Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 09-12-2017 Exécuté par poupi (09-12-2017 22:35:07) Exécuté depuis C:\Users\poupi\Desktop Windows 10 Home Version 1709 16299.64 (X64) (2017-11-11 02:58:03) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-1993566007-3738436700-2765193010-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1993566007-3738436700-2765193010-503 - Limited - Disabled) invit (S-1-5-21-1993566007-3738436700-2765193010-1004 - Administrator - Enabled) => C:\Users\invit Invité (S-1-5-21-1993566007-3738436700-2765193010-501 - Limited - Disabled) poupi (S-1-5-21-1993566007-3738436700-2765193010-1001 - Administrator - Enabled) => C:\Users\poupi WDAGUtilityAccount (S-1-5-21-1993566007-3738436700-2765193010-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 1-2-3 Schéma (HKLM-x32\...\1-2-3 Schéma) (Version: - ) 600 by Wikango (HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\600 by Wikango) (Version: - ) Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.0.0 - Adobe Systems) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Apple Application Support (32 bits) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) Application Profiles (HKLM-x32\...\{77A795C8-E532-4B09-5C58-7FFFC3CC9171}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation) Audio By Harman (HKLM\...\{6968F6DE-2EE8-4776-AFC2-C0952A2A471C}) (Version: 1.1.0.0 - Harman) Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk) AVG (HKLM\...\{E61E6143-4937-43FC-8C12-06B8A987484D}) (Version: 1.211.3 - AVG Technologies) Hidden Barre de Confiance CM-CIC (HKLM-x32\...\{8B234C1B-C12A-4BB4-97C4-F2D3B6A805D1}) (Version: 5.0.0 - EID) Bâti-Rési Suite (HKLM-x32\...\{1DD16902-2A33-4A63-9A6E-4607DA8F9D6D}) (Version: 3.7.1 - SCHNEIDER) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Boo-Ree Chorus-II USB Driver 1.10 WHQL Certified (HKLM-x32\...\Boo-Ree Chorus-II USB Driver 1.10 WHQL Certified) (Version: - ) BudgetPlus (HKLM-x32\...\{C964A549-C74A-11D3-B88A-00A0C9379093}) (Version: - ) Casto 3D Salle de Bain (HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\SquareClock_Production_Castorama_Bathroom_Internet) (Version: - SquareClock SAS) Catalyst Control Center Next Localization BR (HKLM\...\{F00A12D0-2F38-8F82-BCCE-BE11FAEB53DB}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{3CFC9ECD-600A-BE9E-1B7D-8B47AC972A79}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{BF2E5916-7C1E-D699-C410-1B853EE5FEF7}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{A9205043-EBD3-48C6-83B3-D99F511F8062}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{A795FE9F-54F0-7768-CE46-3B5E7C8DD558}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{9ACDCA5A-37EA-A0C5-EBFA-CC8D4AFDBD14}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{5EE5B213-E89B-8985-3B77-47FE9C374D05}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{FA36129A-FD3C-6EC1-0059-8E9E9554DDE0}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{AEE95DAC-922F-CFD2-635F-589E42E208C1}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{F7FBDCDE-0CEF-855C-8BCB-7719C0C0F0A1}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{916D4ABF-B38B-DE61-8C77-8D1257DD4F0E}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{EAE08C99-8FA4-873E-19B2-5A6CE37FDA6B}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{4FF4D007-9792-9CBA-D519-0286C663CA63}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{763419CC-AA80-DC75-A9DD-75CB1AB99B20}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{8A801B97-8A84-CDAE-6C34-331FBE45D0BC}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{6BE50FA8-19E5-BEE8-3FF0-F51802201CAA}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{5A6F1854-0D85-8C8B-E241-DB18F866A7B3}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{0116E76D-1568-29A1-6E79-B5D55A4BBD46}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{6FC4EFEF-5AC9-8F4F-8C8A-429054A9FF1E}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{C2BE91D2-5E28-B515-65C2-9C126547000E}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{12176A4D-8169-D264-6AB3-95ABC6297E43}) (Version: 2017.0214.1432.26131 - Advanced Micro Devices, Inc.) Hidden Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.1.1.3444 - Lenovo) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd) DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.3.1.215 - DIAL GmbH) DIAL Data Dispatcher (HKLM-x32\...