Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 08-05-2017 Exécuté par scorebut (08-05-2017 20:41:14) Exécuté depuis C:\Users\scorebut\Downloads Windows 10 Pro Version 1607 (X64) (2017-02-24 15:43:37) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Admin123 (S-1-5-21-929253815-3447027436-2019464479-1004 - Administrator - Enabled) => C:\Users\Admin123 Administrateur (S-1-5-21-929253815-3447027436-2019464479-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-929253815-3447027436-2019464479-503 - Limited - Disabled) hiba (S-1-5-21-929253815-3447027436-2019464479-1002 - Limited - Enabled) => C:\Users\hiba Invité (S-1-5-21-929253815-3447027436-2019464479-501 - Limited - Disabled) scorebut (S-1-5-21-929253815-3447027436-2019464479-1001 - Administrator - Enabled) => C:\Users\scorebut scorebut9519 (S-1-5-21-929253815-3447027436-2019464479-1005 - Administrator - Enabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Bitdefender Antivirus (Disabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371} AS: Bitdefender Antispyware (Disabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Pare-feu (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated) Ansel (Version: 382.05 - NVIDIA Corporation) Hidden Apple Application Support (32 bits) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) Applian Director (HKLM-x32\...\Applian Director3.02) (Version: 3.02 - Applian Technologies Inc.) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.24.36 - Bitdefender) Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender) BitTorrent (HKLM-x32\...\BitTorrent) (Version: 6.4.0 - BitTorrent, Inc) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BurnAware Free 10.2 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) Clover V3.3 (HKLM-x32\...\Clover) (Version: 3.3.4.04141 - 易捷科技) CVitae 5 (HKLM-x32\...\{5988C473-7D71-4B59-857B-8DA5C701FBFF}) (Version: 1.0.15 - Semantis) CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.) Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit) DriversCloud.com (64 bits) (HKLM\...\{C514B5EE-C8E6-43C9-AFB9-6C1A7B3429E1}) (Version: 10.0.4.0 - Cybelsoft) Étude pour l'amélioration du produit HP ENVY 5530 series (HKLM\...\{285DF725-BA04-49E6-B25A-1331B4870C42}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) HP ENVY 5530 series Aide (HKLM-x32\...\{E0C083EB-7C0A-4748-A45C-55A4A040446D}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Solutions Framework (HKLM-x32\...\{B11FEAD6-F19E-473E-A8B1-AE58C058F575}) (Version: 12.5.32.203 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.5.0.1051 - Intel Corporation) iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.) Killer Bandwidth Control Filter Driver (Version: 1.1.56.1343 - Rivet Networks) Hidden Killer E220x Drivers (Version: 1.1.56.1343 - Rivet Networks) Hidden Killer Network Manager (Version: 1.1.56.1343 - Rivet Networks) Hidden Killer Performance Suite (HKLM-x32\...\{BBEC6403-B531-4A86-A93C-BAE057E67ED5}) (Version: 1.1.56.1343 - Rivet Networks) Logiciel de base du périphérique HP ENVY 5530 series (HKLM\...\{CEF6164C-1BFD-4215-A750-D78916BC6D1F}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) Logiciel pour périphérique à chipset Intel® (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden ma Livebox (HKLM-x32\...\ma Livebox) (Version: 3.4.8.0 - Orange) Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-929253815-3447027436-2019464479-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-929253815-3447027436-2019464479-1002\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{9EDBA064-0381-3D1F-9096-CD1710366647}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) MiniTool Partition Wizard Professional Edition 9.1 (HKLM-x32\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version: - MiniTool Solution Ltd.) Mises à jour NVIDIA 24.0.0.0 (Version: 24.0.0.0 - NVIDIA Corporation) Hidden Mozilla Firefox 53.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 fr)) (Version: 53.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla) NVIDIA GeForce Experience 3.5.0.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.76 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Pilote graphique 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation) NvNodejs (Version: 3.5.0.76 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Office Tab Enterprise 12.00 (HKLM\...\{DE469D65-1DEB-4058-BF95-C642D733668D}_is1) (Version: 12.00 - Detong Technology Ltd.) Orange update (HKLM-x32\...\OrangeUpdateManager) (Version: 2.3.0.6 - Orange) Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Panneau de configuration NVIDIA 382.05 (Version: 382.05 - NVIDIA Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8073 - Realtek Semiconductor Corp.) Replay Video Capture 8 (HKLM-x32\...