Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Exécuté par alain (01-04-2017 11:12:10) Exécuté depuis C:\Users\alain\Desktop Windows 10 Home Version 1607 (X64) (2016-09-30 02:18:38) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-85504849-3845374310-1112023867-500 - Administrator - Disabled) => C:\Users\Administrator alain (S-1-5-21-85504849-3845374310-1112023867-1002 - Administrator - Enabled) => C:\Users\alain DefaultAccount (S-1-5-21-85504849-3845374310-1112023867-503 - Limited - Disabled) Invité (S-1-5-21-85504849-3845374310-1112023867-501 - Limited - Disabled) postgres (S-1-5-21-85504849-3845374310-1112023867-1003 - Limited - Enabled) => C:\Users\postgres ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) 7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.6 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS) ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS) BNC Express 7 (HKLM-x32\...\{198FC702-E83E-4A6B-ADE4-BAC1D82BAB74}) (Version: 07.16.0003 - Trèfle Rouge) BNC Express 7 (HKLM-x32\...\{3D5089A9-32FD-44A1-8EF2-43C561DB017F}) (Version: 07.15.0012 - Trèfle Rouge) BNC Express 7 (HKLM-x32\...\{DDC57FA2-FE23-4BE6-BB27-25E806C77056}) (Version: 07.16.0001 - Trèfle Rouge) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) calibre (HKLM-x32\...\{2C12982F-E11A-40C8-96AF-68424A18BBD0}) (Version: 2.46.0 - Kovid Goyal) Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) e-Carte Bleue Caisse d'Epargne (HKLM-x32\...\{D881F038-D767-45AA-90C1-1E5411A9670A}) (Version: 5.6.0.0 - e-Carte Bleue Caisse d'Epargne) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation) Epson Guide d'utilisation GT-1500 (HKLM-x32\...\GT-1500 Useg) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.00.0000 - SEIKO EPSON Corp.) Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.) Funbridge2 (HKLM-x32\...\Funbridge2) (Version: 2.6.0.0 - Goto.Games) Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Just BASIC v1.01 (HKLM-x32\...\Just BASIC v1.01) (Version: - ) La majeure 5ème gagnante (HKLM-x32\...\La majeure 5ème gagnante_is1) (Version: - Editions Le Bridgeur) Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) Microsoft Access 2000 SR-1 Runtime (HKLM-x32\...\{0018040C-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation) Microsoft Small Basic v1.0 (HKLM-x32\...\{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}) (Version: 1.0.0.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{ece8cb18-c84c-4c1a-a5b5-53e3f1daa15c}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2e7a9943-de7b-4030-8f40-63502f679ace}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio Community 2015 avec mises à jour (HKLM-x32\...\{248fcd1e-5ee1-421d-893f-ec0a94dd7b01}) (Version: 14.0.25420.1 - Microsoft Corporation) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_EXCEL_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_POWERPOINT_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_WORD_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) Mises à jour NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 52.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 fr)) (Version: 52.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla) Mozilla Thunderbird 31.2.0 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 fr)) (Version: 31.2.0 - Mozilla) MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2 - Notepad++ Team) NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation) NVIDIA Pilote graphique 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation) Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software) Panneau de configuration NVIDIA 369.09 (Version: 369.09 - NVIDIA Corporation) Hidden PMU Poker (HKLM-x32\...\PMUPoker) (Version: - PMU) PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version: - PokerStars.fr) PokerStove version 1.23 (HKLM-x32\...\{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1) (Version: - ) PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com) PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - ) PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group) Python 3.5.2 (32-bit) (HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation) Python 3.5.2 Add to Path (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Core Interpreter (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Development Libraries (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Documentation (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Executables (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 pip Bootstrap (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Standard Library (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Tcl/Tk Support (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Test Suite (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python 3.5.2 Utility Scripts (32-bit) (x32 Version: 3.5.2150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39029 - Realtek Semiconductor Corp.) RICOH SP 150SU (HKLM-x32\...\InstallShield_{A011E330-8EC5-4066-AD16-F3EB39AF7803}) (Version: 1.036.00 - Ricoh Co., Ltd.) RICOH SP 150SU (x32 Version: 1.036.00 - Ricoh Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden Samsung SideSync 3.0 (HKLM-x32\...\Samsung SideSync) (Version: 3.0.3.663 - Samsung Electronics Co., Ltd.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.47.0 - SAMSUNG Electronics Co., Ltd.