\DIAL Data Dispatcher1.0) (Version: 1.0 - DIAL GmbH) DIALux evo (x64) (HKLM-x32\...\{5FF70775-5D3A-4A26-B9ED-1BF642E9987C}) (Version: 5.6.2.31925 - DIAL GmbH) Dropbox (HKLM-x32\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10240.11140 - Realtek Semiconductor Corp.) EBP Auto-entrepreneur Pratic 2017 9.0 (OL Technology) (HKLM\...\{C45EF8FA-A18A-412C-811E-AEDD3EBD4014}) (Version: 9.0.0 - EBP) Hidden EBP Auto-entrepreneur Pratic 2017 9.0 (OL Technology) (HKLM-x32\...\EBP Auto-entrepreneur Pratic 2017 9.0 (OL Technology)) (Version: 9.0.0 - EBP) ElcomPDF (HKLM\...\ElcomPDF) (Version: - ) Étude pour l'amélioration du produit HP Deskjet 3050 J610 series (HKLM\...\{837F70EE-29D1-4658-9378-5929DCA51781}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Étude pour l'amélioration du produit HP OfficeJet Pro 7740 series (HKLM\...\{28315657-3DA2-452E-BC1B-861E558EB8A4}) (Version: 39.4.1976.16334 - HP Inc.) FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.) Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Hager prerequisites (HKLM-x32\...\{98C64AD3-6A1D-4737-9ED8-06A73741550C}) (Version: 1.00.0000 - hager) HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) HP Deskjet 3050 J610 series Aide (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard) HP Dropbox Plugin (HKLM-x32\...\{1C7264B6-7275-4F96-A491-5C6C6DA40642}) (Version: 36.0.49.62779 - HP) HP Google Drive Plugin (HKLM-x32\...\{FEDCCE78-0B0F-4864-80BF-D612A7AAF3BA}) (Version: 36.0.49.62779 - HP) HP OfficeJet Pro 7740 series Aide (HKLM-x32\...\{4CD8DBA0-F9EE-4EDC-BD84-B4ECD712CDB9}) (Version: 39.0.0 - HP) HP OneDrive Plugin (HKLM-x32\...\{3DFD3945-1575-478C-B5FD-2A89ABE2D83D}) (Version: 36.0.0.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{D5CFF630-2F9B-4EE5-8F2F-EFBDFCE413CC}) (Version: 12.3.7.0 - HP) iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{2B9448A1-9D0E-4187-B0D5-D78AFAA043DC}) (Version: 18.1.1546.2762 - Intel Corporation) iTunes (HKLM\...\{27F29B96-1914-4F48-BD76-07E98D7832C6}) (Version: 12.7.1.14 - Apple Inc.) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3330.01 - CyberLink Corp.) Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo) Lenovo Solution Center (HKLM\...\{E442BFFD-8406-4C6D-BE7E-0CF6E61EE363}) (Version: 3.2.004.00 - Lenovo) Logiciel de base du périphérique HP Deskjet 3050 J610 series (HKLM\...\{70F37BAB-4F01-4CE6-83D4-8DE1D3BF11CA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Logiciel de base du périphérique HP OfficeJet Pro 7740 series (HKLM\...\{CC2E7C72-04CD-41C7-BB9C-EED8A7903DCA}) (Version: 39.4.1976.16334 - HP Inc.) Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation) Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden Manuels d'utilisateur (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden MEmu (HKLM-x32\...\MEmu) (Version: 2.9.6.1 - Microvirt) Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 FRA (HKLM-x32\...\{AF6919D0-5691-4F35-9D65-54F981013514}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 FRA (HKLM\...\{2906A05E-2D38-4B47-85A2-D3485E372C8F}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 FRA (HKLM\...\{0D4447E0-A261-43A4-AEBC-F76E983901F0}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Project Professionnel 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Ö§¸¶±¦°²È«¿Ø¼þ 4.0.0.101 (HKLM-x32\...\alieditplus) (Version: 4.0.0.101 - Alipay.com Co., Ltd.) OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) PX Profile Update (HKLM-x32\...\{FB8CBBB9-E9C5-A237-90B4-BDE1C276F760}) (Version: 1.00.1. - AMD) Hidden QElectroTech (remove only) (HKLM-x32\...\QElectroTech) (Version: - ) REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.29091 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7767 - Realtek Semiconductor Corp.) SEE Electrical Building Freeware (HKLM-x32\...\{AFF250EF-DC86-4A27-AD22-747065F69D2B}) (Version: 1.2.2 - IGE+XAO) SEE Electrical V5 (HKLM-x32\...\{3348585B-D8A7-4849-8ECC-C0E2173E492A}) (Version: 5.00.0000 - IGE+XAO) Semiolog (HKLM-x32\...\Semiolog2) (Version: - ) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft) SitemapX 1.2 (HKLM-x32\...