Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x86) Version: 26-02-2017 Exécuté par MOUSS (27-02-2017 15:03:42) Exécuté depuis C:\Users\MOUSS\Desktop Windows 10 Pro Version 1607 (X86) (2016-12-28 17:08:01) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-797732667-556316737-286250452-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-797732667-556316737-286250452-503 - Limited - Disabled) Invité (S-1-5-21-797732667-556316737-286250452-501 - Limited - Disabled) MOUSS (S-1-5-21-797732667-556316737-286250452-1000 - Administrator - Enabled) => C:\Users\MOUSS titin (S-1-5-21-797732667-556316737-286250452-1001 - Administrator - Enabled) => C:\Users\titin ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-797732667-556316737-286250452-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) AIO_Scan (Version: 130.0.421.000 - Hewlett-Packard) Hidden Avast Antivirus Gratuit (HKLM\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software) Band-in-a-Box 2016 (432) Update (HKLM\...\BB_is1) (Version: - PG Music Inc.) Band-in-a-Box Server (HKLM\...\BBServer_is1) (Version: - PG Music Inc.) BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden C7200 (Version: 140.0.425.000 - Hewlett-Packard) Hidden C7200_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden Canon MP220 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP220_series) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) Copy (Version: 140.0.298.000 - Hewlett-Packard) Hidden CoyoteWT 1.1 (HKLM\...\CoyoteWT_is1) (Version: - Coyote Electronics Inc.) dBpowerAMP Music Converter (HKLM\...\dBpowerAMP Music Converter) (Version: - ) Destinations (Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (Version: 140.0.185.000 - Hewlett-Packard) Hidden Fax (Version: 140.0.307.000 - Hewlett-Packard) Hidden Fitbit Connect (HKLM\...\{4AF50C0D-47D7-4EE4-A312-928F46D240DC}) (Version: 2.0.1.6742 - Fitbit Inc.) Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Chrome (HKU\S-1-5-21-797732667-556316737-286250452-1000\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden GPBaseService2 (Version: 140.0.297.000 - Hewlett-Packard) Hidden Guitar Pro 6 (HKLM\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.) HP Support Solutions Framework (HKLM\...\{B11FEAD6-F19E-473E-A8B1-AE58C058F575}) (Version: 12.5.32.203 - HP Inc.) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (Version: 140.0.297.000 - Hewlett-Packard) Hidden Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) MarketResearch (Version: 140.0.299.000 - Hewlett-Packard) Hidden Microsoft Office Standard Edition 2003 (HKLM\...\{9112040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-797732667-556316737-286250452-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mises à jour NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Network (Version: 140.0.306.000 - Hewlett-Packard) Hidden NVIDIA Pilote 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation) NVIDIA Pilote graphique 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Panneau de configuration NVIDIA 342.01 (Version: 342.01 - NVIDIA Corporation) Hidden PG Music DirectX Plugins 2.0.0.0 (HKLM\...\PG_DX_Plugins_is1) (Version: - PG Music Inc.) PS_AIO_02_ProductContext (Version: 140.0.425.000 - Hewlett-Packard) Hidden PS_AIO_02_Software (Version: 140.0.425.000 - Hewlett-Packard) Hidden PS_AIO_02_Software_Min (Version: 140.0.425.000 - Hewlett-Packard) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.) RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software) SafeZone Stable 3.55.2393.561 (Version: 3.55.2393.561 - Avast Software) Hidden Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden Steinberg WaveLab 5.00a (HKLM\...\Steinberg WaveLab 5.00a) (Version: - ) Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (Version: 140.0.297.000 - Hewlett-Packard) Hidden Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 3.9.25 - Tweaking.com) WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {137A07B9-6317-4E9E-8BA8-11FA1FAF849F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe Task: {13E928AA-1F72-4EF2-A82A-7693146505A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {1E5667F6-3276-44A4-97D2-75BCFB06498D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-02-11] (Google Inc.) Task: {203EDA16-1C4B-484B-A6C9-2671A5A43FC8} - System32\Tasks\HPCeeScheduleForMOUSS => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.) Task: {2176720F-F9C0-42E2-BFAF-0A58D79F3475} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {24C12D19-AA36-467F-BC13-AC9298E454AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {252196BD-1E0E-413F-AB80-B31539046A62} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com) Task: {26B49009-401F-4F4C-8AF1-36ABB295821C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.) Task: {2D4DC438-F66B-483B-904D-A1AD866DF325} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe Task: {317F8819-B49A-4746-9D63-D776BB10C5D0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {374E1837-4E4C-4CD0-85C6-C888D4C963C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-01-09] (HP Inc.) Task: {375038FF-CAD6-402B-A8AF-BEF28EEF2B90} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.) Task: {3C55F279-561E-4215-829C-886B1389EADE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe Task: {443FB4AB-6F16-4DAE-84E1-2D61215239AB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe Task: {55C17CB8-8C9C-4743-A9C2-8E4797AE683E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {5D51E17F-F3CD-408E-808A-DD44AE560D7D} - System32\Tasks\SafeZone scheduled Autoupdate 1482928843 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software) Task: {66B0B79F-BF82-4D53-9DFB-3DC157FC16D1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe Task: {67C6E7C9-D2A4-454D-83B9-6788C0BC310F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe Task: {6F2C02F1-985E-469F-A83F-DC8C54659831} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe Task: {75CB85E3-89CF-4F9B-92D8-CD0F61C81F15} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe Task: {7A3BCA47-D2C2-4E53-8828-0B5F6A7CAA0C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {7F693ECC-C81D-4BE6-B4E5-B21011C9E981} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe Task: {81D0F15B-738A-4C2F-974B-499A6B174981} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software) Task: {853E0769-4292-4092-BCF3-BB9C0F707D40} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe Task: {8E7682DB-1733-4BA2-8325-E88243AAC671} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe Task: {8FADF147-60EB-4095-9F82-194F188DC39C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.) Task: {9B8B7A35-FDBC-4BA9-ACD6-74EE2C4A7D35} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {A67F1B46-4A91-49B5-B3CD-8DE9FF6764EE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {B40B8E3D-102D-44BB-88BE-884BBD8B1504} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe Task: {B4AEF6A9-A731-41E9-96DB-622C8265F65C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-09] (AVAST Software) Task: {B8C078B3-51D9-4E7E-9B7E-FEDC3EF7000A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe Task: {D5F0352F-ACFF-42A0-AAA8-114E3582D256} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {D76EFA30-912F-4762-AE7E-1816F06737EB} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION Task: {D7A955B1-28C7-43AE-AD11-C36B17D55D23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {DAE4B9B4-186C-45D6-A00B-E69A90A36F85} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {DBF00257-FDE9-42B5-AA5B-700998466BE1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe Task: {E2B53882-D1F9-4D07-97C3-C776C4E31FAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {E4916346-4924-470F-A311-E2E921E82AD0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {E574C292-9CB0-42CD-933B-6E93335C62E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {ECB9C739-3F19-4C7C-B57F-7A5E7EBBEDAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-02-11] (Google Inc.) Task: {F8375556-4789-492E-B10D-68556D0E0D75} - System32\Tasks\HPCeeScheduleForMOUSS-PC$ => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.) Task: {F9E7D897-8E9B-4F7D-9300-CA4B50BD25B6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe Task: {FA9795D8-A321-4EB2-BE5E-698AB29BA0A1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe Task: {FD161F89-D9FE-44DD-8737-26065D2CC889} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe Task: {FD8C38F7-AACD-4545-B1DC-50DD3016BDDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForMOUSS-PC$.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForMOUSS.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\{061AD130-07D6-D34D-EFD2-0E8FB4EE0323}.job => ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\MOUSS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic ==================== Modules chargés (Avec liste blanche) ============== 2016-07-16 09:25 - 2016-07-16 09:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-30 15:33 - 2016-12-09 11:11 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-28 17:48 - 2016-11-14 12:00 - 00123448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2016-12-30 15:33 - 2016-12-09 11:11 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-07-16 09:25 - 2016-07-16 09:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-11 12:48 - 2016-12-21 05:42 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-02-09 17:44 - 2017-02-09 17:44 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-12-28 13:35 - 2016-12-28 13:35 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-02-09 17:42 - 2017-02-09 17:42 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-02-09 17:44 - 2017-02-09 17:44 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2014-12-11 17:40 - 2014-12-11 17:40 - 40622592 ____R () D:\APPL INSTALL\FITBIT CONNECT\Fitbit Connect\libcef.dll 2017-02-22 12:58 - 2017-02-22 12:59 - 00064512 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeHost.exe 2017-02-22 12:58 - 2017-02-22 12:59 - 00153088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-02-22 12:58 - 2017-02-22 12:59 - 30889472 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkyWrap.dll 2017-02-06 10:47 - 2017-02-06 10:48 - 01733120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\roottools.dll 2017-02-11 16:56 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-11 16:56 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll 2017-02-25 18:31 - 2017-02-25 18:32 - 07064264 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7920.40507.0_x86__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll 2017-01-11 12:49 - 2016-12-21 05:25 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-11 12:49 - 2016-12-21 05:21 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-12-30 15:32 - 2016-08-06 04:21 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-11 12:49 - 2016-12-21 05:21 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-01-11 12:49 - 2016-12-21 05:22 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-11 12:49 - 2016-12-21 05:24 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-02-14 16:47 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\MOUSS\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2009-07-14 03:04 - 2017-02-26 15:01 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-797732667-556316737-286250452-1000\Control Panel\Desktop\\Wallpaper -> c:\users\mouss\downloads\marie.jpg.jpg DNS Servers: 89.2.0.1 - 89.2.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\Run: => "HP Software Update" HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run: => "WindowsDefender" HKU\S-1-5-21-797732667-556316737-286250452-1000\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-797732667-556316737-286250452-1000\...\StartupApproved\Run: => "OneDrive" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{E1B7E834-D979-42D2-8BF3-453FDFD6A173}] => (Allow) C:\Users\MOUSS\AppData\Roaming\ZHP\ZHPDiag3.exe FirewallRules: [{0B8F638E-67C9-4685-ACFE-8A3915AD8AFF}] => (Allow) C:\Users\MOUSS\AppData\Roaming\ZHP\ZHPDiag3.exe FirewallRules: [{E60D5FBF-69E6-42E8-A08C-A835024E70C3}] => (Allow) C:\Users\MOUSS\AppData\Roaming\ZHP\ZHPDiag3.exe FirewallRules: [{CA3348BB-46C7-4FC1-B784-6F5AF2A3EF4B}] => (Allow) C:\Users\MOUSS\AppData\Roaming\ZHP\ZHPDiag3.exe FirewallRules: [TCP Query User{550EC9D8-FFAE-4384-AD5F-5249E1A24F9D}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{55A4BBB3-21A1-49D4-A6B9-2100C04C5244}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe ==================== Points de restauration ========================= Impossible de lister les points de restauration Vérifiez le service "winmgmt" ou réparez WMI. ==================== Éléments en erreur du Gestionnaire de périphériques ============= Impossible de lister les périphériques. Vérifiez le service "winmgmt" ou réparez WMI. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (02/27/2017 11:44:13 AM) (Source: Windows Search Service) (EventID: 3104) (User: ) Description: Échec de l’énumération de sessions utilisateur en vue de générer des pools de filtre. Détails : (HRESULT : 0x80040210) (0x80040210) Error: (02/27/2017 11:44:13 AM) (Source: Windows Search Service) (EventID: 3104) (User: ) Description: Échec de l’énumération de sessions utilisateur en vue de générer des pools de filtre. Détails : (HRESULT : 0x80040210) (0x80040210) Error: (02/27/2017 11:44:13 AM) (Source: Windows Search Service) (EventID: 3104) (User: ) Description: Échec de l’énumération de sessions utilisateur en vue de générer des pools de filtre. Détails : (HRESULT : 0x80040210) (0x80040210) Error: (02/27/2017 11:03:42 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: MOUSS-PC) Description: microsoft.windows.authhost.a_8wekyb3d8bbwe3 Error: (02/27/2017 11:03:42 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: MOUSS-PC) Description: Microsoft.VCLibs.140.00_8wekyb3d8bbwe3 Error: (02/27/2017 11:03:42 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: MOUSS-PC) Description: Microsoft.VCLibs.120.00_8wekyb3d8bbwe3 Error: (02/27/2017 11:03:42 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: MOUSS-PC) Description: Microsoft.Services.Store.Engagement_8wekyb3d8bbwe3 Error: (02/27/2017 11:03:41 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: MOUSS-PC) Description: Microsoft.NET.Native.Runtime.1.4_8wekyb3d8bbwe3 Error: (02/27/2017 11:03:41 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: MOUSS-PC) Description: Microsoft.NET.Native.Runtime.1.3_8wekyb3d8bbwe3 Error: (02/27/2017 11:03:41 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: MOUSS-PC) Description: Microsoft.NET.Native.Framework.1.3_8wekyb3d8bbwe3 Erreurs système: ============= Error: (02/27/2017 03:03:47 PM) (Source: DCOM) (EventID: 10005) (User: MOUSS-PC) Description: DCOM a reçu l’erreur « 1083 » lors de la tentative de démarrage du service winmgmt avec les arguments « Non disponible » pour exécuter le serveur : {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (02/27/2017 03:03:42 PM) (Source: DCOM) (EventID: 10005) (User: MOUSS-PC) Description: DCOM a reçu l’erreur « 1083 » lors de la tentative de démarrage du service winmgmt avec les arguments « Non disponible » pour exécuter le serveur : {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (02/27/2017 03:03:42 PM) (Source: DCOM) (EventID: 10005) (User: MOUSS-PC) Description: DCOM a reçu l’erreur « 1083 » lors de la tentative de démarrage du service winmgmt avec les arguments « Non disponible » pour exécuter le serveur : {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (02/27/2017 03:03:42 PM) (Source: DCOM) (EventID: 10005) (User: MOUSS-PC) Description: DCOM a reçu l’erreur « 1083 » lors de la tentative de démarrage du service winmgmt avec les arguments « Non disponible » pour exécuter le serveur : {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (02/27/2017 02:57:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Centre de sécurité dépend du service Infrastructure de gestion Windows qui n’a pas pu démarrer en raison de l’erreur : Le programme dans lequel ce service doit s’exécuter n’implémente pas le service. Error: (02/27/2017 02:57:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Centre de sécurité dépend du service Infrastructure de gestion Windows qui n’a pas pu démarrer en raison de l’erreur : Le programme dans lequel ce service doit s’exécuter n’implémente pas le service. Error: (02/27/2017 02:55:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Centre de sécurité dépend du service Infrastructure de gestion Windows qui n’a pas pu démarrer en raison de l’erreur : Le programme dans lequel ce service doit s’exécuter n’implémente pas le service. Error: (02/27/2017 02:55:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Centre de sécurité dépend du service Infrastructure de gestion Windows qui n’a pas pu démarrer en raison de l’erreur : Le programme dans lequel ce service doit s’exécuter n’implémente pas le service. Error: (02/27/2017 02:54:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Centre de sécurité dépend du service Infrastructure de gestion Windows qui n’a pas pu démarrer en raison de l’erreur : Le programme dans lequel ce service doit s’exécuter n’implémente pas le service. Error: (02/27/2017 01:58:23 PM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT) Description: DCOM a reçu l’erreur « 1083 » lors de la tentative de démarrage du service winmgmt avec les arguments « Non disponible » pour exécuter le serveur : {8BC3F05E-D86B-11D0-A075-00C04FB68820} CodeIntegrity: =================================== Date: 2017-02-27 11:22:31.624 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume11\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-26 15:55:09.727 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume11\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-25 19:14:59.630 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume11\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-24 11:55:09.611 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume11\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-23 10:26:06.164 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\APPL INSTALL\UTILITAIRES\WIN OFFICE 20003\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-23 10:26:06.158 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\APPL INSTALL\UTILITAIRES\WIN OFFICE 20003\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-23 10:26:06.146 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\APPL INSTALL\UTILITAIRES\WIN OFFICE 20003\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-22 12:56:26.339 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\APPL INSTALL\UTILITAIRES\WIN OFFICE 20003\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-22 12:56:26.332 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\APPL INSTALL\UTILITAIRES\WIN OFFICE 20003\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-22 12:56:26.270 Description: Code Integrity determined that a process (\Device\HarddiskVolume11\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\APPL INSTALL\UTILITAIRES\WIN OFFICE 20003\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Pentium(R) D CPU 2.80GHz Pourcentage de mémoire utilisée: 58% Mémoire physique - RAM - totale: 3039.36 MB Mémoire physique - RAM - disponible: 1257.26 MB Mémoire virtuelle totale: 6111.36 MB Mémoire virtuelle disponible: 3700.32 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:70.82 GB) (Free:41.73 GB) NTFS Drive d: (APPS) (Fixed) (Total:43.95 GB) (Free:11.09 GB) NTFS Drive e: ( VIDEOS MEDAS) (Fixed) (Total:48.83 GB) (Free:27.34 GB) NTFS Drive f: (Nouveau nom) (Fixed) (Total:113.89 GB) (Free:63.02 GB) NTFS Drive g: (MOUSS) (Fixed) (Total:43.95 GB) (Free:9.18 GB) NTFS Drive h: (MUSIQUE BOULOT) (Fixed) (Total:98.42 GB) (Free:76.1 GB) NTFS Drive j: (BASS ) (Fixed) (Total:48.83 GB) (Free:43.63 GB) NTFS Drive k: () (Fixed) (Total:77.69 GB) (Free:12.62 GB) NTFS Drive l: (Nouveau) (CDROM) (Total:4.16 GB) (Free:0 GB) CDFS Drive n: (MP3) (Fixed) (Total:92.27 GB) (Free:28.91 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: E02AE02A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=77.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=70.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 186.3 GB) (Disk ID: 17DF17DE) Partition 1: (Not Active) - (Size=43.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=43.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=98.4 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 189.9 GB) (Disk ID: 00440043) Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=92.3 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 232.9 GB) (Disk ID: 096362B8) Partition 1: (Not Active) - (Size=113.9 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt ============================