\Replay Video Capture 8) (Version: 8.8.3 - Applian Technologies Inc.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.5.0.76 - NVIDIA Corporation) Hidden Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.5.0 - IObit) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden Sound Blaster X-Fi MB3 (HKLM-x32\...\{3689CE39-3173-4952-B7AF-F1A9D6F9A288}) (Version: 1.00.06 - Creative Technology Limited) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) Superb Game Boost 3.1 (HKLM-x32\...\SuperbGameBoost_is1) (Version: 3.1 - ) Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Update for Skype for Business 2016 (KB3178717) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{45503767-F19E-4421-B930-8B0004ACA804}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3178717) 64-Bit Edition (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{45503767-F19E-4421-B930-8B0004ACA804}) (Version: - Microsoft) Viber (HKU\S-1-5-21-929253815-3447027436-2019464479-1002\...\{6e02a71a-b077-4226-9c03-94a515f9df53}) (Version: 6.6.1.3 - Viber Media Inc.) Viber (x32 Version: 6.6.1.3 - Viber Media Inc.) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Wise Disk Cleaner 9.44 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 9.44 - WiseCleaner.com, Inc.) WPS Office (10.2.0.5820) (HKU\S-1-5-21-929253815-3447027436-2019464479-1002\...\Kingsoft Office) (Version: 10.2.0.5820 - Kingsoft Corp.) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0372C5A6-2625-4A44-9240-A78AC4224A3B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2016-12-07] (HP Inc.) Task: {09600E7A-A2F7-493C-8CF4-FE25B4848F0E} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe Task: {0B1D9E96-00CA-4939-9F5C-DA379A62508B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {0E7AC906-9EA4-4ADE-816A-11F7F07121F9} - System32\Tasks\WpsUpdateTask_hiba => C:\Users\hiba\AppData\Local\Kingsoft\WPS Office\10.2.0.5820\wtoolex\wpsupdate.exe [2017-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {130749B8-7A56-4569-9808-68A6B90C0D75} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation) Task: {15838237-9531-4A47-8E27-921D89F9F9E9} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation) Task: {178ADF7C-A105-4289-9A06-A2E4977D9A1C} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Kodak\Document Imaging\kds_i1200\Smart Touch\KSSCFG.exe Task: {1972E5E1-8EEB-4F6B-B381-D1C4A342D6AB} - System32\Tasks\HPCeeScheduleForhiba => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.) Task: {2D398C11-7507-4222-9795-17D53D1795CB} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe Task: {3360B5C5-14BE-4687-8645-D362604EF500} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2017-02-17] (IObit) Task: {39E202D4-9BE2-46F9-B7D2-7BDC44E14A47} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {3A984931-1F71-4F71-91D5-E7C2A5E97875} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit) Task: {3D7AA73D-E01B-48BB-B9DD-3C0B3BAA1B5E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {3DA8D40B-A16E-4551-B413-0C1671E75CB7} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit) Task: {3DB6555D-AF49-497B-9C38-7ED5DF731129} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) Task: {43027724-CE29-41BF-B726-A7103932D447} - System32\Tasks\WpsKtpcntrQingTask_hiba => C:\Users\hiba\AppData\Local\Kingsoft\WPS Office\10.2.0.5820\office6\ktpcntr.exe [2017-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {48E515BF-1BC8-4491-B3E5-B40BB33E8A2F} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe Task: {5CBA5FEB-53E2-4683-ABC6-FC8245946CD0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.) Task: {6FAC43E2-FA2D-4464-BC95-17C90A2CDE4A} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender) Task: {776012AB-975A-418C-9FAB-FC7105A4604C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-26] (Google Inc.) Task: {78521E58-BBE7-497C-95A0-666553DBBE13} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-25] (Bitdefender) Task: {7CC84A4C-6C5C-40C4-99EC-AC1D8B7C61F1} - System32\Tasks\HPCustParticipation HP ENVY 5530 series => C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP) Task: {81924428-6AE7-4B51-855F-C32A0146A12D} - System32\Tasks\SmartDefrag_AutoDefrag => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit) Task: {82BA3059-7D63-45F9-982C-7C9A82F00D26} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-26] (NVIDIA Corporation) Task: {8ECE2FE7-FA20-4601-B22C-965D2ADAB1D2} - System32\Tasks\SuperbGameBoost => C:\Program Files (x86)\SuperBoost\Superb Game Boost\SuperbGameBoostMain.exe [2016-11-28] (SuperBoost Software) Task: {9713CBD2-248D-4B8C-ACC6-C8459EFD9FBA} - System32\Tasks\WpsExternal_hiba_20170324215304 => C:\Users\hiba\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2017-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {98AF9B0B-083F-48F8-B591-60FFDD332E4C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-26] (NVIDIA Corporation) Task: {9EC8DE68-E2FE-4C7F-9C7B-82B4598D5CE2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-26] (NVIDIA Corporation) Task: {AB2F0936-08C3-424F-986F-4361BD056553} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe Task: {AF81E4E3-54C9-46B5-8DD1-88E99AF06EE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {B210346B-6F0E-4A35-9CE4-4B2C80983FE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {B2F04F73-4EE9-4EC6-AB7C-9A52A7412A4C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation) Task: {B8F5770C-E6EB-4718-A12F-EA3CAAE1C347} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {BA12F5D2-4A33-4638-A707-396122CC70C9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation) Task: {C09426E0-9584-4E81-B47B-83985BC6399C} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\Scheduler.exe [2017-03-28] (IObit) Task: {C38386CF-5312-48F3-BBA4-2C7EA095FC47} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2016-12-07] (HP Inc.) Task: {CF5CDAF2-BE8B-4B70-BAAA-563CF3A7D9E8} - System32\Tasks\Driver Booster SkipUAC (scorebut) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit) Task: {D6C81096-9F05-4343-AA81-7B2A2235AEBA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-26] (Google Inc.) Task: {D73922E4-0E85-41AB-9921-7CACA06243A0} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-02-17] (IObit) Task: {D785AD7A-1A43-4FAE-BA6A-DA4572AE9F25} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {DA0A3F4F-66E0-4849-B477-C0C8C46C7E7E} - System32\Tasks\Avira\System Speedup\Delayed Startup\hiba\1 => C:\Program Files (x86)\RedFox\AnyDVD\AnyDVDtray.exe <==== ATTENTION Task: {E3E45D15-0D88-4B1C-A240-04A82C0BCD43} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {E96EEAAE-C97A-457F-8124-00ADF193B755} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.) Task: {F64CDBF8-B27F-4076-AE61-AF44AE6F7732} - System32\Tasks\maLivebox => C:\Program Files (x86)\Orange\ma Livebox\maLivebox.exe [2017-02-07] (Orange) Task: {FC19D9FD-9C20-40E1-BF5E-2BBB8C603163} - \WiseCleaner\WDCSkipUAC -> Pas de fichier <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForhiba.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\WpsExternal_hiba_20170324215304.job => C:\Users\hiba\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe~/wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_hiba.job => C:\Users\hiba\AppData\Local\Kingsoft\WPS Office\10.2.0.5820\office6\ktpcntr.exeÃqing 10.2.0.5820 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads Task: C:\WINDOWS\Tasks\WpsUpdateTask_hiba.job => C:\Users\hiba\AppData\Local\Kingsoft\WPS Office\10.2.0.5820\wtoolex\wpsupdate.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-04-14 18:48 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-04-25 12:01 - 2017-04-25 12:01 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll 2017-03-11 22:47 - 2017-03-11 22:47 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl 2017-03-11 22:47 - 2017-03-11 22:47 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl 2017-03-11 22:47 - 2017-03-11 22:47 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl 2017-03-11 22:47 - 2017-03-11 22:47 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl 2017-04-30 15:11 - 2017-04-26 07:40 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-04-14 18:48 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-31 21:45 - 2016-10-31 21:45 - 00592384 _____ () C:\Users\hiba\AppData\Local\MEGAsync\ShellExtX64.dll 2016-10-31 10:06 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-16 21:28 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-18 14:45 - 2017-03-18 00:08 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll 2017-03-03 20:09 - 2017-03-03 20:09 - 00073728 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2017-05-03 14:35 - 2017-05-03 14:35 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\fr-fr\bdsystray.txtui 2017-05-08 14:57 - 2017-05-08 14:57 - 151923368 _____ () C:\Users\hiba\Desktop\xn1f5jiq.exe 2017-05-08 14:57 - 2017-05-08 14:57 - 02369176 _____ () C:\Users\scorebut\AppData\Local\Temp\AECF3179-44DBDDE8-46D6A802-8D43A53F\LDMrbiUyMPo.exe 2017-05-08 14:57 - 2017-05-08 14:57 - 07495400 _____ () C:\Users\scorebut\AppData\Local\Temp\AECF3179-44DBDDE8-46D6A802-8D43A53F\buoUCWdC2r.exe 2017-05-08 14:57 - 2017-05-08 14:57 - 00705808 _____ () C:\Users\scorebut\AppData\Local\Temp\AECF3179-44DBDDE8-46D6A802-8D43A53F\d5o4Y7lA.exe 2017-05-03 14:35 - 2017-05-03 14:35 - 00022816 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\fr-fr\bdaphconp.txtui 2017-04-25 12:01 - 2017-04-25 12:01 - 00066240 