-AE72-B73FEF1CD04E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-10-19] (Apple Inc.)
Task: {9D7B4D9B-9145-4557-BC6F-FB22B187A323} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {A2AB61D5-D872-47C1-967A-EAD1E3C91A7B} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2017-07-03] (ASUSTek Computer Inc)
Task: {A4AC62C1-47F8-41CC-9D7D-6D0C327FFFB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-14] (Google Inc.)
Task: {B1C3A445-ED26-46C6-AD38-0EAC045B9280} - System32\Tasks\DRIVE_MANAGER\Drive_Manager => C:\Program Files (x86)\Clarus\Drive Manager\Drive Manager.exe [2016-05-12] (Clarus, Inc.)
Task: {BDA6D310-F91F-47C6-9E45-5A29CE5DABCA} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {C5360D33-08FD-44E6-BF99-C4C74EC9AA2E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-30] ()
Task: {C676E8AA-EAD0-403F-BD8B-6FAD1FCE1223} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {D961EDD0-F60E-45E6-8266-68583572FD22} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {E30EF100-717A-4288-97CB-5FF5C8FF9366} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-08-05] (Realtek Semiconductor)
Task: {E60F7452-43AB-438D-B496-556FC2421DAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-14] (Google Inc.)
Task: {E805157C-711F-4BF8-AD24-5FDAD36FAB62} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-05-24] (ASUS)
Task: {EA4F0006-745E-4CDB-ABDA-03012EF4C401} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {F4D08F8D-CB55-4304-812E-539A5F45D94E} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2014-08-13 07:30 - 2014-08-13 07:30 - 000073032 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000071024 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
2017-08-21 12:38 - 2017-10-10 16:12 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 06:11 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-20 20:56 - 2017-10-20 20:59 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-20 20:56 - 2017-10-20 20:59 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-20 20:56 - 2017-10-20 20:59 - 025446400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-10-20 20:56 - 2017-10-20 20:59 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-10-20 20:56 - 2017-10-20 20:59 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-10-20 15:22 - 2017-10-20 15:22 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-10-20 15:22 - 2017-10-20 15:22 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2016-08-01 11:35 - 2016-08-01 11:35 - 000017920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
2014-03-25 10:14 - 2014-03-25 10:14 - 000088576 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\zlibwapi.dll
2015-08-18 08:18 - 2015-08-18 08:18 - 000332800 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBCmdDsp.dll
2015-08-18 05:30 - 2015-08-18 05:30 - 000085504 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FlBckpBk.dll
2014-11-25 04:22 - 2014-11-25 04:22 - 000089088 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EfbCheckImg.dll
2015-08-18 05:26 - 2015-08-18 05:26 - 000223232 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskClone.dll
2015-08-18 05:28 - 2015-08-18 05:28 - 000323584 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FlBckpRt.dll
2014-09-22 03:40 - 2014-09-22 03:40 - 000194560 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EFBSearchTool.dll
2015-07-27 06:50 - 2015-07-27 06:50 - 000224256 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskMgr.dll
2015-08-18 06:23 - 2015-08-18 06:23 - 000114176 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\EasyFuncs.dll
2014-09-22 03:40 - 2014-09-22 03:40 - 000022528 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBEventMgr.dll
2015-08-18 08:17 - 2015-08-18 08:17 - 000104448 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\BootConfig.dll
2014-05-21 04:04 - 2014-05-21 04:04 - 000018432 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSToken.dll
2014-03-14 08:04 - 2014-03-14 08:04 - 000012288 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FSFat32.dll
2014-03-14 08:04 - 2014-03-14 08:04 - 000201216 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\NtfsLib.dll
2014-03-14 08:04 - 2014-03-14 08:04 - 000013312 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\VssNew.dll
2014-09-22 03:41 - 2014-09-22 03:41 - 000239104 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\diskpart.dll
2014-11-05 01:44 - 2014-11-05 01:44 - 000017408 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\VDiskConvert.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000194048 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\NetTool.dll
2014-09-04 03:41 - 2014-09-04 03:41 - 000037888 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\RapidClone.dll
2014-08-20 02:23 - 2014-08-20 02:23 - 000075264 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DiskInterface.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000157552 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FtpPipeModule.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000091584 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\TransferManager.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000062832 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\CommonFun.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000054712 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FTPFunModule.dll
2014-03-25 10:14 - 2014-03-25 10:14 - 000617952 _____ () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\XpIcfOpt.dll
2016-05-24 13:44 - 2016-05-24 13:44 - 000027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-05-24 13:44 - 2016-05-24 13:44 - 000125440 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-05-24 13:44 - 2016-05-24 13:44 - 000029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2017-10-15 15:45 - 2017-10-15 15:45 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-15 15:45 - 2017-10-15 15:45 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-07-13 20:02 - 2017-07-13 20:02 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-15 15:45 - 2017-10-15 15:45 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-15 15:45 - 2017-10-15 15:45 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-15 15:44 - 2017-10-15 15:44 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-15 15:45 - 2017-10-15 15:45 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-11-06 17:28 - 2017-11-06 17:28 - 005882552 _____ () C:\Program Files\AVAST Software\Avast\defs\17110602\algo.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:52 - 2017-10-18 23:52 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-12 19:11 - 2017-09-12 19:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-12 19:10 - 2017-09-12 19:10 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-09-12 19:11 - 2017-09-12 19:11 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-12 19:11 - 2017-09-12 19:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-20 01:59 - 2017-09-20 01:59 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-12 19:11 - 2017-09-12 19:11 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-09-12 19:11 - 2017-09-12 19:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-05-16 22:50 - 2016-05-16 22:50 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)

