Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 02-10-2019
Exécuté par francois (02-10-2019 14:12:42)
Exécuté depuis C:\Users\francois\Desktop
Windows 10 Pro Version 1903 18362.356 (X64) (2019-09-17 18:11:58)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2721768177-3965386517-1639301863-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2721768177-3965386517-1639301863-503 - Limited - Disabled)
francois (S-1-5-21-2721768177-3965386517-1639301863-1000 - Administrator - Enabled) => C:\Users\francois
HomeGroupUser$ (S-1-5-21-2721768177-3965386517-1639301863-1002 - Limited - Enabled)
Invité (S-1-5-21-2721768177-3965386517-1639301863-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2721768177-3965386517-1639301863-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Afficher le Mode d’emploi (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AOMEI Partition Assistant Standard Edition 7.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CDBurnerXP (HKLM-x32\...\{0F047784-7E23-4A4F-BFA8-8F28978C6A30}) (Version: 4.5.7.6499 - Canneverbe Limited)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Convertisseur M2TS Gratuit 1.0.32 (HKLM-x32\...\{AE1049D2-8255-4ffd-9857-96609689A253}_is1) (Version: 1.0.32 - free-videoconverter)
Diagnostics d'imprimante Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Easy Duplicate Finder 5 (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version: 5.23.0.1068 - WebMinds, Inc.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Free WMA MP3 Converter (HKLM-x32\...\Free WMA MP3 Converter) (Version: - )
Gestionnaire pour appareils Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Inpaint 7.2 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version: - Teorex)
inPixio Photo Clip 9 Demo (HKLM-x32\...\{1F45A8A5-0487-4aa6-A67E-46E103C927AE}) (Version: 9.00 - inPixio)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
LibreOffice 6.2.3.2 (HKLM\...\{31C3855A-DA3A-4FC4-AE9B-1B4ACF89A2C4}) (Version: 6.2.3.2 - The Document Foundation)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professionnel Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mises à jour NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 69.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 69.0.1 (x64 fr)) (Version: 69.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0 - Mozilla)
Panaustik (HKLM-x32\...\{B46CBC00-3B1C-47C5-B47C-F1830502D5A6}_is1) (Version: 5.0.1 - Panaustik)
Panneau de configuration NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PhotoSync (HKLM\...\PhotoSync) (Version: 3.3.1 - touchbyte GmbH)
Pixillion - Convertisseur d'images (HKLM-x32\...\Pixillion) (Version: 2.86 - NCH Software)
RAPID Mode (HKLM\...\{AE75272A-6421-4A65-80F8-31568BCF6E75}) (Version: 1.0.0.101 - Samsung Electronics Co., Ltd.) Hidden
Renee PDF Aide 2019.7.29.83 (HKLM-x32\...\{9282228A-6DE7-4BD6-B314-C41DB8F941FE}_is1) (Version: 2019.7.29.83 - Rene.E Laboratory)
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14/03/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.49.0 - Samsung Electronics Co., Ltd.)
Samsung i-Launcher 1.1.0.57 (HKLM-x32\...\Samsung i-Launcher) (Version: 1.1.0.57 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (15/04/2014) - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Stellar Phoenix Windows Data Recovery - Home (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Home_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
Streaming Video Recorder V4.2.5 (HKLM\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 4.2.5 - Apowersoft)
Unity Web Player (HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24121}) (Version: 24.0.13618 - Corel Corporation)
Packages:
=========
Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation) [MS Ad]
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-10-02] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Studios) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation) [MS Ad]
Pinball FX2 Windows 10 Edition -> C:\Program Files\WindowsApps\ZenStudios.PinballFX2Windows10Edition_1.12.0.0_x86__sqz2yzgfp6bz4 [2019-10-02] (ZEN Studio Kft) [MS Ad]
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-10-02] (Adobe Systems Incorporated)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-10-02] (Samsung Electronics Co. Ltd.)
Solitaire Français -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-09-30] (Random Salad Games LLC) [MS Ad]
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2721768177-3965386517-1639301863-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => C:\WINDOWS\SysWOW64\ISCM64.dll [2015-02-27] () [Fichier non signé]
ContextMenuHandlers1: [SendToExtension] -> {c4e05456-a597-3605-8d2a-a3914e14e8b2} => C:/Program Files/PhotoSync/PhotoSyncSendToExtension.DLL [2018-10-27] () [Fichier non signé]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malware-bytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SendToExtension] -> {c4e05456-a597-3605-8d2a-a3914e14e8b2} => C:/Program Files/PhotoSync/PhotoSyncSendToExtension.DLL [2018-10-27] () [Fichier non signé]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malware-bytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Modules chargés (Avec liste blanche) ==============
2016-07-06 18:37 - 2014-05-19 17:19 - 000137728 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2016-07-06 18:37 - 2014-10-31 16:40 - 001498112 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2016-07-06 18:37 - 2014-10-31 16:41 - 000708608 _____ (Wondershare) [Fichier non signé] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\...\localhost -> localhost
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-10-29 09:18 - 2019-01-04 10:57 - 000000028 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-01-01 11:34 - 2018-01-01 11:34 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.
HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\...\StartupApproved\Run: => "OneDrive"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{6ED3DF13-5AB7-4B8B-9C13-014896DC4E00}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{908D7E93-85B6-4EA7-8E01-38A633BA51C6}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{B89CD0BD-46AE-47C7-80CA-76DCEC1F8F1A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{B9DFCC93-3ABF-40AE-AAE5-B88202E19038}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F761BB80-4836-4038-B766-4D41AD1C5767}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8A814D9B-FF7E-4CBB-8C24-9EC8D031695C}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E171D389-3FD0-44CB-92F6-4031CD10A44C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{82551F50-011A-4CF0-909B-BB4CBA725363}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3A02D9CC-F540-4A9F-AD14-E4BE56ABA38B}] => (Allow) LPort=35722
FirewallRules: [{10F8434B-70B6-4A92-94E9-28FB237A89D5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3652670C-406C-47CB-94C2-FC85A92E7E46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E375442C-6789-4AC4-9B43-F196AD1ADA5B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3A2B8922-D386-413D-BA17-860291B61621}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{51B09E26-207D-4D79-AF57-810A6C39DA41}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7E410EB3-7943-48E4-B8AE-02FDA51882C6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{4F50FBA4-4CBB-4C27-BD82-9C45BE96B853}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5E39D684-7041-449F-8ACC-B0B0EFB303A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe Pas de fichier
FirewallRules: [{0C87EEDC-62BC-4B64-87C1-0448F43003FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe Pas de fichier
FirewallRules: [UDP Query User{E6A52FB8-49E0-42F0-99C3-78EBBA730134}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe Pas de fichier
FirewallRules: [TCP Query User{5473838E-4785-426B-8A3A-AF95AC0A40AA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe Pas de fichier
FirewallRules: [UDP Query User{05A6B798-DC28-4BCF-BC9A-2919CC145962}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4FFCAD74-8C84-47FC-8E6D-5F815C48DA0C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B94A10C-0D48-4EFE-B1CA-A734A1796A27}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll (UNIFUNTECH CORPORATION LIMITED -> )
FirewallRules: [{DD3B1257-FAB4-4EF5-9149-D032C26E34AA}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll (UNIFUNTECH CORPORATION LIMITED -> )
FirewallRules: [{1F236095-8AD8-4D82-A51A-784C19F6F621}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\StreamingVideoRecorder.exe (UNIFUNTECH CORPORATION LIMITED -> dotnetVM)
FirewallRules: [{4AB007D5-3421-4F47-B260-FDD3A6BE38EF}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\Streaming-Video-Recorder.exe (UNIFUNTECH CORPORATION LIMITED -> Apowersoft)
FirewallRules: [{5C325859-BCFF-483D-A7CB-D20CB84E95B0}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{359EAFC7-2BF2-40B7-A674-F7E0847955DA}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E66C682D-256C-4EE0-BEB4-5D485A434B97}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Codecs (Avec liste blanche) ==================
==================== Points de restauration =========================
29-09-2019 11:56:44 Point de contrôle planifié
30-09-2019 09:43:55 Opération de restauration
02-10-2019 08:57:51 Removed Microsoft Office Professionnel Plus 2010
02-10-2019 10:31:25 Opération de restauration
==================== Éléments en erreur du Gestionnaire de périphériques =============
Name: qooq Hands-Free HF
Description: Profile main libre du Microsoft Bluetooth - Rôle main libre
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthHFEnum
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (10/02/2019 02:00:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12256,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/02/2019 01:48:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (640,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/02/2019 11:23:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4348,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/02/2019 10:58:48 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4280,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/02/2019 10:45:48 AM) (Source: Office Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. 0x80070005
14.0.370.400
Error: (10/02/2019 10:45:48 AM) (Source: Office Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. 0x80070005
14.0.370.400
Error: (10/02/2019 10:44:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3400,R,98) SRUJet: L’erreur -1811 (0xfffff8ed) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\SRU\SRU00040.log.