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bddpsp.dll 2017-03-16 21:28 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-16 21:28 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-16 21:28 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-04-14 18:48 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-04-14 18:48 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-04-14 18:48 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-05-03 13:49 - 2017-05-02 03:03 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libglesv2.dll 2017-05-03 13:49 - 2017-05-02 03:03 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libegl.dll 2017-04-21 15:54 - 2017-04-21 15:54 - 00603136 _____ () c:\program files (x86)\clover\cloversvc.dll 2017-04-30 15:11 - 2017-04-26 07:40 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-04-13 10:38 - 2016-04-13 10:38 - 00482304 _____ () C:\Users\hiba\AppData\Local\MEGAsync\libsodium.dll 2017-04-30 15:11 - 2017-04-26 07:03 - 02442360 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-04-30 15:11 - 2017-04-26 07:03 - 00361920 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-04-30 15:11 - 2017-04-26 07:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-04-30 15:11 - 2017-04-26 07:03 - 00384120 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-04-30 15:11 - 2017-04-26 07:03 - 00467392 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-04-30 15:11 - 2017-04-26 07:03 - 00572024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-04-21 15:54 - 2017-04-21 15:54 - 01410560 _____ () C:\Program Files (x86)\Clover\login_ui.dll 2016-10-31 21:43 - 2016-10-31 21:43 - 00564736 _____ () C:\Users\hiba\AppData\Local\MEGAsync\ShellExtX32.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData\TEMP:58A5270D [406] AlternateDataStreams: C:\Users\hiba\Desktop\381.65-desktop-win10-64bit-international-whql.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\7vdpqgl7.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\adwcleaner_6.046.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\biosagentplus_796.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\CleanerSetup.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\DriversCloud_Win.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\Firefox Setup Stub 52.0.2.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\Firefox Setup Stub 53.0.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\Installateur_ma-livebox.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\MediaCreationTool.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\processhacker-2.39-setup.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\RogueKillerX64.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\rufus-2.14p.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\SetupCVitaeV5.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\SetupRST.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\sf-install-web.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\tbh_trial.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\tb_free.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\tdsskiller.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\unetbootin-windows-625.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\VirtualBox-5.1.22-115126-Win.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\xn1f5jiq.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\ZHPCleaner.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\ZHPDiag3.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Desktop\zhpfix_2015.10.19.9.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Downloads\adwcleaner_6.046.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Downloads\mb3-setup-35891.35891-3.0.6.1469-10103.exe:BDU [0] AlternateDataStreams: C:\Users\hiba\Downloads\mbar-1.09.3.1001.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\381.89-desktop-win10-64bit-international-whql.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\CleanerSetup.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\drweb-livedisk-900-usb.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\FRST64.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\MediaCreationTool(1).exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\SetupChipset101142.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\vcredist_x86.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\WDCFree.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\WDRSetup.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\windirstat1_1_2_setup.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\Windows ISO Downloader.exe:BDU [0] AlternateDataStreams: C:\Users\scorebut\Downloads\Winja_2_6084_65441_setup.exe:BDU [0] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68876743.