==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

==================== Hosts contenu: ==========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2015-10-30 08:24 - 2017-11-06 23:29 - 000002073 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-3928293324-631842529-1542859486-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{5117CA60-BAD2-4543-970D-15E4DAD7289B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A42989E6-F9F0-4667-87B3-5214B88B4844}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06382539-A3AD-4B5B-9D22-EF8F5E179EBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{902E5518-BC21-4CEC-BA91-C3B5DD6E5D6F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B12C1CAA-3935-4E14-B0A9-D645013F7220}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97471493-F33B-4D83-9779-7816B3A596CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A6D932F2-78BF-45F3-A0C2-1DD9C5341971}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B51601E2-B10D-4327-AE6C-4F475F92CAD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{758D054B-9FA2-42FE-B36D-18B365AD32D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{634305CE-850F-4023-B2C4-058D3151AA93}] => (Allow) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
FirewallRules: [{6EFD2125-D892-4F32-A002-F1B5EAC5E5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CCF2197B-C988-4D1E-A0B5-A7FD98D81058}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{65C43BD7-3896-4965-B841-545E9BFE413C}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS34EE\HPDiagnosticCoreUI.exe
FirewallRules: [{EA0A586E-5F4B-4A60-ABE7-996F65626D4D}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS34EE\HPDiagnosticCoreUI.exe
FirewallRules: [{50E67DDF-893C-49FD-8DE2-56094A4933CD}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS38C2\HPDiagnosticCoreUI.exe
FirewallRules: [{1BCE08D6-54D5-4116-9DA6-4E0E13AEF17E}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS38C2\HPDiagnosticCoreUI.exe
FirewallRules: [{F130A079-5751-4396-BA01-373B26CF8C4A}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS390D\HPDiagnosticCoreUI.exe
FirewallRules: [{957346E4-881C-431E-9B54-0B29BAEFDAE7}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS390D\HPDiagnosticCoreUI.exe
FirewallRules: [{047434B8-411C-4E78-9CC3-1482C7ED3DD5}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS71B9\HPDiagnosticCoreUI.exe
FirewallRules: [{E5533D64-9662-4546-94D0-D72B1860584A}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS71B9\HPDiagnosticCoreUI.exe
FirewallRules: [{E4141F11-517E-41ED-88A7-9F49F35EC3EE}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS0660\HPDiagnosticCoreUI.exe
FirewallRules: [{09D908BD-3466-43F3-8025-AF5FDC7127B3}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS0660\HPDiagnosticCoreUI.exe
FirewallRules: [{F6E5EA71-D93F-41EC-8121-E718EACD670C}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS61E3\HPDiagnosticCoreUI.exe
FirewallRules: [{2773F213-4A3D-4CB0-8F47-85800EAB2D47}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS61E3\HPDiagnosticCoreUI.exe
FirewallRules: [{41CCDCF1-02CD-4639-A7E7-9959E010BCA9}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS00DB\HPDiagnosticCoreUI.exe
FirewallRules: [{B48DFF88-A7D5-47F3-8692-1EB0D9BF2C2C}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS00DB\HPDiagnosticCoreUI.exe
FirewallRules: [{41F4E01A-7757-4781-96EA-1131BD97CA67}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS1191\HPDiagnosticCoreUI.exe
FirewallRules: [{BA9300C9-5BF8-4CF1-B3F7-6D744620AA01}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS1191\HPDiagnosticCoreUI.exe
