Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 31-07-2017 Exécuté par manu (01-08-2017 23:31:46) Exécuté depuis C:\Users\manu\Desktop\Downloads Windows 10 Home Version 1703 (X64) (2017-06-11 00:00:17) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2082591765-3123149335-2424541023-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2082591765-3123149335-2424541023-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2082591765-3123149335-2424541023-1002 - Limited - Enabled) Invité (S-1-5-21-2082591765-3123149335-2424541023-501 - Limited - Disabled) manu (S-1-5-21-2082591765-3123149335-2424541023-1000 - Administrator - Enabled) => C:\Users\manu ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 5600 (HKLM-x32\...\{6BA1CFB2-AB74-4D7B-8FEF-C80A06190E18}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden 5600_Help (HKLM-x32\...\{7DCBC3D8-8954-491D-A1B9-8C61C563B004}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden 5600Trb (HKLM-x32\...\{2605461E-AB2E-49F5-8A16-64B7F3595030}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated) AIO_CDB_ProductContext (HKLM-x32\...\{D5045A94-1D46-44A7-9C4F-7D05B40D82EC}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDB_Software (HKLM-x32\...\{2DFDE21D-AFFE-4CDD-BBD4-3B7832BEC036}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden Apple Application Support (32 bits) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) AxCrypt 1.7.2931.0 (HKLM\...\{E191812E-F3A0-4F87-98D9-DCD03321278D}) (Version: 1.7.2931.0 - Axantum Software AB) Balabolka (HKLM-x32\...\Balabolka) (Version: 2.11.0.598 - Ilya Morozov) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Citrix Online Launcher (HKLM-x32\...\{77463C86-BB3A-426E-A6C2-06B4D28C250F}) (Version: 1.0.223 - Citrix) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.42.0.50 - Conexant) Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.50 - Conexant Systems) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP) HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.4.19.3 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{9F79033A-84FC-4137-BCDC-C505246F78E1}) (Version: 12.7.27.15 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) IOTransfer 1.1 (HKLM-x32\...\IOTransfer_is1) (Version: 1.1.0 - iFunSoft) iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden Microsoft OneDrive (HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Text to Speech Voice (fr-CA, Harmonie) (HKLM-x32\...\{7418AEC8-8D0F-4242-AEC5-B9A67C403686}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Text to Speech Voice (fr-FR, Hortense) (HKLM-x32\...\{9B9D928F-97D5-4D95-9A71-EE9B1805BADE}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Package de pilotes Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) QLBCASL (HKLM-x32\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden RealSpeak Solo pour la voix francaise Virginie (HKLM-x32\...\{58B0F3ED-6FAE-486C-9AB9-1C06514097B4}) (Version: 4.00.0000 - ScanSoft) Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.) Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ) TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2017-06-23] (Tonec Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Pas de fichier ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2012-07-20] (Axantum Software AB) ContextMenuHandlers1: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2013-02-28] (Ilya Morozov) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc.) ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> Pas de fichier ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Pas de fichier ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Pas de fichier ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Pas de fichier ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {022B64F2-7577-4B01-B456-654DF73A1B3E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {043CFA46-ABEB-4C8D-B42E-0DA600D4AD0B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {2C0B8B50-2502-4968-B02B-23F72EC0A761} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2C576BE1-9A67-4CBD-8CC3-4B527B6BDEAA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2CAAA489-89B1-45FC-A636-EE4E31B053A4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {2E80D5C6-9CAD-4BE8-AE92-4D6E7DBBFC3A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {315A52FD-E274-4F12-A5D0-43BF348E8FEF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.) Task: {3B5EE563-C691-46B4-837B-B95EEFA2061C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {45F6FF7F-DAB1-4CF2-9A83-866C005D6D1B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {46B74308-D787-4517-9262-EB6FE4321401} - pas de chemin du fichier Task: {5189410D-EF3A-48FD-8B47-E9F1127C4E7E} - System32\Tasks\HPCeeScheduleFormanu => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.) Task: {521C1A4D-83AD-4C3E-9BB5-A44853CFCFC9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {52C9E541-B296-443A-9342-97A536CCBA66} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-04-06] (HP Inc.) Task: {56DE196E-52C1-4BDC-ADEC-FCD2CCD6EEAF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.) Task: {5ECD49D7-3AD2-47C9-987D-475D05988338} - System32\Tasks\{C9A4B4B1-4866-4EF6-8CFA-564C99234B51} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/fr/abandoninstall?page=tsMain Task: {5FC25B9A-105C-48CD-BAB0-353E1E14803E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {6BAB3323-6981-4F5E-AEF7-0EE64111D023} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-04-07] (HP Inc.) Task: {6C0871D0-8A77-45B0-A274-5D66101EB9EE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6DF420E9-F434-4C74-B8A3-86D2F850A00D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.) Task: {70FD55B1-C6CE-4005-91E4-6273D7AE5832} - System32\Tasks\{478D8276-DCF8-4A86-A42E-37105794B49E} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/fr/abandoninstall?page=tsMain Task: {7198ED28-DDA8-4D61-B0DD-17B4CD9E1EC7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {77DC991B-41DD-45E5-A5E1-38472936BF31} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7943A06D-3EA4-4F03-B1B8-E87B44494C53} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {7B7148AB-958E-4FB4-B6EA-363D0E06AC92} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7EF59F84-0E05-4351-B313-50D3E7E4CDB9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-08] (Adobe Systems Incorporated) Task: {80B86444-D298-448D-AE50-7554D2AA2D16} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {831FB005-D133-478F-872E-63DE090F6FC2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.) Task: {844E44DE-1C01-4508-8413-5B535AC24991} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {88AD2762-97B3-4CD5-B4D0-6174F9830255} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.) Task: {8B0DF2E7-201D-45B4-8877-0D433F28B04E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8D2CD7C4-F729-4C58-935D-A0AA32B2111B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {8FB042BB-A8B2-4E65-A67A-E9023CFA4E10} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {9069C248-BEE6-4540-9CDF-525814103F5B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {96B061AA-9F13-4BED-8615-6FA5D51708E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.) Task: {9D7F2D5C-BF69-4603-9A1A-B7CAFE37BEE3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9EB6CD08-EA98-44A4-AEBE-99E33A3B0F34} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {A1BAA5E9-3C13-41F9-A8F8-8524784E86BB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) Task: {A5827EED-FC7B-437E-AD21-739D1DDFC70D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {AD0101A5-3B9F-4C52-8B65-2B8AC420CCF1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-07-12] (Microsoft Corporation) Task: {AE989C99-1C2C-4898-BBF0-A1F08571C457} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.) Task: {B1CF438A-093D-4793-AC51-C0B5060CFA88} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {B8365332-FA51-4A04-9E3C-2FD3885B7FD0} - \upfs7235 -> Pas de fichier <==== ATTENTION Task: {CAA9EAF0-0846-46DB-87A9-F2DC42F4701A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D00D0D5D-52E2-4CB5-AD17-7E00E7932361} - System32\Tasks\{CF275678-AE16-4387-83D5-05B7C6720BB0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/fr/abandoninstall?page=tsMain Task: {D7401CBE-4C10-41CC-B64A-188756038F07} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-06-28] (HP Inc.) Task: {DE97053C-81EF-4983-BE78-20784103B6E2} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {ECE19DF3-C480-4861-9AB1-80D7FF1A09EA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {EF4BF74E-13F8-4AFE-A6C7-8FA759B5478A} - System32\Tasks\{7699949A-A02D-45F4-8086-2E4825C84A0A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/fr/abandoninstall?page=tsProgressBar Task: {EFD44289-4EBD-438A-8239-9B7D4DC5566B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2017-07-12] (Microsoft Corporation) Task: {F481D795-0C9D-4B99-9C76-8A40222E49CB} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FCD6F061-4048-44B7-A2B2-6BEF38FB6ADC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleFormanu.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\UHY.job => C:\Users\manu\AppData\Roaming\UHY.exe <==== ATTENTION ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --remote-debugging-port=9223 ==================== Modules chargés (Avec liste blanche) ============== 2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 22:59 - 2017-03-20 07:11 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-07-14 10:27 - 2017-07-14 10:27 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll 2017-07-14 10:26 - 2017-07-14 10:26 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll 2017-07-17 19:29 - 2017-07-17 19:30 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-07-17 19:29 - 2017-07-17 19:30 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-07-17 19:29 - 2017-07-17 19:30 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-07-17 19:29 - 2017-07-17 19:30 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\100sexlinks.com -> 100sexlinks.com Il y a 4792 plus de sites. ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\manu\AppData\Local\Microsoft\Windows\Themes\img14.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AdvancedSystemCareService7 => 2 MSCONFIG\Services: Com4QLBEx => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: hpqwmiex => 3 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Advanced SystemCare 7 => MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint2K\Apoint.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: HotKeysCmds => MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: IgfxTray => MSCONFIG\startupreg: Persistence => MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime HKU\S-1-5-21-2082591765-3123149335-2424541023-1000\...\StartupApproved\Run: => "IDMan" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{D0F5AB83-BD04-495A-B161-708899377D36}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{281884ED-A1E1-452D-B21E-A3271C8CCED9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{8CBE9F7C-7C54-48E2-8F19-EAAEC4247CF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{1D31D634-48C4-43D5-956B-17AE6B722B4E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{1E2DBB74-FC6A-4487-80AF-6E007BD89203}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{F15BA40F-2368-4B4B-B1D3-A04E2B784C74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{BB71A44E-F420-4637-AF69-1F1080F3B3EC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{71A47F24-DC74-4F80-B6C3-1B32B41AF45F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{2D1AE9AD-9CBC-4C78-A336-2ACC3164B013}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{DED78261-8AF7-48B8-A47B-567A7E8896E1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{48729401-27EF-4A15-AAEF-C11FF955C3FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{6CCC4CA0-B44A-489E-A42C-CE238B85FDE9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{1314ABE0-F689-44F2-B4A4-DD676C6C4C37}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{F6EB1E54-1316-47C1-BE59-7EB70CF72190}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe FirewallRules: [{36EC5BEE-5843-4D76-9925-073F49943058}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe FirewallRules: [{7B63D25A-9A61-4AA1-9853-5BE00550DD02}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{341B1435-BA5A-4951-BE2F-E9C203C6999B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{8AEC9384-F11F-40B8-A0B3-90A5AB3CDA1F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe FirewallRules: [{8C5B1C7D-FEF2-4911-8B5E-50274A69076B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{9CA56D41-0656-41B5-8460-6C7A90CA3D26}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{C11D49A7-937B-43E0-89E7-61958A0BAFC0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{D15315E3-86FE-4893-BDED-0EE604862E73}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{8AE329DA-CDE7-4553-8C50-00C45F8DBB16}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{DB619381-E210-4D83-B927-5D283DDC1AD6}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{35AE3BB3-F61C-413A-97D1-6EE3060C987D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{6F17E541-6305-4262-9981-3C9BBD1BA601}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D099890B-4B62-4AFA-8BE8-583CD915C16A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C5CCF39A-F92A-4D7F-9128-21B6838CE99A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{281FF337-FA0D-40CF-B39B-F815FC4F0636}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A3A6D281-76A2-405A-AE62-3A05F7D64C1A}] => (Allow) C:\Users\manu\AppData\Local\Temp\7zS3447\HPDiagnosticCoreUI.exe FirewallRules: [{BE58AAFE-DBB4-4D28-8760-706C185FC824}] => (Allow) C:\Users\manu\AppData\Local\Temp\7zS3447\HPDiagnosticCoreUI.exe FirewallRules: [{03AC4FB1-E816-47A9-8B62-267D2335F09A}] => (Allow) C:\Users\manu\AppData\Local\Temp\7zS5B49\HPDiagnosticCoreUI.exe FirewallRules: [{A3379356-C636-48BD-A755-1C2C0A9A52F0}] => (Allow) C:\Users\manu\AppData\Local\Temp\7zS5B49\HPDiagnosticCoreUI.exe FirewallRules: [{6CC3CB84-25BB-4237-A4DC-67314F2EBC39}] => (Allow) C:\Users\manu\AppData\Local\Temp\7zS76DA\HPDiagnosticCoreUI.exe FirewallRules: [{39439AA5-B628-4301-BD3B-8EF772A320E1}] => (Allow) C:\Users\manu\AppData\Local\Temp\7zS76DA\HPDiagnosticCoreUI.exe FirewallRules: [{0D36610F-1212-4FCD-991D-435605F6F892}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{12A446FE-9F48-42D7-8C06-0074B73D4880}] => (Allow) C:\Program Files\iTunes\iTunes.exe ==================== Points de restauration ========================= ATTENTION: La Restauration système est désactivée ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (08/01/2017 11:22:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MANU-PC) Description: Le package Microsoft.Windows.ShellExperienceHost_10.0.15063.332_neutral_neutral_cw5n1h2txyewy+App a été interrompu, car sa suspension a été trop longue. Error: (08/01/2017 10:41:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MANU-PC) Description: Le package Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe+App a été interrompu, car sa suspension a été trop longue. Error: (08/01/2017 