Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 02-07-2016 Exécuté par jeremyd (2016-07-02 13:54:35) Exécuté depuis C:\Users\jeremyd\Desktop Windows 8.1 Pro (Update) (X64) (2014-10-01 16:17:29) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-74173962-580494856-2805447538-500 - Administrator - Disabled) Invité (S-1-5-21-74173962-580494856-2805447538-501 - Limited - Disabled) jeremyd (S-1-5-21-74173962-580494856-2805447538-1001 - Administrator - Enabled) => C:\Users\jeremyd ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) ASUS Xonar U3 Audio (HKLM-x32\...\Generic USB 112 Sound) (Version: - ) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden C4500 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dell Unified Wireless Suite (HKLM-x32\...\{6CFE6F33-3D69-4B9C-AA20-FF1F8CB064D5}) (Version: 1.00.0000 - Dell) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) ESET NOD32 Antivirus (HKLM\...\{FAEEEAD9-CD47-4937-B715-B75AE897A0B6}) (Version: 7.0.302.26 - ESET, spol s r. o.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HP Photosmart C4500 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{0EC01D72-4906-42DD-BCC0-AF89EDA7493D}) (Version: 14.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) Les Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 47.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 fr)) (Version: 47.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0 - Mozilla) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden NVIDIA PhysX (HKLM-x32\...\{6833245E-DD86-479A-882A-8360D62C8194}) (Version: 9.09.0720 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PS_AIO_04_C4500_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden Qustodio (HKLM-x32\...\Qustodio) (Version: 180.7.629.0 - Qustodio) Qustodio (x32 Version: 180.7.629.0 - Qustodio) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.2.12.0 - Razer Inc.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0046 - ST Microelectronics) System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC) System Requirements Lab Detection (HKLM-x32\...\{B13DBD81-A3B3-491F-A1AC-4AFC93C2D3BA}) (Version: 6.1.6.0 - Husdawg, LLC) The Sims 4 Update 1.0.797.20 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{DD51BA84-F589-4939-B5FE-5538B3DCC12E}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Wi-Fi Modem (HKLM-x32\...\Wi-Fi Modem) (Version: 1.11.01.314 - Huawei Technologies Co.,Ltd) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-74173962-580494856-2805447538-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-74173962-580494856-2805447538-1001_Classes\CLSID\{93117F05-B133-1960-7B35-7402051061858}\InprocServer32 -> pas de chemin du fichier ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0EED261D-11F9-447A-86C9-F6181E97D462} - System32\Tasks\GoogleUpdateTaskMachineCore1d1d1e46807343b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.) Task: {1B4523B2-A2CA-4AC6-A7A8-45CB84B3C01F} - System32\Tasks\GoogleUpdateTaskMachineUA1d12d2d2754f374 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.) Task: {35736B61-7B84-4B75-A70A-8C36242B6FF0} - System32\Tasks\GoogleUpdateTaskMachineUA1d1aba2396f564a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.) Task: {38905615-A0FC-4F42-A3D6-682C4F713524} - System32\Tasks\GoogleUpdateTaskMachineUA1d15ea75fcef5d6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.) Task: {473FC2CC-3463-4F6D-BDA9-1F43FC910E64} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {5DC2A127-62DC-4131-B73B-334DE37C7A65} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {62175B8D-51FC-4C2E-BDCE-BCC3322C00B1} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 7.0\upgrade.exe [2016-06-29] (ESET) Task: {66483FF3-1235-4523-BBC4-CAEA8764B8BC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {761EF4F2-8AF9-4EE4-88DC-F62D68BA7E38} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {779478B3-70E9-46D4-82BB-D940DBB27E1E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd) Task: {7A97B7F9-C0AC-448D-BABD-200D4E286EBB} - System32\Tasks\GoogleUpdateTaskMachineCore1d1d1e2900f4fe1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.) Task: {AC5B9FB4-5A6C-4399-9EAC-46846F858C64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.) Task: {AD682887-FAFD-4DB0-B9C6-3D22F8C72BFB} - System32\Tasks\{1F9FD0B3-3878-4D4C-8C51-706A5CD9927D} => pcalua.exe -a F:\AutoRun\demo32.exe -d F:\ -c Demo.dbd Task: {BA88ABC1-6967-47CD-A1D3-C9849E0A140B} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe Task: {E26BE50C-337F-467F-BC4F-32D69325FB89} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-18] (Adobe Systems Incorporated) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1d1e2900f4fe1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1d1e46807343b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2013-09-24 07:27 - 2013-09-24 07:27 - 00103040 _____ () C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\ihvs\AthIHVManager.dll 2013-09-24 07:27 - 2013-09-24 07:27 - 00351872 _____ () C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\ihvs\AthIhvWlanVoE.dll 2013-09-24 07:27 - 2013-09-24 07:27 - 00093824 _____ () C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\ihvs\AthSpectralExt.dll 2013-09-24 07:28 - 2013-09-24 07:28 - 00185472 _____ () C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\ihvs\Hotspot20Ext.dll 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2015-08-15 00:33 - 2015-08-15 00:33 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2014-08-14 