FirewallRules: [{F9CB26D7-41A9-4345-96D1-A39BB45D8FDD}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS7B77\HPDiagnosticCoreUI.exe
FirewallRules: [{4A64D659-9A98-4148-B475-4339D718C669}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS7B77\HPDiagnosticCoreUI.exe
FirewallRules: [{81B656DD-1019-4526-A8AE-1DA1861CB4FD}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS2057\HPDiagnosticCoreUI.exe
FirewallRules: [{7F8F152C-8947-48E8-A42B-F76400015D58}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS2057\HPDiagnosticCoreUI.exe
FirewallRules: [{6B76A684-FB0A-492D-806C-B7B70C1CCDD7}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS2871\HPDiagnosticCoreUI.exe
FirewallRules: [{FD47684B-7D1A-4B5E-BC2A-03B9CD9213FD}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS2871\HPDiagnosticCoreUI.exe
FirewallRules: [{4ED64C84-A3B5-498A-A7C2-ECE3A58481C6}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{17657854-11B3-4FA0-BA1A-D6F251BE8829}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{12F586FC-0FB9-4F65-8250-0E4F166F1867}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B892379B-5EF4-4A18-B6A3-ABA2C0385CFE}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS6FE0\HP.EasyStart.exe
FirewallRules: [{7EE31F7B-1D1A-4ED9-88E8-B8EA00539D18}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\DeviceSetup.exe
FirewallRules: [{42C1B1E5-075D-4381-98E7-4FAEC4075285}] => (Allow) LPort=5357
FirewallRules: [{50D48BED-2C18-4DFE-ACF2-7D71C4531AF6}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C42AA6DA-F35A-4DD6-B5BE-FA547751D972}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS27E9\HPDiagnosticCoreUI.exe
FirewallRules: [{F6C096F7-8EE3-41E5-BD35-EE53E411D2BC}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS27E9\HPDiagnosticCoreUI.exe
FirewallRules: [{6B4C4689-4765-41DE-BCCE-BD01492C5EE5}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS293D\HPDiagnosticCoreUI.exe
FirewallRules: [{1B095BF4-8E20-47A3-8082-A9449447A3E1}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS293D\HPDiagnosticCoreUI.exe
FirewallRules: [{E1D8D243-A08B-48B7-8760-6FE4C568DE94}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS3BA9\HPDiagnosticCoreUI.exe
FirewallRules: [{188338F1-39F0-448E-A9E4-D33BB89E046F}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS3BA9\HPDiagnosticCoreUI.exe
FirewallRules: [{9E59A1C2-7AC9-4D6E-8DEE-8A79B740980C}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS3C32\HP.EasyStart.exe
FirewallRules: [{04F0A92F-DF9F-40E9-9C94-4C90E29E4097}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS5CBE\HP.EasyStart.exe
FirewallRules: [{5471708B-E31D-4CD5-9FB4-B655C4661EEB}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS5D30\HP.EasyStart.exe
FirewallRules: [{49197591-A9A6-4D8A-B37D-304A6DB966F8}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS5DEE\HP.EasyStart.exe
FirewallRules: [{7B23814C-31A3-4B53-8899-6E617B8328BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{213A4771-AA11-44F5-A41A-3B0A8C280891}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS1D4E\HPDiagnosticCoreUI.exe
FirewallRules: [{3D204D2C-E3B3-4DD7-B70E-5CAF08A8666B}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS1D4E\HPDiagnosticCoreUI.exe
FirewallRules: [{75120722-4BFB-403A-8B86-EC9B5A16EF46}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS1DD7\HPDiagnosticCoreUI.exe
FirewallRules: [{362CCDF1-3190-4CD6-BC4C-243E42CDDA5A}] => (Allow) C:\Users\fiers\AppData\Local\Temp\7zS1DD7\HPDiagnosticCoreUI.exe
FirewallRules: [{6F500073-AE2A-4203-8517-5F196395EAF0}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Points de restauration =========================