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.) Sublime Text Build 3126 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Nom de votre société) TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Nom de votre société) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Wbridge5 5.1 (HKLM-x32\...\{8374A9F4-1F0B-4839-8E44-DDD92C105711}_is1) (Version: - Yves Costel) WD Quick View (HKLM-x32\...\{3AED0E0A-C327-45E2-A45E-604FEB74D0B5}) (Version: 2.4.11.4 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{498B7057-E8AA-4AF2-B9BF-62EC315E33BB}) (Version: 2.4.11.4 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{9BAC619B-B811-4318-8C27-B11DDF3F1719}) (Version: 1.1.0.2 - Western Digital) WD SmartWare Installer (HKLM-x32\...\{f8b1c3bb-688a-4421-a45e-a22dd15f22ee}) (Version: 2.4.11.4 - Western Digital Technologies, Inc.) Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) Wing IDE 5.1.12-1 (HKLM-x32\...\Wing IDE 5.1_is1) (Version: - ) WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wondershare MobileTrans ( Version 6.0.2 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 6.0.2 - Wondershare) XBasic version 6.2.3 (HKLM-x32\...\XBasic_is1) (Version: 6.2.3 - The XBasic Team) Youtube Downloader HD v. 2.9.9.19 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-85504849-3845374310-1112023867-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {1203724D-1788-4432-98C3-A62E89D483CC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {136B0437-7606-41CD-B422-C11691DCC2D3} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] () Task: {26220C83-9CC9-4051-86AB-1F0A9EEF9B2D} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {295FFFC5-AAFA-4F91-A5B6-29004A2D6A42} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {2B49B16C-F802-470C-BC16-251D73284A8D} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Pas de fichier <==== ATTENTION Task: {2DE34B6B-C8CF-4079-A82E-07367EBCE5AB} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.) Task: {2F937B2F-C2BB-4F64-8771-395109DB5D83} - System32\Tasks\Opera scheduled Autoupdate 1438963508 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe Task: {3FC56F45-2E56-4B0A-AE64-95D8A2F217CD} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {4340855F-E564-4355-9C17-51327300292F} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Pas de fichier <==== ATTENTION Task: {517A005B-A98A-4923-A9B5-4F9253685E33} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {546F1979-0356-42EF-8B8E-5AB42B9AA704} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] () Task: {54948967-EC82-4C50-AFEC-77840D52A2DD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd) Task: {650F7AE8-E503-453C-B183-C6E33A90CF81} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {698610AD-4577-4C5C-A0EA-372B89148F54} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {6FEDB407-7D8E-4FF3-B0D1-FF7118BFC9E0} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2013-01-22] (ASUS) Task: {70FFD70C-6661-469D-9DA8-0D20B5B78AAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-22] (Google Inc.) Task: {888605BB-20B9-4700-B751-999703E5C333} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-18] (Microsoft Corporation) Task: {980ED637-BD7D-4ACB-A1ED-0C28BF08EF02} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {9BE610C8-7705-4A96-801C-81EF39B86949} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Pas de fichier <==== ATTENTION Task: {9CC42318-4C90-472D-8966-6075A4913A16} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {9E8544C4-A1C3-42F8-A059-3F925C0AFEF8} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek) Task: {A02AD1D8-18FE-4680-8C79-74796CB11D75} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\alain\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {A25ABA7C-42F2-456E-A278-1AB7AEFF69FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {A2E06CBA-C3CD-4C60-A4FC-8D1E9C3663E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {AC7E3D6E-AEAC-4457-AC3C-17D13D4F619C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS) Task: {DA543F82-BA43-47D4-BB8B-2D600709DC28} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {DB599D54-612B-44BB-9EFC-22500518533A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION Task: {DBE2B03E-3DD3-4420-A63A-8946DDA4E07B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {E9C89390-C3EE-4462-AE89-2A19FAC33E9C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {F00B71B8-7F03-40EC-AC37-DA779CE08D54} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {F1A53369-D36B-47B5-85F3-0DBB51DA59ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-22] (Google Inc.) Task: {F80B42A6-2A29-41DA-8B11-6C614E5E78B5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {FCADC518-5F08-4EC8-AF6C-289501B09ED2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-03-15 22:09 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-09-30 03:50 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-02-15 21:01 - 2016-02-15 21:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll 2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 2014-08-24 09:49 - 2012-09-21 09:55 - 00217600 _____ () C:\Program Files\PostgreSQL\9.0\bin\LIBPQ.dll 2014-08-24 09:50 - 2012-08-14 14:02 - 02258432 _____ () C:\Program Files\PostgreSQL\9.0\bin\libxml2.dll 2017-03-15 22:09 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-11-02 12:31 - 