Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 06-10-2017 Exécuté par Ambatomena (07-10-2017 23:13:05) Exécuté depuis D:\Bureau Windows 10 Pro Version 1703 (X64) (2017-05-19 12:37:25) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= 0AF8E37422C542B9B917 (S-1-5-21-2183172406-3163364599-1075450114-1004 - Limited - Enabled) Administrateur (S-1-5-21-2183172406-3163364599-1075450114-500 - Administrator - Disabled) Ambatomena (S-1-5-21-2183172406-3163364599-1075450114-1001 - Administrator - Enabled) => C:\Users\Ambatomena DefaultAccount (S-1-5-21-2183172406-3163364599-1075450114-503 - Limited - Disabled) Invité (S-1-5-21-2183172406-3163364599-1075450114-501 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Bitdefender Antivirus (Disabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371} AS: Bitdefender Antispyware (Disabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Pare-feu (Disabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE) µTorrent (HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\uTorrent) (Version: 3.4.2.37252 - BitTorrent Inc.) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.15 - Adobe Systems) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated) Aiseesoft Blu-ray Player 6.1.10 (HKLM-x32\...\{EC30ACE1-3561-42b0-B343-42C7FB2E2593}_is1) (Version: - ) Aiseesoft Convertisseur Vidéo Total Platinum 7.1.8 (HKLM-x32\...\{3661F243-518C-4d05-8BDF-7B10CC22689F}_is1) (Version: 7.1.8 - Aiseesoft Studio) Apple Application Support (32 bits) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) ASIO4ALL v2 (HKLM-x32\...\ASIO4ALL v2) (Version: - ) Aurora 3D Text & Logo Maker version 16.01.07 (HKLM-x32\...\{4F6B6582-B9F6-42B2-AAFC-48E097D07837}_is1) (Version: 16.01.07 - Aurora3D Software) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.24.36 - Bitdefender) Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 21.0.23.1101 - Bitdefender) Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender) BitMeter (HKLM-x32\...\BitMeter) (Version: - ) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.) Canon iP7200 series On-screen Manual (HKLM-x32\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - ) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n) Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine) Chrome Remote Desktop Host (HKLM-x32\...\{BAD014C7-DB71-474A-AC68-F06FAE17A949}) (Version: 61.0.3163.20 - Google Inc.) CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.) DGE-560T Gigabit PCI Express Ethernet Adapter (HKLM-x32\...\{6E01C07D-A44B-406E-A0DC-DEF62181E6E7}) (Version: 8.4.907.2012 - D-Link) Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit) Driver Magician 4.82 (HKLM-x32\...\Driver Magician_is1) (Version: - GoldSolution Software, Inc.) Dropbox (HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\Dropbox) (Version: 36.4.22 - Dropbox, Inc.) eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.5.1160 - Steinberg Media Technologies GmbH) Enregistrement utilisateur de Canon iP7200 series (HKLM-x32\...\Enregistrement utilisateur de Canon iP7200 series) (Version: - Canon Inc.‎) Enregistrement utilisateur de Canon MP495 series (HKLM-x32\...\Enregistrement utilisateur de Canon MP495 series) (Version: - ) Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden HashCalc 2.02 (HKLM-x32\...\HashCalc_is1) (Version: - SlavaSoft Inc.) iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.) iFunbox (v4.0.4106.1352) (HKLM-x32\...\iFunbox_is1) (Version: v4.0.4106.1352 - iFunbox DevTeam) iMazing 2.2.7.0 (HKLM\...\iMazing_is1) (Version: 2.2.7.0 - DigiDNA) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.20 - IObit) iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.) Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) KaraFun Player 2 (HKLM-x32\...\KaraFun Player 2_is1) (Version: 2.4.1.0 - Recisio) K-Lite Mega Codec Pack 13.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.5.5 - KLCP) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Logitech - Assistant pour jeux vidéo 8.83 (HKLM\...\Logitech Gaming Software) (Version: 8.83.85 - Logitech Inc.) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1036 - Marvell) Marvell MRU V4 (HKLM-x32\...\mv61xxMRU) (Version: 4.1.0.1700 - Marvell) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.8431.2079 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{02A39130-2CF3-30CA-8623-30F6071A4221}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mises à jour NVIDIA 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.13.6 - NVIDIA Corporation) Hidden Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 50.0 (x64 fr) (HKLM\...\Mozilla Firefox 50.0 (x64 fr)) (Version: 50.