\SitemapX_is1) (Version: 1.2.11.25 - SitemapX.com) Skype™ 7.25 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.25.106 - Skype Technologies S.A.) TradeManager 2016 (HKLM-x32\...\TradeManager) (Version: - Alibaba (China) Network Technology Co., Ltd.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Utilitaire de mise à jour des logiciels EBP 1.1.3 (HKLM\...\{5E39F2FB-0D5B-413E-903C-3F495017109C}) (Version: 1.1.3 - EBP) Hidden Utilitaire de mise à jour des logiciels EBP 1.1.3 (HKLM-x32\...\Utilitaire de mise à jour des logiciels EBP 1.1.3) (Version: 1.1.3 - EBP) Utopia Box V3 version 3.0 (HKLM-x32\...\{A72FCB0C-EBF2-4882-A96A-48202FF02C7B}_is1) (Version: 3.0 - Abandonware Utopia) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1993566007-3738436700-2765193010-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => Pas de fichier ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-06-11] (Adobe Systems Inc.) ContextMenuHandlers1: [DIALuxShellExtension] -> {F23E3460-D1B1-4F51-8C3D-E5D91E3C71C8} => C:\Program Files\DIAL GmbH\DIALux\Dialux.ShellExtension.x64.dll [2016-11-16] (DIAL GmbH) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ContextMenuHandlers1-x32: [OpenFolder] -> {0DE1378D-F811-40E6-B60A-1CC56F57D3E9} => C:\Program Files (x86)\TradeManager\AliIMExt.dll [2017-03-02] (Alibaba (China) Co., Ltd.) ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-02-14] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igfxDTCM.dll [2016-12-16] (Intel Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-06-11] (Adobe Systems Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0371A975-D85B-474B-84D7-D5ADA3BFDD89} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo) Task: {0B59D038-C7E7-46D8-99A1-8757D08B2635} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-17] (Dropbox, Inc.) Task: {155AF8F4-C9E2-4445-8ABA-9EDE9F6C5B98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.) Task: {2308262B-85CC-498E-96C8-5AAD5C102B42} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ebabafc6-2411-49cb-90ba-d35f3871a9e4 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited) Task: {28E07D71-8842-4F41-B830-D97AA0154B58} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-02-14] (Advanced Micro Devices, Inc.) Task: {2DC39811-9B7B-48FC-82FF-A64A9FAAB589} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-25] (Lenovo) Task: {30328C0A-3A80-42A4-9B70-4182512DDC7F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.) Task: {4062707C-4C4C-45A5-A10E-6ABD4AFC9B10} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2016-01-25] (Lenovo) Task: {60768D64-9C12-4967-A61F-F835B25A5B3F} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {680240A4-EDC7-46A4-928E-2013506BB9D1} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2015-09-30] (CyberLink Corp.) Task: {68F5085D-25B0-464B-950A-D023A3D92751} - System32\Tasks\{0CFB6BC2-388F-4B5E-9F2F-3E078E09EFD8} => C:\WINDOWS\system32\pcalua.exe -a G:\Setup.exe -d G:\ Task: {6B0206ED-31BA-48FC-B89D-1F09746D0344} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService Task: {769D8EF1-ACB2-4453-AE0C-CFB4ABAACEEC} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-16] (Advanced Micro Devices, Inc.) Task: {80205D93-366F-476D-B2A7-5DFA49533260} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-10-19] (Apple Inc.) Task: {831CE68A-0C39-4296-9171-432E801C1EE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.) Task: {87A8FF9D-DAA4-413A-8380-01C13E245343} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {8A0758BF-7021-4446-B8D0-B8C6821C27DE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {8C0CF15B-2AFF-478C-8BEE-F1778DDB57FD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2c055079-f1d0-4a69-8114-cbd4a0fa253c => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited) Task: {90739851-2FDD-4D3D-BA75-4852DD775D35} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\32abe8ac-89a2-4ec6-9d26-0f6f7d0dc9b4 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited) Task: {9364B79B-4576-4255-A548-51649B7B9A8D} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {9F01872D-E263-4B31-8B89-BD8A83CF6F73} - System32\Tasks\{4E7D5CE0-5297-4250-8AA2-51926483C1DE} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\poupi\Desktop\dk2\Setup.exe -d C:\Users\poupi\Desktop\dk2 Task: {A106F4E1-5BCC-49B5-9087-0EC25FBA0F10} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-25] (Lenovo) Task: {B08C923A-8250-4237-A374-19DE9F111427} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo) Task: {B0A7A7E8-1123-4D17-A80C-D9E6E16F09CA} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {B2287786-5A5A-4C14-A496-01ACF4E01A3A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-01-25] (Lenovo) Task: {C69F7930-7BAE-4879-8AF3-1D23C29CBAC9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-17] (Dropbox, Inc.) Task: {CB4294C5-AFD2-426E-8372-9E92B4461DD4} - System32\Tasks\S-1-5-21-1993566007-3738436700-2765193010-1004\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation) Task: {CC61CDD1-F8D8-4E89-A77D-AA90978167D1} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 7740 series => C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\HPCustPartic.exe [2016-11-29] (HP Inc.) Task: {CF79BEFC-780B-4E8D-9194-01C0C4E292DF} - System32\Tasks\S-1-5-21-1993566007-3738436700-2765193010-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation) Task: {D19D70BF-74E3-4E70-BBDB-927D4C1772A5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cceb63d4-b02b-4c81-9ae2-d32e24f6d61d => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited) Task: {D4BB8CA8-3041-4C1F-8BCC-7E9ED0D11E4D} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {D5C1C2FE-0C0B-446F-BA13-24CB38E51402} - System32\Tasks\InstallShield® Update Helper => C:\WINDOWS\system32\wscript.exe //nologo //E:jscript //B "C:\ProgramData\InstallShield\Update\isuspm.ini" <==== ATTENTION Task: {D7FB69C1-8B7B-4FE0-A322-E10349EAD38F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\InstallShield® Update Helper.job => Wscript.exe J/nologo /E:jscript /B C:\ProgramData\InstallShield\Update\isuspm.ini <==== ATTENTION ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-11-28 01:16 - 2008-07-19 15:26 - 000087040 _____ () C:\WINDOWS\System32\custmon64.dll 2016-01-06 20:13 - 2016-01-06 20:13 - 000137712 _____ () C:\WINDOWS\System32\HPCP1020LM.DLL 2016-10-05 18:17 - 2016-10-05 18:17 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-04-11 03:17 - 2017-04-11 03:17 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 2016-06-14 23:18 - 2015-08-19 04:00 - 000058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll 2016-06-14 23:18 - 2015-12-02 09:25 - 000043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll 2017-09-29 14:42 - 2017-09-30 15:41 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-09-29 14:42 - 2017-09-30 15:41 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-09-14 02:19 - 2016-09-14 02:19 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2016-09-14 02:19 - 2016-09-14 02:19 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-09-14 02:19 - 2016-09-14 02:19 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2016-09-14 02:19 - 2016-09-14 02:19 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-09-14 02:18 - 2016-09-14 02:18 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2016-09-14 02:18 - 2016-09-14 02:18 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-09-14 02:19 - 2016-09-14 02:19 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2017-11-29 23:54 - 2017-11-29 23:56 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-11-29 23:54 - 2017-11-29 23:56 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-11-29 23:54 - 2017-11-29 23:57 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-11-29 23:54 - 2017-11-29 23:56 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll 2017-11-29 23:54 - 2017-11-29 23:55 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2017-09-14 12:43 - 2017-09-14 12:43 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-12-06 21:25 - 2017-12-05 02:06 - 000725312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2017-12-06 21:25 - 2017-12-05 02:06 - 002075456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2017-12-06 21:26 - 2017-12-05 02:06 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2017-12-06 21:26 - 2017-12-05 02:08 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-12-06 21:25 - 2017-12-05 02:06 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-12-06 21:25 - 2017-12-05 02:06 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2017-12-06 21:26 - 2017-12-05 02:06 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2017-12-06 