07:08:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MANU-PC) Description: Le package Microsoft.Windows.ShellExperienceHost_10.0.15063.332_neutral_neutral_cw5n1h2txyewy+App a été interrompu, car sa suspension a été trop longue. Error: (08/01/2017 04:31:21 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON. Error: (08/01/2017 04:31:20 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON. Error: (08/01/2017 04:31:18 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON. Error: (08/01/2017 04:31:18 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON. Error: (08/01/2017 04:20:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MANU-PC) Description: Le package Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe+App a été interrompu, car sa suspension a été trop longue. Error: (08/01/2017 04:19:23 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON. Error: (08/01/2017 04:19:21 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON. Erreurs système: ============= Error: (08/01/2017 07:09:42 PM) (Source: DCOM) (EventID: 10005) (User: MANU-PC) Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service hpqwmiex avec les arguments « Non disponible » pour exécuter le serveur : {F5539356-2F02-40D4-999E-FA61F45FE12E} Error: (08/01/2017 07:09:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service hpqwmiex n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (08/01/2017 07:09:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service hpqwmiex. Error: (08/01/2017 07:06:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Adaptateur d'écouteur Net.Msmq n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (08/01/2017 07:06:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service NetMsmqActivator. Error: (08/01/2017 07:06:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service NetTcpActivator dépend du service NetTcpPortSharing qui n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (08/01/2017 07:06:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service NetTcpPortSharing n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (08/01/2017 07:06:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service NetTcpPortSharing. Error: (08/01/2017 07:05:50 PM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Cet ordinateur est configuré en tant que membre d’un groupe de travail, et non en tant que membre d’un domaine. Il n’est pas nécessaire d’exécuter le service Accès réseau dans cette configuration. Error: (08/01/2017 07:05:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur : Cette demande n’est pas prise en charge. CodeIntegrity: =================================== Date: 2017-08-01 23:26:06.026 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-01 23:26:06.023 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-01 23:26:02.348 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-01 23:26:02.345 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-01 23:25:46.461 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-01 23:25:46.458 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-01 20:28:21.719 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\manu\Desktop\IObit\Advanced SystemCare Ultimate\KB3210721.cab_Temp\70F6DB73-5F22-44B7-B622-7A344556E8D9\amd64_microsoft-windows-security-spp-ux-dlg_31bf3856ad364e35_10.0.10586.672_none_0b3f9545391f2498\upgraderesultsui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-01 20:28:21.711 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\manu\Desktop\IObit\Advanced SystemCare Ultimate\KB3210721.cab_Temp\70F6DB73-5F22-44B7-B622-7A344556E8D9\amd64_microsoft-windows-security-spp-ux-dlg_31bf3856ad364e35_10.0.10586.672_none_0b3f9545391f2498\upgraderesultsui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-01 20:28:21.705 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\manu\Desktop\IObit\Advanced SystemCare Ultimate\KB3210721.cab_Temp\70F6DB73-5F22-44B7-B622-7A344556E8D9\amd64_microsoft-windows-security-spp-ux-dlg_31bf3856ad364e35_10.0.10586.672_none_0b3f9545391f2498\upgraderesultsui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-01 20:27:52.683 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\manu\Desktop\IObit\Advanced SystemCare Ultimate\KB3210721.cab_Temp\70F6DB73-5F22-44B7-B622-7A344556E8D9\amd64_microsoft-windows-a..ncredentialprovider_31bf3856ad364e35_10.0.10586.672_none_d7e3b90d82017c5f\facecredentialprovider.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== Processeur: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz Pourcentage de mémoire utilisée: 59% Mémoire physique - RAM - totale: 2038.01 MB Mémoire physique - RAM - disponible: 817.27 MB Mémoire virtuelle totale: 4086.01 MB Mémoire virtuelle disponible: 2678.19 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:111.35 GB) (Free:74.49 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)] ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 10BD20A9) Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) ==================== Fin de Addition.txt ============================