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68876743.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-02-24 17:16 - 2017-05-08 20:26 - 00000954 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 idb.iobit.com 127.0.0.1 asc55.iobit.com 127.0.0.1 is360.iobit.com 127.0.0.1 asc.iobit.com 127.0.0.1 pf.iobit.com ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-929253815-3447027436-2019464479-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-929253815-3447027436-2019464479-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == MSCONFIG\Services: !SASCORE => 2 MSCONFIG\Services: AdobeARMservice => 3 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: CG6Service => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: cplspcon => 3 MSCONFIG\Services: Creative ALchemy AL6 Licensing Service => 3 MSCONFIG\Services: Creative Audio Engine Licensing Service => 3 MSCONFIG\Services: CTAudSvcService => 2 MSCONFIG\Services: Dedicarz Service => 2 MSCONFIG\Services: EaseUS Agent => 2 MSCONFIG\Services: EBC Client => 2 MSCONFIG\Services: Emc.Captiva.WebCaptureService => 2 MSCONFIG\Services: gupdate => 3 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2 MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: igfxCUIService2.0.0.0 => 2 MSCONFIG\Services: IMFservice => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: Killer Service V2 => 2 MSCONFIG\Services: MbaeSvc => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: Orange update Core Service => 2 MSCONFIG\Services: sgbupt => 2 MSCONFIG\Services: SpeedupService => 2 MSCONFIG\Services: ss_conn_service => 2 HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "MBCfg64" HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "Sound Blaster X-Fi MB 3" HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "vmware-tray.exe" HKLM\...\StartupApproved\Run32: => "IAStorIcon" HKU\S-1-5-21-929253815-3447027436-2019464479-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-929253815-3447027436-2019464479-1001\...\StartupApproved\Run: => "DriverEasy" HKU\S-1-5-21-929253815-3447027436-2019464479-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-929253815-3447027436-2019464479-1002\...\StartupApproved\Run: => "OneDrive" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{D9FB8003-EAD6-4433-A251-E52B8589472B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A44692D1-165C-41E7-9158-EEDF1C702645}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{A574C773-8B6F-45FE-B2D3-7DC96B549D8A}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [UDP Query User{A4AB63A8-C5C3-4FC7-8F31-656FEBE17A31}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [{4B09CF1E-4A4B-4C75-9472-B6326EF583BF}] => (Block) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [{162646C5-0D70-43CA-BEE2-E93D056796B9}] => (Block) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [{12429A10-1CEC-4BF8-BD0C-2DF100D14090}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe FirewallRules: [{BDD776D8-650C-4821-A4F1-7F898FD70992}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe FirewallRules: [{A97CC987-0797-40FA-BAAC-66C274DF494D}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe FirewallRules: [{1FC49D95-C1DD-438D-B888-02D5A476DFD6}] => (Allow) LPort=5357 FirewallRules: [{9BA1EEDB-548C-44CF-8DDE-191E12D82E4F}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{F0CFA01E-8B84-4390-B75D-972741A3047F}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{8DE5520F-F38D-434C-AF86-C2FA57F7C463}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{1B3B84C2-3615-4717-AD1F-C90FE3E16F4C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{D71959C8-F379-42C1-B058-7B8557BA6A0D}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{C6A1A17C-8117-40B6-9858-C6996E20BC76}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A51CF0D1-88EE-43D1-B51E-81BE82B502B9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7E8F2829-75E2-4EF2-8FC7-572EB19B0491}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7F3ADA77-5597-4C6E-9415-C226AAF6584C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4CF800E0-28F1-485A-A7BE-D0265EEEB72E}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{23D1F70A-5D7D-423A-B0FC-FDB36067E809}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{B56BD7E7-D675-4079-BB05-794BA49ECFC7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CB72F883-2F82-4BE8-840C-203447FD3632}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe FirewallRules: [{5478C24D-5AEC-49D3-84F6-C3E274378A1D}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe FirewallRules: [{AF52076D-F3DF-4085-8711-7B7502377A95}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\LiveboxManager.exe