21:26 - 2017-12-05 02:08 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2017-12-06 21:25 - 2017-12-05 02:06 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2017-12-06 21:25 - 2017-12-05 02:06 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-12-06 21:26 - 2017-12-05 02:08 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2017-12-06 21:26 - 2017-12-05 02:08 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2017-12-06 21:26 - 2017-12-05 02:09 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd 2017-12-06 21:26 - 2017-12-05 02:08 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2017-12-06 21:26 - 2017-12-05 02:09 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2017-12-06 21:26 - 2017-12-05 02:09 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-12-06 21:26 - 2017-12-05 02:09 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2017-12-06 21:26 - 2017-12-05 02:08 - 000100688 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-12-06 21:26 - 2017-12-05 02:08 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-12-06 21:26 - 2017-12-05 02:09 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-12-06 21:26 - 2017-12-05 02:09 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2017-12-06 21:26 - 2017-12-05 02:06 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2017-12-06 21:26 - 2017-12-05 02:09 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-12-06 21:25 - 2017-12-05 02:06 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-12-06 21:25 - 2017-12-05 02:07 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-12-06 21:25 - 2017-12-05 02:06 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-12-06 21:25 - 2017-12-05 02:07 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2017-12-06 21:26 - 2017-12-05 02:08 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2017-12-06 21:25 - 2017-12-05 02:07 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2017-12-06 21:26 - 2017-12-05 02:09 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2017-12-06 21:25 - 2017-12-05 02:07 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd 2016-12-03 20:29 - 2016-12-03 20:27 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\poupi\Downloads\Photo 26-10-2017 15 29 00.jpg:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\poupi\Downloads\Photo 26-10-2017 15 29 58.jpg:com.dropbox.attributes [168] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\alipay.com -> hxxps://alipay.com IE trusted site: HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\alipay.com -> hxxp://alipay.com IE trusted site: HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\alisoft.com -> hxxps://alisoft.com IE trusted site: HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\alisoft.com -> hxxp://alisoft.com IE trusted site: HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\taobao.com -> hxxps://taobao.com IE trusted site: HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\taobao.com -> hxxp://taobao.com ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-10-30 08:24 - 2017-12-06 22:45 - 000000880 _____ C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 telemetry.malwarebytes.com ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\poupi\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == MSCONFIG\Services: AliSafeEngine Service => 2 HKLM\...\StartupApproved\Run: => "LenovoUtility" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\StartupFolder: => "Alertes de surveillance de l'encre - HP Deskjet 3050 J610 series (réseau).lnk" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\StartupFolder: => "Alertes de surveillance de l'encre - .lnk" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\StartupFolder: => "Anti-Hijacker.lnk" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "AppleIEDAV" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "HP Deskjet 3050 J610 series (NET)" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "aliim" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "ALLPlayer WiFi Remote" HKU\S-1-5-21-1993566007-3738436700-2765193010-1001\...