14-10-2017 20:54:29 Windows Update
20-10-2017 20:45:27 Windows Update
28-10-2017 14:47:23 Point de contrôle planifié

==================== Éléments en erreur du Gestionnaire de périphériques =============

==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (11/06/2017 09:19:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3094

Error: (11/06/2017 09:19:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3094

Error: (11/06/2017 09:19:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/06/2017 09:19:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2047

Error: (11/06/2017 09:19:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2047

Error: (11/06/2017 09:19:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/06/2017 09:19:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1032

Error: (11/06/2017 09:19:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1032

Error: (11/06/2017 09:19:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/06/2017 09:19:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AppleMobileBackup.exe, version : 17.1645.6.2, horodatage : 0x54dd6d0d
Nom du module défaillant : ntdll.dll, version : 10.0.15063.608, horodatage : 0x802f667e
Code d’exception : 0xc0000374
Décalage d’erreur : 0x000d9aba
ID du processus défaillant : 0xbfc0
Heure de début de l’application défaillante : 0x01d3573c4bc870a9
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : e72f1b6c-34ad-4f5e-a38d-a76f5ff2d63b
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Erreurs système:
=============
Error: (11/07/2017 09:31:04 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/06/2017 11:34:25 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/06/2017 11:34:25 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/06/2017 11:34:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Kingsoft_WPS_UpdateService n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.

Error: (11/06/2017 11:34:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Kingsoft_WPS_UpdateService.

Error: (11/06/2017 11:34:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur :
Cette demande n’est pas prise en charge.

Error: (11/06/2017 11:33:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.

Chemin d’accès du module : C:\WINDOWS\System32\IWMSSvc.dll

Error: (11/06/2017 11:33:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.

Chemin d’accès du module : C:\WINDOWS\System32\IWMSSvc.dll

Error: (11/06/2017 11:33:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.

Chemin d’accès du module : C:\WINDOWS\System32\IWMSSvc.dll

Error: (11/06/2017 11:33:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Microsoft Office Click-to-Run Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.

CodeIntegrity:
===================================
Date: 2017-11-06 23:36:34.196
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-11-06 23:36:34.191
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-28 16:28:17.355
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-28 16:27:44.937
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-28 16:27:44.624
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i5-7Y54 CPU @ 1.20GHz
Pourcentage de mémoire utilisée: 64%
Mémoire physique - RAM - totale: 3943.14 MB
Mémoire physique - RAM - disponible: 1407.23 MB
Mémoire virtuelle totale: 8039.14 MB
Mémoire virtuelle disponible: 4775.7 MB

==================== Lecteurs ================================

Drive c: (OS) (Fixed) (Total:237.72 GB) (Free:162.57 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive e: (FLOWWWWWWW) (Removable) (Total:14.43 GB) (Free:1.24 GB) FAT32

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 9407C62F)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.4 GB) (Disk ID: 7F49F174)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0C)

==================== Fin de Addition.txt ============================

Signaler le contenu de ce document