Error: (10/02/2019 10:31:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3724,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (10/02/2019 01:51:13 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:38 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:33 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:25 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:20 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:14 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:09 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:04 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Windows Defender:
===================================
Date: 2019-09-18 01:58:43.212
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:JS/Vdehu.A&threatid=2147731176&enterprise=0
Nom : TrojanDownloader:JS/Vdehu.A
ID : 2147731176
Gravité : Grave
Catégorie : Cheval de Troie téléchargeur
Chemin : file:_C:\Windows\Temp\_avast_\nsfsp000002BB.tmp
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : AUTORITE NT\Système
Nom du processus : C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Version de la veille de sécurité : AV: 1.301.1582.0, AS: 1.301.1582.0, NIS: 1.301.1582.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
CodeIntegrity:
===================================
Date: 2019-10-02 13:42:27.917
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-02 13:42:27.900
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-02 13:42:27.873
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-02 13:41:36.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-02 13:41:36.659
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-02 13:41:36.642
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-02 13:41:36.624
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-02 13:41:36.605
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: Award Software International, Inc. F4 10/13/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-970A-UD3
Processeur: AMD Phenom(tm) II X4 965 Processor
Pourcentage de mémoire utilisée: 64%
Mémoire physique - RAM - totale: 8189.24 MB
Mémoire physique - RAM - disponible: 2867.52 MB
Mémoire virtuelle totale: 16381.24 MB
Mémoire virtuelle disponible: 10739.22 MB
==================== Lecteurs ================================
Drive c: (SAMSUNG SSD 860EVO) (Fixed) (Total:465.24 GB) (Free:167.51 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)]
Drive e: (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive h: (PHOTOS-VIDEOS-MULTIMEDIA) (Fixed) (Total:947.27 GB) (Free:517.23 GB) NTFS
Drive i: (Multimedia dans le PC) (Fixed) (Total:915.65 GB) (Free:201.14 GB) NTFS
\\?\Volume{83ea94e0-0000-0000-0000-b04f74000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 14F8C84D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=947.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=915.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 83EA94E0)
Partition 1: (Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=528 MB) - (Type=27)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== Fin de Addition.txt ============================
Exécuté par francois (02-10-2019 14:12:42)
Exécuté depuis C:\Users\francois\Desktop
Windows 10 Pro Version 1903 18362.356 (X64) (2019-09-17 18:11:58)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2721768177-3965386517-1639301863-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2721768177-3965386517-1639301863-503 - Limited - Disabled)
francois (S-1-5-21-2721768177-3965386517-1639301863-1000 - Administrator - Enabled) => C:\Users\francois
HomeGroupUser$ (S-1-5-21-2721768177-3965386517-1639301863-1002 - Limited - Enabled)
Invité (S-1-5-21-2721768177-3965386517-1639301863-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2721768177-3965386517-1639301863-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Afficher le Mode d’emploi (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AOMEI Partition Assistant Standard Edition 7.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CDBurnerXP (HKLM-x32\...\{0F047784-7E23-4A4F-BFA8-8F28978C6A30}) (Version: 4.5.7.6499 - Canneverbe Limited)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Convertisseur M2TS Gratuit 1.0.32 (HKLM-x32\...\{AE1049D2-8255-4ffd-9857-96609689A253}_is1) (Version: 1.0.32 - free-videoconverter)
Diagnostics d'imprimante Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Easy Duplicate Finder 5 (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version: 5.23.0.1068 - WebMinds, Inc.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Free WMA MP3 Converter (HKLM-x32\...\Free WMA MP3 Converter) (Version: - )
Gestionnaire pour appareils Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Inpaint 7.2 (HKLM\...\{5808866F-D115-46B2-8123-BB6801968101}_is1) (Version: - Teorex)
inPixio Photo Clip 9 Demo (HKLM-x32\...\{1F45A8A5-0487-4aa6-A67E-46E103C927AE}) (Version: 9.00 - inPixio)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
LibreOffice 6.2.3.2 (HKLM\...\{31C3855A-DA3A-4FC4-AE9B-1B4ACF89A2C4}) (Version: 6.2.3.2 - The Document Foundation)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professionnel Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mises à jour NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 69.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 69.0.1 (x64 fr)) (Version: 69.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0 - Mozilla)
Panaustik (HKLM-x32\...\{B46CBC00-3B1C-47C5-B47C-F1830502D5A6}_is1) (Version: 5.0.1 - Panaustik)
Panneau de configuration NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PhotoSync (HKLM\...\PhotoSync) (Version: 3.3.1 - touchbyte GmbH)
Pixillion - Convertisseur d'images (HKLM-x32\...\Pixillion) (Version: 2.86 - NCH Software)
RAPID Mode (HKLM\...\{AE75272A-6421-4A65-80F8-31568BCF6E75}) (Version: 1.0.0.101 - Samsung Electronics Co., Ltd.) Hidden
Renee PDF Aide 2019.7.29.83 (HKLM-x32\...\{9282228A-6DE7-4BD6-B314-C41DB8F941FE}_is1) (Version: 2019.7.29.83 - Rene.E Laboratory)
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14/03/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.49.0 - Samsung Electronics Co., Ltd.)