\StartupApproved\Run: => "HP OfficeJet Pro 7740 (NET)" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [TCP Query User{00E5BF2E-6B87-4A64-AA73-12BE2C65CC46}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe FirewallRules: [UDP Query User{E99AD3FB-8DE1-4C47-BAAE-9BB6F452622A}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe FirewallRules: [TCP Query User{9ABC4219-9883-4882-BB9C-8004A30809CA}C:\program files\hp\hp officejet pro 7740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 7740 series\bin\hpnetworkcommunicatorcom.exe FirewallRules: [UDP Query User{6C1D6E19-8673-4429-8895-AEDD428AF76D}C:\program files\hp\hp officejet pro 7740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 7740 series\bin\hpnetworkcommunicatorcom.exe FirewallRules: [TCP Query User{CEC0CECF-B77E-42BF-9B3E-67E223EA1FF4}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe FirewallRules: [UDP Query User{113B0BC7-700B-4736-933D-6398F9D19BD3}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe FirewallRules: [TCP Query User{45A485B8-2EB3-457F-A460-BB3A7774554B}C:\program files\hp\hp officejet pro 7740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 7740 series\bin\hpnetworkcommunicatorcom.exe FirewallRules: [UDP Query User{8AFD6F52-932A-45D3-B3BC-D3E7590A4CE0}C:\program files\hp\hp officejet pro 7740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 7740 series\bin\hpnetworkcommunicatorcom.exe FirewallRules: [TCP Query User{DA3C19D7-41EC-4D63-8BF8-801E95B01F82}C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe FirewallRules: [UDP Query User{19AF0DD7-0AFD-4DF7-B241-694A0F570836}C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe FirewallRules: [{4D5DECB9-B4DE-489B-9E0F-1A8D4DAF1F22}] => (Block) C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe FirewallRules: [{49FFCC03-569D-496A-8ECB-F3FFB4222464}] => (Block) C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe FirewallRules: [{043D2579-BF75-464A-8D62-BEDB4BA44A13}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Points de restauration ========================= 09-12-2017 03:00:01 Point de contrôle planifié 09-12-2017 21:36:49 infection ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Microsoft Wi-Fi Direct Virtual Adapter #3 Description: Carte virtuelle Microsoft Wi-Fi Direct Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (12/09/2017 07:36:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: CDEG-34) Description: Le package Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App a été interrompu, car sa suspension a été trop longue. Error: (12/08/2017 02:51:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante wmiprvse.exe, version : 10.0.16299.15, horodatage : 0xc7c54b6c Nom du module défaillant : KERNELBASE.dll, version : 10.0.16299.15, horodatage : 0x4736733c Code d’exception : 0xe06d7363 Décalage d’erreur : 0x0000000000013fb8 ID du processus défaillant : 0x1bcc Heure de début de l’application défaillante : 0x01d3702ba5102a69 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\wbem\wmiprvse.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 5f1c1160-c262-4ff8-a06f-c4d2539df09d Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (12/08/2017 02:14:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: CDEG-34) Description: Le package Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App a été interrompu, car sa suspension a été trop longue. Error: (12/08/2017 12:47:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ZHPCleaner.exe, version : 2017.12.8.213, horodatage : 0x5a2a450b Nom du module défaillant : ZHPCleaner.exe, version : 2017.12.8.213, horodatage : 0x5a2a450b Code d’exception : 0xc000041d Décalage d’erreur : 0x000710d7 ID du processus défaillant : 0x1b2c Heure de début de l’application défaillante : 0x01d37017b071d5d2 Chemin d’accès de l’application défaillante : E:\ZHPCleaner.exe Chemin d’accès du module défaillant: E:\ZHPCleaner.exe ID de rapport : a1f648eb-90f2-4976-8290-681432dba419 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (12/08/2017 12:45:46 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme ZHPCleaner.exe en raison de cette erreur. Programme : ZHPCleaner.exe Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C0000098 Type du disque : 0 Error: (12/08/2017 12:45:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ZHPCleaner.exe, version : 0.0.0.0, horodatage : 0x5a2a450b Nom du module défaillant : ZHPCleaner.exe, version : 0.0.0.0, horodatage : 0x5a2a450b