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.2 - Notepad++ Team) NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA Pilote graphique 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Opera Stable 48.0.2685.35 (HKLM-x32\...\Opera 48.0.2685.35) (Version: 48.0.2685.35 - Opera Software) Panneau de configuration NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden plist Editor for Windows 1.0.2 (HKLM-x32\...\plist Editor for Windows) (Version: 1.0.2 - VOWSoft,Ltd.) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.5 - Power Software Ltd) Process Revealer Free Edition 1.0 (HKLM-x32\...\Process Revealer Free Edition) (Version: 1.0 - Logixoft) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.13.6 - NVIDIA Corporation) Hidden Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Smart Recovery 2 B13.1104.1 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE) Speaking Clock Deluxe 3.62 (HKLM-x32\...\Speaking Clock Deluxe_is1) (Version: - Lux Aeterna) SSD Utility (HKLM-x32\...\{3449D0CA-9D99-472B-B36C-A32A58AF18F5}) (Version: 2.0.2430 - Toshiba Corporation) Steinberg Cubase LE AI Elements 8 64bit (HKLM\...\{C801D1E6-30E3-46BE-368D-0106B42CCE17}) (Version: 8.0.20 - Steinberg Media Technologies GmbH) Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH) Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH) Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH) Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.0 - Steinberg Media Technologies GmbH) Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.1 - Steinberg Media Technologies GmbH) Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH) Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH) Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH) Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH) Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH) Sweet Home 3D version 5.0 (HKLM\...\Sweet Home 3D_is1) (Version: 5.0 - eTeks) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) The Best Keylogger (HKLM-x32\...\{3180A3A1-0B3A-4FC8-B804-6438A460DC76}) (Version: 3.54.00 - The Best KeyLogger) Hidden UMC v2.23.0 (HKLM-x32\...\UMC v2.23.0) (Version: 2.23.0 - BEHRINGER) USB2.0 PC Camera (SN9C201&202) (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.27000.0 - Sonix) vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version: - ) Viber (HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\Viber) (Version: 4.4.0.134678 - Viber Media Inc) VirusTotal Uploader 2.0 (HKLM-x32\...\VirusTotalUploader2.0) (Version: - ) WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.240 - Broadcom Corporation) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB (04/21/2011 01.0.0.0) (HKLM\...\BEA7B05370C19B9C86893BB484FD6B9CC52B0CD8) (Version: 04/21/2011 01.0.0.0 - Cambridge Silicon Radio Ltd.) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wondershare Video Converter Ultimate(Build 8.8.1.1) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.8.1.1 - Wondershare Software) XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2183172406-3163364599-1075450114-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2017-06-23] (Tonec Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] () ContextMenuHandlers1: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender 2017\bdfvsctx.dll [2017-10-02] (Bitdefender) ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc.) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWoW64\WSCM64.dll [2015-02-27] () ContextMenuHandlers4: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender 2017\bdfvsctx.dll [2017-10-02] (Bitdefender) ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Ltd) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd) ContextMenuHandlers5: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender 2017\bdfvsctx.dll [2017-10-02] (Bitdefender) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.) ContextMenuHandlers6: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender 2017\bdfvsctx.dll [2017-10-02] (Bitdefender) ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Ltd) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-2183172406-3163364599-1075450114-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-2183172406-3163364599-1075450114-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-2183172406-3163364599-1075450114-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {11AA78F3-46E2-4C5C-880D-960687C8E7F4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {13A9AA53-B87E-45AA-9130-119D219AFE86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {1634DE0B-C336-4361-923E-1BAC64A3E2F4} - System32\Tasks\Microsoft\Windows\RestartManager\{D3A03204-F80E-4bf6-969B-9541F7425691} => C:\WINDOWS\system32\rmclient.exe [2017-03-18] (Microsoft Corporation) Task: {2A32F7C8-53DE-4CA9-AE2C-75FEA1A20EDF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] () Task: {2C5F5536-7DAE-46A5-845E-29C403ADED52} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {346A32AC-2A05-4F29-BB8C-F15CA059919E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {41943007-E75A-4B57-B4F2-0CC2D9B7B37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {425C44B1-8A3B-4BC7-8405-65277B54CA18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {5999F8DC-66AD-4EB6-BBE5-B09C459449FD} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender) Task: {5A2635F6-FE8B-464F-B1C0-3A1B8D5AB64A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2183172406-3163364599-1075450114-1001UA1d236ddd596865c => C:\Users\Ambatomena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {5E36522B-40B2-4CFC-B9AB-FE3605800403} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-13] (Microsoft Corporation) Task: {777A4BCB-D953-4293-968F-2CF009A755DE} - System32\Tasks\Opera scheduled Autoupdate 1462879329 => C:\Program Files (x86)\Opera\launcher.exe [2017-10-02] (Opera Software) Task: {7AC7556F-CAE5-4A0F-88FF-0EAB615DC1A2} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-09-22] () Task: {887BEB2B-5830-4CE1-AF01-DBED916EC40B} - System32\Tasks\Driver Booster SkipUAC (Ambatomena) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-25] (IObit) Task: {89029232-B888-4C72-8935-9A97D9FF282F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {8FBD6110-D453-4EE0-96A3-56A94BC5E45F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {96B5F258-6137-4D86-85C7-4F7ED36D51FB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {9B9419B6-D5A4-4FBE-9F79-93A795D4B498} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {9FFF58EC-F67C-4CF7-A3FF-C56BFB01EFC0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-08-30] () Task: {A8A30752-C2AB-4E37-8BFC-60A12E74AAE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {A93D9C12-209B-40D1-85CE-8E86A494FD0B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {B25FD7EA-5B91-4440-BD1A-4E3657FA9994} - System32\Tasks\{FF294150-ED41-41EE-BD80-AAA677B622B4} => C:\Windows\system32\pcalua.exe -a "F:\ADHLNF\Logiciel\Windows\Microsoft\Net Framwork\dotnetfx 20.exe" -d "F:\ADHLNF\Logiciel\Windows\Microsoft\Net Framwork" Task: {B64FC18B-CC4F-407F-8C4F-BA9010AC17F3} - System32\Tasks\AdobeAAMUpdater-1.0-Vah-Ambatomena => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated) Task: {B87C85D7-BF21-4C2A-B370-502F6282204D} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-30] (@ByELDI) Task: {CC5C4C5D-1541-4E9D-8D52-9790E070A62D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {E3D5112A-60B0-454B-88B4-CEBFE18F2B85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-29] (Microsoft Corporation) Task: {E5EE209E-1140-4F9D-9D9E-51D0CF8E5F45} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2183172406-3163364599-1075450114-1001Core1d236ddd58f5f4a => C:\Users\Ambatomena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {E6C3C80A-0976-4682-BABC-7934B2C6159E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-29] (Microsoft Corporation) Task: {E7DCC96F-30B1-448C-BC72-780EEDCC532D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] () Task: {EA17D58D-F14A-4ED0-A272-3485D9DFE782} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION Task: {EB725EA7-4213-493D-9822-54DC75ACF6B5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {EEB48368-E5DD-4E6C-A76B-B61A7D5FA1A3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {FAC32A3D-4281-4729-BED3-ED2A12AE4C2F} - System32\Tasks\Uninstaller_SkipUac_Ambatomena => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-01] (IObit) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Ambatomena.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\Ambatomena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jumi\JumiHomePage.lnk -> hxxp://www.jumitech.com ==================== Modules chargés (Avec liste blanche) ============== 2017-09-13 18:27 - 2017-09-13 18:27 - 000111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll 2017-03-19 15:15 - 2017-02-07 12:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpbr.mdl 2017-03-19 15:15 - 2017-02-07 12:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpdsp.mdl 2017-03-19 15:15 - 2017-02-07 12:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpph.mdl 2017-03-19 15:15 - 2017-02-07 12:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttprbl.mdl 2017-05-19 15:18 - 2016-11-14 14:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-01-13 13:56 - 2017-01-13 13:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-01-08 10:21 - 2015-01-08 10:21 - 000049408 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll 2017-03-18 23:58 - 2017-03-18 23:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2015-02-11 