00:24 - 2015-03-20 17:18 - 00391784 _____ () C:\Windows\system32\igfxTray.exe 2015-01-11 21:38 - 2008-07-11 09:04 - 00200704 ____R () C:\Windows\SysWOW64\HsMgr.exe 2013-09-24 07:26 - 2013-09-24 07:26 - 00016512 _____ () C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\awic\AWiCCust.dll 2016-06-29 10:47 - 2016-06-23 15:26 - 02336584 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libglesv2.dll 2016-06-29 10:47 - 2016-06-23 15:25 - 00107336 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libegl.dll 2015-12-18 18:59 - 2015-12-18 18:59 - 00705024 _____ () C:\Program Files (x86)\Qustodio\qapp\libGLESv2.dll 2015-12-18 18:59 - 2015-12-18 18:59 - 00043008 _____ () C:\Program Files (x86)\Qustodio\qapp\libEGL.dll 2015-12-18 18:59 - 2015-12-18 18:59 - 00864768 _____ () C:\Program Files (x86)\Qustodio\qapp\platforms\qwindows.dll 2015-12-18 18:59 - 2015-12-18 18:59 - 00024576 _____ () C:\Program Files (x86)\Qustodio\qapp\imageformats\qgif.dll 2015-12-18 18:59 - 2015-12-18 18:59 - 00021504 _____ () C:\Program Files (x86)\Qustodio\qapp\imageformats\qico.dll 2015-12-18 18:59 - 2015-12-18 18:59 - 00242688 _____ () C:\Program Files (x86)\Qustodio\qapp\imageformats\qjpeg.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\qwfp => ""="Driver" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-74173962-580494856-2805447538-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jeremyd\Pictures\jiraiya-frog-ninja-hd-wallpaper-1920x1080-anime-picture.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\...\StartupApproved\Run: => "Cm112GX64" HKLM\...\StartupApproved\Run: => "wcct" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "daemontoolslite" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "amd_dc_opt" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "QAppTray" HKLM\...\StartupApproved\Run32: => "InstallerLauncher" HKLM\...\StartupApproved\Run32: => "Cm112GX" HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\StartupApproved\StartupFolder: => "Envoyer à OneNote.lnk" HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk" HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-74173962-580494856-2805447538-1001\...\StartupApproved\Run: => "Between" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{5BF85DC8-FE3B-407A-BD38-F21E53E69AC5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{ECFD0330-8541-4917-A7F1-6EE1E674ECED}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1F8F78F3-F888-4032-9D72-D042A154EAC1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{804D64AF-0C18-4085-9F90-3CD34442F081}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{42C8BBBE-38C0-4800-AE92-CEFC4045AA7B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{43D5F322-EAB1-4BB2-854F-B467867D96C4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{AED8BDD3-63C2-4478-9B55-455352D74865}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{E2E098B6-4CBC-4FD2-8090-306EEE92B754}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{6B4F8D42-8593-4C41-AA42-4A212E0D9395}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{EE02E2F8-CF9C-4098-BF30-B4D9C086A549}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{BBD29B63-9A94-4AAD-BBF6-F3A81F850AB3}] => (Allow) C:\Users\jeremyd\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{30649F7C-66AD-46C5-9434-540E366211AF}] => (Allow) C:\Users\jeremyd\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{87CFB668-F2B5-41A9-8EA4-5C838AC30BF5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{26D5E2EE-8055-46B7-AE9B-544D7C813796}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{C1736CDF-6F4F-4591-87EF-AF18208AE160}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\wcct.exe FirewallRules: [{4852C498-D820-4584-88E2-4A9AE3113204}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\wcct.exe FirewallRules: [{74252C34-2BBC-4BBF-A8AC-975A1D428252}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\spectral\SocketServer.exe FirewallRules: [{7169130A-B0B1-4D6A-8E16-27D6C413C03B}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\spectral\SocketServer.exe FirewallRules: [{C204E608-4E34-4E30-B8F0-0059A4ACC038}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\awic\AWiC.exe FirewallRules: [{5AE39AC5-FEE0-4125-99AB-46A5D68188CC}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\awic\AWiC.exe FirewallRules: [{EDF44DE6-7289-4EDA-A48B-C40C45CC7086}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\awic\AWiCMgr.exe FirewallRules: [{7DCE6592-C143-4C78-BA3F-EBEFDC4E1545}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\awic\AWiCMgr.exe FirewallRules: [{784FE70D-8416-4F24-AE08-1B7C33E2571C}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\ihvs\AWiCDiag.exe FirewallRules: [{15A1FE22-526A-4F13-A8A3-BCE3F9D85BDD}] => (Allow) C:\Program Files (x86)\Dell\Dell Unified Wireless Suite\ihvs\AWiCDiag.exe FirewallRules: [{C9E928AF-925A-47CD-BFC6-3960280BD307}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{7EA7FEF4-70BA-4C61-B57C-E245127FE382}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{4CD7CE1C-AA60-452D-B31C-B71B6F015BCD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{FA98BAB9-47E0-49F8-8AEA-7C0513EE8E17}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{374B0727-FEA1-4974-9A49-B518244C88A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [TCP Query User{31D5BE02-907A-4D17-92C4-32DD965CC8E2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{2C16E536-8E84-4785-9CCC-C14B6FFC1489}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{BA9D33D9-B0DE-41A5-93ED-B09C693A71A3}] => (Allow) LPort=48113 