Samsung i-Launcher 1.1.0.57 (HKLM-x32\...\Samsung i-Launcher) (Version: 1.1.0.57 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (15/04/2014) - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Stellar Phoenix Windows Data Recovery - Home (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Home_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
Streaming Video Recorder V4.2.5 (HKLM\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 4.2.5 - Apowersoft)
Unity Web Player (HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24121}) (Version: 24.0.13618 - Corel Corporation)
Packages:
=========
Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation) [MS Ad]
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-10-02] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Studios) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation) [MS Ad]
Pinball FX2 Windows 10 Edition -> C:\Program Files\WindowsApps\ZenStudios.PinballFX2Windows10Edition_1.12.0.0_x86__sqz2yzgfp6bz4 [2019-10-02] (ZEN Studio Kft) [MS Ad]
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-10-02] (Adobe Systems Incorporated)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-10-02] (Samsung Electronics Co. Ltd.)
Solitaire Français -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-09-30] (Random Salad Games LLC) [MS Ad]
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Corporation)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2721768177-3965386517-1639301863-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => C:\WINDOWS\SysWOW64\ISCM64.dll [2015-02-27] () [Fichier non signé]
ContextMenuHandlers1: [SendToExtension] -> {c4e05456-a597-3605-8d2a-a3914e14e8b2} => C:/Program Files/PhotoSync/PhotoSyncSendToExtension.DLL [2018-10-27] () [Fichier non signé]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malware-bytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SendToExtension] -> {c4e05456-a597-3605-8d2a-a3914e14e8b2} => C:/Program Files/PhotoSync/PhotoSyncSendToExtension.DLL [2018-10-27] () [Fichier non signé]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malware-bytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-09-01] (Corel Corporation -> WinZip Computing)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Modules chargés (Avec liste blanche) ==============
2016-07-06 18:37 - 2014-05-19 17:19 - 000137728 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2016-07-06 18:37 - 2014-10-31 16:40 - 001498112 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2016-07-06 18:37 - 2014-10-31 16:41 - 000708608 _____ (Wondershare) [Fichier non signé] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\...\localhost -> localhost
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-10-29 09:18 - 2019-01-04 10:57 - 000000028 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-01-01 11:34 - 2018-01-01 11:34 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.
HKU\S-1-5-21-2721768177-3965386517-1639301863-1000\...\StartupApproved\Run: => "OneDrive"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{6ED3DF13-5AB7-4B8B-9C13-014896DC4E00}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{908D7E93-85B6-4EA7-8E01-38A633BA51C6}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{B89CD0BD-46AE-47C7-80CA-76DCEC1F8F1A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{B9DFCC93-3ABF-40AE-AAE5-B88202E19038}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F761BB80-4836-4038-B766-4D41AD1C5767}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8A814D9B-FF7E-4CBB-8C24-9EC8D031695C}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E171D389-3FD0-44CB-92F6-4031CD10A44C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{82551F50-011A-4CF0-909B-BB4CBA725363}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3A02D9CC-F540-4A9F-AD14-E4BE56ABA38B}] => (Allow) LPort=35722
FirewallRules: [{10F8434B-70B6-4A92-94E9-28FB237A89D5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3652670C-406C-47CB-94C2-FC85A92E7E46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E375442C-6789-4AC4-9B43-F196AD1ADA5B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3A2B8922-D386-413D-BA17-860291B61621}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{51B09E26-207D-4D79-AF57-810A6C39DA41}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7E410EB3-7943-48E4-B8AE-02FDA51882C6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{4F50FBA4-4CBB-4C27-BD82-9C45BE96B853}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5E39D684-7041-449F-8ACC-B0B0EFB303A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe Pas de fichier
FirewallRules: [{0C87EEDC-62BC-4B64-87C1-0448F43003FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe Pas de fichier
FirewallRules: [UDP Query User{E6A52FB8-49E0-42F0-99C3-78EBBA730134}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe Pas de fichier
FirewallRules: [TCP Query User{5473838E-4785-426B-8A3A-AF95AC0A40AA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe Pas de fichier
FirewallRules: [UDP Query User{05A6B798-DC28-4BCF-BC9A-2919CC145962}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4FFCAD74-8C84-47FC-8E6D-5F815C48DA0C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B94A10C-0D48-4EFE-B1CA-A734A1796A27}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll (UNIFUNTECH CORPORATION LIMITED -> )
FirewallRules: [{DD3B1257-FAB4-4EF5-9149-D032C26E34AA}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll (UNIFUNTECH CORPORATION LIMITED -> )