FirewallRules: [{93E3E702-BE79-4E20-BE08-6427CE1FEAC3}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\LiveboxManager.exe FirewallRules: [{A51B0D14-0824-4EB7-A142-51D2D9525827}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\PluginLivebox.exe FirewallRules: [{3DA515CE-2DD6-4BFA-B4BD-1525AF0CA8FD}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\PluginLivebox.exe FirewallRules: [{AA0029F5-01FF-4DB4-A6BD-44A172B3EE9A}] => (Allow) C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe FirewallRules: [{919B2DD0-92EF-47A5-89F8-DC63021EDDE5}] => (Allow) C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe FirewallRules: [{6C4DD575-1C0E-4522-A5E6-DE1893C66712}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{1E048687-F7CE-4F7E-871C-768AB520D411}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{3850DA68-EE5B-4B47-8C8C-3A928115DC5F}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{14A51398-3A4D-4957-BC74-636AA201D1A9}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{A9308775-54BD-4FCF-8948-D28D6589C0BF}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{B1627021-59AC-4970-B3F1-82FE16E21A23}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{D08C7C2E-20CB-4533-8726-3A1D33A786BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F803EA38-3511-420A-98B8-4F0F26E3CE9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{09951C18-EB91-40D3-9B60-DAEB25992689}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{34235A1D-4657-4D34-B21D-BB406A6EF3F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{56605260-C99B-4447-A313-8682E126ABD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{64E1FB18-6823-4FF0-BCF8-072B4BBE963E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{A3A9DC0F-1709-46EE-8382-D01A14B6C9F8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe FirewallRules: [{FC1B20E7-AB6C-4A6E-B173-E5C05D72B8DB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe FirewallRules: [{5519B2CB-4FDA-43D9-BF24-1ED6FBBAEBFB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe FirewallRules: [{A8A9B84B-B0CC-4901-B771-621DB5779BCB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe FirewallRules: [{45FE29D3-9236-4334-98B0-F424CC383166}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe FirewallRules: [{10ACFFE5-A998-43D1-BDDD-5288A5C5A8E7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe ==================== Points de restauration ========================= 05-05-2017 16:22:19 Windows Update ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (05/08/2017 02:24:55 PM) (Source: CyberGhost 6 Service) (EventID: 0) (User: ) Description: Impossible d'arrêter le service. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet. à CyberGhost.VPNServices.OpenVpn.DisconnectFromVpnServer(Boolean sendDisconnectEvent) dans C:\TeamCity\buildAgent\work\5e751977071a47b0\Projects\CyberGhost\CyberGhost 6\CyberGhost.VPNServices\OpenVPN.cs:ligne 348 à Service.ServiceController.OnStop() dans C:\TeamCity\buildAgent\work\5e751977071a47b0\Projects\CyberGhost\CyberGhost 6\CyberGhost.Service\ServiceController.cs:ligne 170 à System.ServiceProcess.ServiceBase.DeferredStop() Error: (05/08/2017 02:21:33 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: AUTORITE NT) Description: Le filtre d’événement avec la requête « select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration' » n’a pas pu être réactivé dans l’espace de noms « //./root » à cause de l’erreur 0x80041033. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème n’est pas corrigé. Error: (05/08/2017 02:21:33 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/subscription la requête « select * from __TimerEvent » dont la classe cible « __TimerEvent » n’existe pas. La requête sera ignorée. Error: (05/08/2017 02:21:33 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/subscription la requête « select * from __SystemEvent » dont la classe cible « __SystemEvent » n’existe pas. La requête sera ignorée. Error: (05/08/2017 02:21:33 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/subscription la requête « select * from __NamespaceOperationEvent » dont la classe cible « __NamespaceOperationEvent » n’existe pas. La requête sera ignorée. Error: (05/08/2017 02:21:33 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/subscription la requête « select * from __ClassOperationEvent » dont la classe cible « __ClassOperationEvent » n’existe pas. La requête sera ignorée. Error: (05/08/2017 02:21:33 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/CIMV2 la requête « select * from __TimerEvent » dont la classe cible « __TimerEvent » n’existe pas. La requête sera ignorée. Error: (05/08/2017 02:21:33 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root la requête « select * from __TimerEvent » dont la classe cible « __TimerEvent » n’existe pas. La requête sera ignorée. Error: (05/08/2017 02:21:33 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root/CIMV2 la requête « select * from __SystemEvent » dont la classe cible « __SystemEvent » n’existe pas. La requête sera ignorée. Error: (05/08/2017 02:21:33 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements $Core a tenté d’inscrire dans l’espace de noms //./root la requête « select * from __SystemEvent » dont la classe cible « __SystemEvent » n’existe pas. La requête sera ignorée. Erreurs système: ============= Error: (05/08/2017 08:26:47 PM) (Source: TPM) (EventID: 15) (User: ) Description: Le pilote de périphérique du module de plateforme sécurisée (TPM) a rencontré une erreur irrécupérable dans le matériel TPM, susceptible d’empêcher l’utilisation des services TPM (comme le chiffrement de données). Pour obtenir de l’aide, contactez le fabricant de l’ordinateur. Error: (05/08/2017 08:00:06 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (05/08/2017 02:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service VMware NAT Service s’est terminé de façon inattendue pour la 3ème fois. Error: (05/08/2017 02:24:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service VMware NAT Service s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 1000 millisecondes : Redémarrer le service. Error: (05/08/2017 02:24:20 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service VMware Workstation Server s’est arrêté avec l’erreur spécifique au service suivante : %%4294967295 Error: (05/08/2017 02:24:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service VMware NAT Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 1000 millisecondes : Redémarrer le service. Error: (05/08/2017 02:24:07 PM) (Source: VMnetDHCP) (EventID: 2) (User: ) Description: Can't open C:\ProgramData\VMware\vmnetdhcp.conf: Le fichier spécifié est introuvable. / Unknown error 2 (0x2) Error: (05/08/2017 02:24:06 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service WiaRpc s’est arrêté avec l’erreur spécifique au service suivante : Le serveur RPC n’est pas disponible. Error: (05/08/2017 02:24:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service WEPHOSTSVC s’est arrêté avec l’erreur : Une exception s’est produite dans le service lors du traitement de la commande. Error: (05/08/2017 02:23:52 PM) (Source: TPM) (EventID: 15) (User: AUTORITE NT) Description: Le pilote de périphérique du module de plateforme sécurisée (TPM) a rencontré une erreur irrécupérable dans le matériel TPM, susceptible d’empêcher l’utilisation des services TPM (comme le chiffrement de données). Pour obtenir de l’aide, contactez le fabricant de l’ordinateur. CodeIntegrity: =================================== Date: 2017-05-08 14:25:30.489 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-08 14:22:04.917 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-07 18:56:16.394 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-07 17:22:19.824 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-07 11:53:43.667 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-06 21:32:03.874 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-06 14:55:44.818 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-06 14:03:55.326 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-06 10:33:48.050 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-05 22:34:17.442 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mmoire =========================== Processeur: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz Pourcentage de mmoire utilise: 23% Mmoire physique - RAM - totale: 16339.43 MB Mmoire physique - RAM - disponible: 12510.84 MB Mmoire virtuelle totale: 18771.43 MB Mmoire virtuelle disponible: 14205.49 MB ==================== Lecteurs ================================ Drive c: (WIN10) (Fixed) (Total:238.68 GB) (Free:37.3 GB) NTFS ==>[lecteur avec composants d'amorage (obtenu depuis BCD)] Drive e: (Rserv au systme) (Fixed) (Total:0.34 GB) (Free:0.21 GB) NTFS ==>[systme avec composants d'amorage (obtenu depuis lecteur)] Drive f: () (Fixed) (Total:652.91 GB) (Free:14.36 GB) NTFS Drive i: (qubes os) (Fixed) (Total:74.04 GB) (Free:29.59 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 74.5 GB) (Disk ID: 22984422) Partition 1: (Active) - (Size=74 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 58273837) Partition 1: (Not Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=238.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=652.9 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 256.2 GB) (Disk ID: 37AD1A7A) Partition: GPT. ==================== Fin de Addition.txt ============================