FirewallRules: [{70AC18F9-C872-4A06-AF64-E033B830C411}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{E843A1DB-E6A0-4772-AC76-9CED079C4B56}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{9A415C01-69CF-4FF5-8035-D2F86834707F}] => (Allow) D:\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{A0FF8BC4-80B8-4F97-8C58-927375B49B24}] => (Allow) D:\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{FD2F559B-26FA-498B-86FC-722A951E825E}] => (Allow) D:\SteamLibrary\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe FirewallRules: [{973DCF52-73B2-4A08-86A8-240ADBF1263B}] => (Allow) D:\SteamLibrary\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe FirewallRules: [{ED70A112-7FD4-440A-8E3B-1FF180DB7C56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{237A3866-E855-4C4D-B1D8-9FD3D546A5E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{36C58CB8-3599-4FF5-9DE2-E6C57578BE60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Points de restauration ========================= 15-06-2016 09:39:28 Point de contrôle planifié 25-06-2016 14:10:12 Point de contrôle planifié 29-06-2016 10:24:12 Removed TweetDeck 02-07-2016 13:25:00 ZHPFix Restore System Point ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Contrôleur PCI de communications simplifiées Description: Contrôleur PCI de communications simplifiées Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Contrôleur de bus SM Description: Contrôleur de bus SM Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (07/01/2016 07:46:33 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-74173962-580494856-2805447538-1001}/">. Error: (06/30/2016 07:45:55 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (06/29/2016 11:13:09 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-74173962-580494856-2805447538-1001}/">. Error: (06/29/2016 10:30:50 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-74173962-580494856-2805447538-1001}/">. Error: (06/29/2016 10:08:41 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (06/28/2016 02:26:04 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-74173962-580494856-2805447538-1001}/">. Error: (06/28/2016 09:24:16 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (06/27/2016 11:07:36 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-74173962-580494856-2805447538-1001}/">. Error: (06/27/2016 09:37:12 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (06/27/2016 09:25:58 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-74173962-580494856-2805447538-1001}/">. Erreurs système: ============= Error: (07/02/2016 01:36:40 PM) (Source: DCOM) (EventID: 10016) (User: jeremy) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}jeremyjeremydS-1-5-21-74173962-580494856-2805447538-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/02/2016 01:36:40 PM) (Source: DCOM) (EventID: 10016) (User: jeremy) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}jeremyjeremydS-1-5-21-74173962-580494856-2805447538-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/02/2016 01:36:39 PM) (Source: DCOM) (EventID: 10016) (User: jeremy) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}jeremyjeremydS-1-5-21-74173962-580494856-2805447538-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/02/2016 01:36:38 PM) (Source: DCOM) (EventID: 10016) (User: jeremy) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}jeremyjeremydS-1-5-21-74173962-580494856-2805447538-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/02/2016 12:56:21 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Le Gestionnaire de services de contrôle a essayé d’entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service qengine, mais cette action a échoué en raison de l’erreur suivante : %%1056 = Une instance du service s’exécute déjà. Error: (07/02/2016 12:56:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service qengine s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (07/02/2016 12:55:17 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 12:49:32 le ‎02/‎07/‎2016 n’était pas prévu. Error: (07/02/2016 11:10:41 AM) (Source: DCOM) (EventID: 10010) (User: jeremy) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/02/2016 11:10:11 AM) (Source: DCOM) (EventID: 10010) (User: jeremy) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/02/2016 10:54:57 AM) (Source: DCOM) (EventID: 10010) (User: jeremy) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} CodeIntegrity: =================================== Date: 2015-04-12 20:00:18.009 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-12 20:00:17.299 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-11 20:33:23.917 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\jeremyd\AppData\Local\Temp\{82A4642D-DB33-408C-BF9A-0F6E76B48B3C}\{0DFF25A2-876E-4E5D-B97A-78BD400AE68B}\cmiainfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz Pourcentage de mémoire utilisée: 33% Mémoire physique - RAM - totale: 4001.34 MB Mémoire physique - RAM - disponible: 2680.46 MB Mémoire virtuelle totale: 5345.34 MB Mémoire virtuelle disponible: 3949.11 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:121.17 GB) (Free:47.19 GB) NTFS Drive d: () (Fixed) (Total:97.66 GB) (Free:61.28 GB) NTFS Drive g: () (Fixed) (Total:74.86 GB) (Free:74.73 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 0926024B) Partition: GPT. ==================== Fin de Addition.txt ============================