2016-11-02 12:31 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2009-08-17 11:26 - 2009-08-17 11:26 - 00049152 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll 2009-02-25 16:18 - 2009-02-25 16:18 - 01196032 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\sqlite3.DLL 2017-03-14 11:43 - 2017-03-14 12:18 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-03-14 11:43 - 2017-03-14 12:18 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-03-22 10:55 - 2017-03-24 04:09 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2016-09-30 04:41 - 2016-09-30 04:41 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 22:09 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-15 22:09 - 2017-03-04 08:30 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll 2015-04-14 19:37 - 2015-04-09 02:58 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-04-08 16:51 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\123simsen.com -> www.123simsen.com Il y a 7866 plus de sites. IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-85504849-3845374310-1112023867-1003\...\123simsen.com -> www.123simsen.com Il y a 7866 plus de sites. ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 15:25 - 2017-03-31 12:03 - 00000964 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-85504849-3845374310-1112023867-1002\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-85504849-3845374310-1112023867-1003\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 HKLM\...\StartupApproved\Run: => "ETDCtrl" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "ASUSPRP" HKLM\...\StartupApproved\Run32: => "ASUSWebStorage" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "WSHelperSetup.exe" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "WD Quick View" HKLM\...\StartupApproved\Run32: => "EEventManager" HKLM\...\StartupApproved\Run32: => "FbNotifications" HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_038E71308EF365FDC8513DC6B35277F4" HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\StartupApproved\Run: => "WSHelperSetup.exe" HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\StartupApproved\Run: => "TomTomHOME.exe" HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-85504849-3845374310-1112023867-1002\...\StartupApproved\Run: => "OneDrive" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{2C80AF19-0B6B-46BC-B3ED-8A7D26E1BBDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B40786F6-FCB2-4435-BF92-5B1ACF2B7160}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{55D786A8-754F-42ED-9E9B-EAB1ED722DE9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{873B1E14-608F-48A2-BCE1-C762E467F8EC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900 FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869 FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [TCP Query User{0A76C9F0-5ED7-4773-AA0D-E886E723ACCB}C:\users\alain\desktop\utorrent.exe] => (Allow) C:\users\alain\desktop\utorrent.exe FirewallRules: [UDP Query User{39D2A3EC-8AAA-4B35-9241-931816C2958F}C:\users\alain\desktop\utorrent.exe] => (Allow) C:\users\alain\desktop\utorrent.exe FirewallRules: [{868958F5-B5A6-4B42-9B5E-2F3B1C998780}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{41CD4A89-2D1E-46AA-9362-91662D3D1EF8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7C1DCD65-11B1-43D3-B307-56DA706C03E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{23B8B5C2-0A5E-47AB-A24B-040EEE3941F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{74B736A0-6221-4125-A779-211C9E6888D0}] => (Allow) C:\Program Files (x86)\Samsung\SideSync3\SideSync3.exe FirewallRules: [{AC77C967-8083-4F20-AFC3-4B2ABABE86C1}] => (Allow) C:\Program Files (x86)\Samsung\SideSync3\SideSync3.exe FirewallRules: [{B2403444-E617-4845-94F3-7CE7A1E1ACCF}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{D4A531E2-30E9-4861-B938-81AAB20BF3DF}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{3AA897F1-B631-497F-8E83-28A6D7F215FA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{A681CC2D-7CEE-453A-B885-6C6829C8C5EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{428AB220-4E6B-4F57-8D75-4A7E934922F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{24FD5A3E-9E1C-42AA-BFCB-F5A9EDC88606}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{405B778C-6494-4F2D-8FAC-C3D0AEB4F696}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{46891A66-8E0F-4D12-A3DD-AE731DFCA432}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{210EF199-9287-4155-BA42-E12C7A5C1199}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{DCCE551C-6684-45EB-AD53-4A07FDBA7DBD}C:\users\alain\desktop\utorrent.exe] => (Allow) C:\users\alain\desktop\utorrent.exe FirewallRules: [UDP Query User{CB697F29-D9B2-4C09-A2E7-8949FBB97D9A}C:\users\alain\desktop\utorrent.exe] => (Allow) C:\users\alain\desktop\utorrent.exe FirewallRules: [{E2791E29-4728-4F8E-95DD-CBDDD08B81BD}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{68881948-C234-467A-A9D4-8F48200CAB83}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{8175054E-564F-4A80-973E-B67E90F73A9A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{0C7BCE0D-8981-4E37-8DEF-689DA9EE3401}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{9A9CE531-A01B-4562-9E4E-5894C2DCFC0D}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe FirewallRules: [{1A603CD8-A3C2-421C-8965-34853D58D8E3}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe FirewallRules: [{70497AE3-42D3-43B7-924E-883407180D1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{A4D45FA3-7D88-4057-8D92-D8D30F100E77}] => (Allow) C:\Users\alain\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{562D9AE7-B741-4E8C-AB78-A1DC5EF6F16E}] => (Allow) C:\Users\alain\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{285FDA6A-A1E1-4085-992E-29AAE833835D}] => (Allow) C:\Users\alain\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D8815698-E934-4FBB-A47C-02B30E2578F9}] => (Allow) C:\Users\alain\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{03C3A9A1-0DBD-4101-8E0B-EC0B0811A171}] => (Allow) C:\Users\alain\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C2E9601A-981E-4E97-B3B5-AAACAD0A7BB0}] => (Allow) C:\Users\alain\AppData\Roaming\uTorrent\uTorrent.exe ==================== Points de restauration ========================= 18-03-2017 22:02:26 Windows Update 26-03-2017 14:47:55 Point de contrôle planifié 29-03-2017 16:05:01 Installé BNC Express 7 ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (04/01/2017 11:10:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PORTABLEALAIN) Description: Échec de l’activation de l’application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (04/01/2017 11:10:50 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PORTABLEALAIN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5 Error: (04/01/2017 11:10:50 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PORTABLEALAIN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5 Error: (04/01/2017 11:10:50 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PORTABLEALAIN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5 Error: (04/01/2017 11:10:50 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante HxTsr.exe, version : 16.0.8021.4236, horodatage : 0x58d18f08 Nom du module défaillant : Mso20Imm.dll, version : 16.0.7927.1010, horodatage : 0x58cd49d2 Code d’exception : 0x0071d20d Décalage d’erreur : 0x000000000013343e ID du processus défaillant : 0xc78 Heure de début de l’application défaillante : 0x01d2aac7d8e90928 Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8021.42367.0_x64__8wekyb3d8bbwe\HxTsr.exe Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8021.42367.0_x64__8wekyb3d8bbwe\Mso20Imm.dll ID de rapport : dbca3167-9ad7-4ee6-be0e-41e1a2c16737 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.8021.42367.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/01/2017 11:10:49 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PORTABLEALAIN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5 Error: (04/01/2017 11:10:49 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PORTABLEALAIN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5 Error: (04/01/2017 11:10:49 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PORTABLEALAIN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5 Error: (04/01/2017 11:10:49 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PORTABLEALAIN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5 Error: (04/01/2017 11:10:48 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PORTABLEALAIN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5 Erreurs système: ============= Error: (04/01/2017 09:32:08 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (04/01/2017 09:32:04 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (04/01/2017 12:00:28 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (04/01/2017 12:00:20 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/31/2017 11:49:58 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (03/31/2017 11:49:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/31/2017 07:14:18 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (03/31/2017 07:11:18 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} et l’APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/31/2017 07:11:10 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/31/2017 07:11:10 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. CodeIntegrity: =================================== Date: 2017-04-01 08:35:13.361 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-01 08:35:09.553 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-31 23:44:22.144 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-31 23:44:22.141 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-31 23:38:32.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-31 23:38:32.878 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-31 10:06:32.374 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-31 10:06:28.866 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-31 08:45:56.384 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-31 08:45:56.380 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz Pourcentage de mémoire utilisée: 60% Mémoire physique - RAM - totale: 3973.73 MB Mémoire physique - RAM - disponible: 1569.61 MB Mémoire virtuelle totale: 5381.73 MB Mémoire virtuelle disponible: 1795.76 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:372.17 GB) (Free:225.79 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive d: () (Fixed) (Total:537.8 GB) (Free:408.07 GB) NTFS Drive e: (SOULETROUFFET) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 7BC74CEE) Partition: GPT. ==================== Fin de Addition.txt ============================