FirewallRules: [{1F236095-8AD8-4D82-A51A-784C19F6F621}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\StreamingVideoRecorder.exe (UNIFUNTECH CORPORATION LIMITED -> dotnetVM)
FirewallRules: [{4AB007D5-3421-4F47-B260-FDD3A6BE38EF}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\Streaming-Video-Recorder.exe (UNIFUNTECH CORPORATION LIMITED -> Apowersoft)
FirewallRules: [{5C325859-BCFF-483D-A7CB-D20CB84E95B0}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{359EAFC7-2BF2-40B7-A674-F7E0847955DA}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E66C682D-256C-4EE0-BEB4-5D485A434B97}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Codecs (Avec liste blanche) ==================
==================== Points de restauration =========================
29-09-2019 11:56:44 Point de contrôle planifié
30-09-2019 09:43:55 Opération de restauration
02-10-2019 08:57:51 Removed Microsoft Office Professionnel Plus 2010
02-10-2019 10:31:25 Opération de restauration
==================== Éléments en erreur du Gestionnaire de périphériques =============
Name: qooq Hands-Free HF
Description: Profile main libre du Microsoft Bluetooth - Rôle main libre
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthHFEnum
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (10/02/2019 02:00:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12256,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/02/2019 01:48:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (640,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/02/2019 11:23:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4348,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/02/2019 10:58:48 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4280,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/02/2019 10:45:48 AM) (Source: Office Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. 0x80070005
14.0.370.400
Error: (10/02/2019 10:45:48 AM) (Source: Office Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. 0x80070005
14.0.370.400
Error: (10/02/2019 10:44:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3400,R,98) SRUJet: L’erreur -1811 (0xfffff8ed) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\SRU\SRU00040.log.
Error: (10/02/2019 10:31:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3724,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (10/02/2019 01:51:13 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:38 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:33 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:25 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:20 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:14 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:09 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Error: (10/02/2019 01:42:04 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk2\DR2 comporte un bloc défectueux.
Windows Defender:
===================================
Date: 2019-09-18 01:58:43.212
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:JS/Vdehu.A&threatid=2147731176&enterprise=0
Nom : TrojanDownloader:JS/Vdehu.A
ID : 2147731176
Gravité : Grave
Catégorie : Cheval de Troie téléchargeur
Chemin : file:_C:\Windows\Temp\_avast_\nsfsp000002BB.tmp
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : AUTORITE NT\Système
Nom du processus : C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Version de la veille de sécurité : AV: 1.301.1582.0, AS: 1.301.1582.0, NIS: 1.301.1582.0
Version du moteur : AM: 1.1.16300.1, NIS: 1.1.16300.1
CodeIntegrity:
===================================
Date: 2019-10-02 13:42:27.917
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-02 13:42:27.900
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-02 13:42:27.873
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-02 13:41:36.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-02 13:41:36.659
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-02 13:41:36.642
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-02 13:41:36.624
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-02 13:41:36.605
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: Award Software International, Inc. F4 10/13/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-970A-UD3
Processeur: AMD Phenom(tm) II X4 965 Processor
Pourcentage de mémoire utilisée: 64%
Mémoire physique - RAM - totale: 8189.24 MB
Mémoire physique - RAM - disponible: 2867.52 MB
Mémoire virtuelle totale: 16381.24 MB
Mémoire virtuelle disponible: 10739.22 MB
==================== Lecteurs ================================
Drive c: (SAMSUNG SSD 860EVO) (Fixed) (Total:465.24 GB) (Free:167.51 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)]
Drive e: (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive h: (PHOTOS-VIDEOS-MULTIMEDIA) (Fixed) (Total:947.27 GB) (Free:517.23 GB) NTFS
Drive i: (Multimedia dans le PC) (Fixed) (Total:915.65 GB) (Free:201.14 GB) NTFS
\\?\Volume{83ea94e0-0000-0000-0000-b04f74000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 14F8C84D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=947.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=915.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 83EA94E0)
Partition 1: (Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=528 MB) - (Type=27)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== Fin de Addition.txt ============================