15:13 - 2015-02-11 15:13 - 000997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-10-21 11:57 - 2015-02-27 14:38 - 000721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll 2016-05-18 01:42 - 2016-05-18 01:42 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2010-03-08 05:50 - 2010-03-08 05:50 - 000235560 _____ () C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe 2017-03-18 23:59 - 2017-03-20 08:12 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-08-22 23:53 - 2017-08-22 23:54 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-22 23:53 - 2017-08-22 23:54 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-08-22 23:53 - 2017-08-22 23:54 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-08-22 23:53 - 2017-08-22 23:54 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll 2015-03-07 03:07 - 2015-03-07 03:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2016-04-29 01:49 - 2016-04-29 01:49 - 001095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 03:07 - 2015-03-07 03:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2016-04-29 01:49 - 2016-04-29 01:49 - 000240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2014-06-01 13:18 - 2014-06-01 13:18 - 001396736 _____ () C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe 2017-05-05 07:39 - 2017-05-05 07:44 - 000020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-05-05 07:39 - 2017-05-05 07:44 - 026322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-05-05 07:39 - 2017-05-05 07:44 - 000441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-05-05 07:39 - 2017-05-05 07:44 - 002139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-05-05 07:39 - 2017-05-05 07:45 - 002901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-05-05 07:39 - 2017-05-05 07:44 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2016-06-04 14:08 - 2016-06-04 14:08 - 000680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2017-05-05 07:39 - 2017-05-05 07:44 - 000641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-05-05 07:39 - 2017-05-05 07:45 - 001062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2008-01-17 20:17 - 2008-01-17 20:17 - 000073782 _____ () C:\Program Files (x86)\Marvell\raid\Apache2\bin\zlib1.dll 2015-08-25 12:10 - 2015-08-18 02:31 - 000011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-06-02 19:25 - 2002-06-02 18:05 - 000038912 _____ () C:\Program Files (x86)\Speaking Clock Deluxe\spcl01.dll 2014-06-02 19:25 - 2003-02-17 21:11 - 000312832 _____ () C:\Program Files (x86)\Speaking Clock Deluxe\timer.dll 2014-06-02 19:25 - 2009-06-27 11:45 - 000558080 _____ () C:\Program Files (x86)\Speaking Clock Deluxe\voice\French EU (male).dll 2014-08-30 14:44 - 2011-05-20 10:05 - 000059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0] AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [140] AlternateDataStreams: C:\Users\Ambatomena\Cookies:84AyT7IV1i79Dml5qMOFgtjY [3008] AlternateDataStreams: C:\Users\Ambatomena\Cookies:ITg3FWFxWIWL884jwAfbuX3 [2654] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 16:25 - 2017-10-07 19:31 - 000000893 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 http://www.driver-soft.com 127.0.0.1 www.driver-soft.com ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk" HKLM\...\StartupApproved\StartupFolder: => "UMC Audio Control Panel Autostart.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "snp2std" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "DelaypluginInstall" HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "FreedomeAutoStart" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\StartupApproved\Run: => "JumiController" HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\StartupApproved\Run: => "IDM trial reset" HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2183172406-3163364599-1075450114-1001\...\StartupApproved\Run: => "iFunBox" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{8D2A1175-1D59-42BF-8CB6-8ED95A35FD9B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B2B1FB2D-9170-4979-80C6-04C8F9C1E8D3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1D421667-2D80-4EB5-B748-05F6B6352424}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{00B3FDEE-94B4-4A1E-B669-AC78336F2663}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{ADE2674A-F8BD-48EF-9E6F-1404795D7B51}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe FirewallRules: [{2380CA59-4E1D-4BBC-9CB0-D78407CF1800}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe FirewallRules: [{D837C90C-D5D8-428A-8CB0-F4DB9DD424CE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe FirewallRules: [{FBBC4DB3-2A9F-4624-A655-465C9E87CB70}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe FirewallRules: [{C554EAD8-C5AE-4B66-9CA3-B51DCB5761EA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe FirewallRules: [{2EB91E7A-6E22-4384-B8CE-2A97BF9AAC3A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe FirewallRules: [{C7AECD19-AC65-4293-86F8-8AA370DC2577}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{EE7FC243-AED1-402B-BE41-524B7842900D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [UDP Query User{3B10816C-5A0C-4B84-9AD6-C2D407B839CD}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{5801FFD4-4297-4C0F-AA24-B830D1B1C112}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{385DB690-EC9E-4BAD-8C4B-FF8AE5F5E311}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{FEE9801D-9746-4B19-86E5-0ACD0E69EBD7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{CC52F952-D6F5-4C79-AEC9-ECA5CB57CEFC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{083EDB45-5467-465F-88F9-5E09F3C80494}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{A56DBF3E-D68C-4EF0-932F-60B283A738C0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{5835F4B7-1919-43BF-9D08-CCD326CC46F7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{D5CA786F-209C-47C0-A348-9126459BE272}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{25C884E3-6293-48F5-9E0D-2A0D2D9BAFCB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{596545AC-1452-4D1E-9C99-25ACE5A91EC0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E46D934C-BE79-49DA-9607-2259E472DAB4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{581CE759-8188-4D40-8443-6A1D496FBA05}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{915AD154-457A-45FC-B1DF-15BBA8FD0E60}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{D4635F95-9E8C-417D-B08B-FC204FBB719C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C3D08732-34A0-4FD7-BDC4-E554D41B7383}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{48427E92-7DEA-4A41-960D-38BF91A73AE3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [UDP Query User{B2CF3619-B35C-45C6-AB5E-71332E635E91}C:\program files (x86)\internet download manager\idman.exe] => (Allow) C:\program files (x86)\internet download manager\idman.exe FirewallRules: [TCP Query User{8C31924B-9751-4CCE-9B9C-7F9D3F0BF921}C:\program files (x86)\internet download manager\idman.exe] => (Allow) C:\program files (x86)\internet download manager\idman.exe FirewallRules: [{81398BF6-7BCF-4FDD-92E6-698B2BF6B2F3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{558E2B04-359E-4F5B-8CB9-8D7E5BD2EB50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [TCP Query User{A2A5EBE7-163B-4852-AD3C-7BF928ED79B3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{7EA82827-0D6B-4853-A108-9C8BF81D01C1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{9F07E409-DA0A-4A1F-BF5D-7C9D5FF198AB}C:\program files (x86)\jumi\jumi.exe] => (Allow) C:\program files (x86)\jumi\jumi.exe FirewallRules: [UDP Query User{6AC22F03-7F9B-495C-854E-11AC3E87F397}C:\program files (x86)\jumi\jumi.exe] => (Allow) C:\program files (x86)\jumi\jumi.exe FirewallRules: [{4F3BEE6F-77A9-491B-A439-9DCBDDD05B7D}] => (Allow) LPort=5720 FirewallRules: [{3CE8B03C-C6A5-4EDB-BCAD-C6C22320D57D}] => (Allow) LPort=5720 FirewallRules: [{B0A43194-4814-4AB8-85CB-ECEC9F790665}] => (Allow) LPort=2869 FirewallRules: [{A82CDCD7-AC3C-4374-AB45-7051B03F7CE8}] => (Allow) LPort=1900 FirewallRules: [{63C70980-6C0F-443D-8155-C5728FC82335}] => (Allow) LPort=2869 FirewallRules: [{D14E429E-018C-4E58-923B-034A29B59956}] => (Allow) LPort=1900 FirewallRules: [{0A6520C4-596D-4F9A-8CD9-8D83240F1F7B}] => (Allow) C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{99E53FDC-ECC0-4D6A-8BD5-12DA99CD2767}] => (Allow) C:\Users\Ambatomena\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{20A04D6F-83A6-485E-8D90-679EED424534}C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe] => (Allow) C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe FirewallRules: [UDP Query User{FF374456-A42A-4A87-B929-81A0E9AF51CC}C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe] => (Allow) C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe FirewallRules: [TCP Query User{C34796C0-B1FB-4E42-A52E-00F690FE37E1}C:\program files\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\frd.exe FirewallRules: [UDP Query User{F48FBEA0-BF58-4EC9-8D73-324CDD1B1034}C:\program files\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\frd.exe FirewallRules: [TCP Query User{14B810C8-7666-436F-B5E7-12B1AFEAC8A9}C:\program files\java\jre1.8.0_25\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_25\launch4j-tmp\frd.exe FirewallRules: [UDP Query User{4455F76A-9382-4EFE-AAD6-70DCBD1FF6AF}C:\program files\java\jre1.8.0_25\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_25\launch4j-tmp\frd.exe FirewallRules: [{5E83679D-F6BB-4701-A91B-4F9BD3797DF9}] => (Block) C:\program files\java\jre1.8.0_25\launch4j-tmp\frd.exe FirewallRules: [{F60595F6-6C61-42E9-AB26-3DD3461A2BAE}] => (Block) C:\program files\java\jre1.8.0_25\launch4j-tmp\frd.exe FirewallRules: [{A6F276E3-9075-4660-801D-F8EFF89AA2F3}] => (Allow) C:\Users\Ambatomena\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4CE2ABD8-FC21-4E75-A412-04C6EB4647C6}] => (Allow) C:\Users\Ambatomena\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7079BF67-F6E7-4CD3-8444-4B853BA63826}] => (Allow) C:\Users\Ambatomena\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FC9F945E-5A03-49BC-B80A-3A0C693CB3B3}] => (Allow) C:\Users\Ambatomena\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{52F0660E-98AD-4773-B351-2FEC21A77B89}C:\program files\java\jre1.8.0_31\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\frd.exe FirewallRules: [UDP Query User{3EEC9046-2D85-434D-AEE6-AC4D2F88FD6A}C:\program files\java\jre1.8.0_31\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_31\launch4j-tmp\frd.exe FirewallRules: [TCP Query User{45C85A11-4F00-459B-A897-C83DB1E7EFC0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{227FE2BF-5BAB-4385-8D6C-9B5B3CD9A847}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{8D0D1EB3-0DF4-4059-A605-65C19A7A2773}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{A3F9811B-B57F-4A19-9A13-491B7E69CCF2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{5D73C4FD-6078-4F1D-95F6-F2307D54E702}] => (Allow) LPort=1688 FirewallRules: [{28D4B555-44E6-4455-AA76-BCDA202DA8E9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{21E95ED8-3FF1-479D-A1A5-B2264726CC35}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{3FAA623B-44C7-4D3F-9903-8DFB5A33B099}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.32\opera.exe FirewallRules: [{6C22482F-80B9-43F6-B1D7-87B27EE7D973}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.35\opera.exe ==================== Points de restauration ========================= 07-10-2017 14:58:20 Removed IPTInstaller ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (10/07/2017 09:45:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vah) Description: Échec de l’activation de l’application Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/07/2017 09:01:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vah) Description: Échec de l’activation de l’application Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/07/2017 08:51:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vah) Description: Échec de l’activation de l’application Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/07/2017 08:51:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante MicrosoftEdgeCP.exe, version : 11.0.15063.608, horodatage : 0x59ae240c Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000604 Décalage d’erreur : 0x0000000000000000 ID du processus défaillant : 0x10cc Heure de début de l’application défaillante : 0x01d33f94d4e479a3 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Chemin d’accès du module défaillant: unknown ID de rapport : 6ad38541-d1bd-4c6c-b981-3584ed2378c8 Nom complet du package défaillant : Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe ID de l’application relative au package défaillant : ContentProcess Error: (10/07/2017 08:50:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante MicrosoftEdgeCP.exe, version : 11.0.15063.608, horodatage : 0x59ae240c Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000604 Décalage d’erreur : 0x0000000000000000 ID du processus défaillant : 0x10cc Heure de début de l’application défaillante : 0x01d33f94d4e479a3 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Chemin d’accès du module défaillant: unknown ID de rapport : 27cd71b6-887c-4de1-860a-1af2a648ec30 Nom complet du package défaillant : Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe ID de l’application relative au package défaillant : ContentProcess Error: (10/07/2017 07:48:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante seccenter.exe, version : 22.0.10.143, horodatage : 0x59baa5d6 Nom du module défaillant : sciter.dll, version : 4.0.0.7, horodatage : 0x599c0c16 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000018d8fb ID du processus défaillant : 0x29f4 Heure de début de l’application défaillante : 0x01d33f8b56d69436 Chemin d’accès de l’application défaillante : C:\Program Files\Bitdefender\Bitdefender 2017\seccenter.exe Chemin d’accès du module défaillant: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll ID de rapport : 488d6242-53f1-48d4-9db2-c341b68b03e4 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/07/2017 07:42:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante seccenter.exe, version : 22.0.10.143, horodatage : 0x59baa5d6 Nom du module défaillant : sciter.dll, version : 4.0.0.7, horodatage : 0x599c0c16 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000018d8fb ID du processus défaillant : 0x1ec4 Heure de début de l’application défaillante : 0x01d33f8b31a61e6d Chemin d’accès de l’application défaillante : C:\Program Files\Bitdefender\Bitdefender 2017\seccenter.exe Chemin d’accès du module défaillant: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll ID de rapport : 40eb3fee-9a7e-4094-b6bc-0b91adb7ef72 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/07/2017 07:40:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante seccenter.exe, version : 22.0.10.143, horodatage : 0x59baa5d6 Nom du module défaillant : sciter.dll, version : 4.0.0.7, horodatage : 0x599c0c16 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000018d8fb ID du processus défaillant : 0x8f4 Heure de début de l’application défaillante : 0x01d33f8aa62ca4c3 Chemin d’accès de l’application défaillante : C:\Program Files\Bitdefender\Bitdefender 2017\seccenter.exe Chemin d’accès du module défaillant: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll ID de rapport : 341190eb-14e3-411e-8b2f-ea95a36cd1d6 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/07/2017 06:31:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vah) Description: Échec de l’activation de l’application Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/07/2017 05:52:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vah) Description: Échec de l’activation de l’application Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Erreurs système: ============= Error: (10/07/2017 09:46:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070005 : 9WZDNCRFJ3P2-Microsoft.ZuneVideo. Error: (10/07/2017 09:45:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070005 : 9WZDNCRFJBH4-Microsoft.Windows.Photos. Error: (10/07/2017 09:45:12 PM) (Source: DCOM) (EventID: 10010) (User: Vah) Description: Le serveur Microsoft.ZuneVideo_10.17032.10341.0_x64__8wekyb3d8bbwe!Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/07/2017 09:45:05 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/07/2017 09:45:05 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/07/2017 09:45:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur : Cette demande n’est pas prise en charge. Error: (10/07/2017 09:13:32 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {F3B4E234-7A68-4E43-B813-E4BA55A065F6} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/07/2017 09:01:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070005 : 9WZDNCRFJ3P2-Microsoft.ZuneVideo. Error: (10/07/2017 09:01:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070005 : 9WZDNCRFJBH4-Microsoft.Windows.Photos. Error: (10/07/2017 09:01:18 PM) (Source: DCOM) (EventID: 10010) (User: Vah) Description: Le serveur Microsoft.ZuneVideo_10.17032.10341.0_x64__8wekyb3d8bbwe!Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. CodeIntegrity: =================================== Date: 2017-10-07 21:45:03.102 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-07 21:01:18.769 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-07 18:30:59.230 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-07 17:52:03.561 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-07 17:17:34.519 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-07 17:14:13.794 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-07 14:14:12.862 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-06 10:47:58.748 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-09-23 22:26:23.165 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-09-23 14:59:31.573 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz Pourcentage de mémoire utilisée: 42% Mémoire physique - RAM - totale: 6142.49 MB Mémoire physique - RAM - disponible: 3533.11 MB Mémoire virtuelle totale: 11518.49 MB Mémoire virtuelle disponible: 8717.11 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:222.35 GB) (Free:146.2 GB) NTFS Drive d: (Virtuel) (Fixed) (Total:149.04 GB) (Free:20.21 GB) NTFS Drive e: (Data) (Fixed) (Total:465.75 GB) (Free:43.98 GB) NTFS Drive g: (MAXTOR) (Fixed) (Total:74.53 GB) (Free:26.28 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 74.5 GB) (Disk ID: 8386A442) Partition 1: (Not Active) - (Size=74.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 61F445ED) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: E1AB43F9) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=222.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 3 (Size: 149 GB) (Disk ID: 0563C85E) Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt ============================