Code d’exception : 0xc0000006 Décalage d’erreur : 0x000710d7 ID du processus défaillant : 0x1b2c Heure de début de l’application défaillante : 0x01d37017b071d5d2 Chemin d’accès de l’application défaillante : E:\ZHPCleaner.exe Chemin d’accès du module défaillant: E:\ZHPCleaner.exe ID de rapport : 70096d86-9dbe-4993-8d6c-c6eb13cee07d Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (12/08/2017 11:47:03 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements wsp_sr a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from WSP_ReplicationGroupStorageModificationEvent » dont la classe cible « WSP_ReplicationGroupStorageModificationEvent » n’existe pas. La requête sera ignorée. Error: (12/08/2017 11:47:03 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements wsp_sr a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from WSP_ReplicationGroupStorageDepartureEvent » dont la classe cible « WSP_ReplicationGroupStorageDepartureEvent » n’existe pas. La requête sera ignorée. Error: (12/08/2017 11:47:03 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements wsp_sr a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from WSP_ReplicationGroupStorageArrivalEvent » dont la classe cible « WSP_ReplicationGroupStorageArrivalEvent » n’existe pas. La requête sera ignorée. Error: (12/08/2017 11:47:03 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from WSP_ReplicationGroupStorageModificationEvent » dont la classe cible « WSP_ReplicationGroupStorageModificationEvent » n’existe pas. La requête sera ignorée. Erreurs système: ============= Error: (12/09/2017 10:30:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Installer n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (12/09/2017 10:30:57 PM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT) Description: DCOM a reçu l’erreur « 2 » lors de la tentative de démarrage du service MSIServer avec les arguments «  » pour exécuter le serveur : {000C101C-0000-0000-C000-000000000046} Error: (12/09/2017 10:30:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Installer n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (12/09/2017 10:30:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Installer n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (12/09/2017 10:30:56 PM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT) Description: DCOM a reçu l’erreur « 2 » lors de la tentative de démarrage du service MSIServer avec les arguments «  » pour exécuter le serveur : {000C101C-0000-0000-C000-000000000046} Error: (12/09/2017 10:30:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Installer n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (12/09/2017 10:30:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Installer n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (12/09/2017 10:30:55 PM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT) Description: DCOM a reçu l’erreur « 2 » lors de la tentative de démarrage du service MSIServer avec les arguments «  » pour exécuter le serveur : {000C101C-0000-0000-C000-000000000046} Error: (12/09/2017 10:30:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Installer n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (12/09/2017 10:20:40 PM) (Source: Netwtw04) (EventID: 5005) (User: ) Description: Intel(R) Dual Band Wireless-AC 3165 : a rencontré une erreur interne et a échoué. 5005 - Driver internal error CodeIntegrity: =================================== Date: 2017-12-02 00:07:46.289 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-02 00:07:46.288 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-02 00:07:16.471 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-02 00:07:16.469 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-02 00:07:16.243 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-02 00:07:16.241 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-02 00:07:13.235 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-02 00:07:13.233 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-02 00:07:11.605 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2017-12-02 00:07:11.604 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz Pourcentage de mémoire utilisée: 60% Mémoire physique - RAM - totale: 3949.76 MB Mémoire physique - RAM - disponible: 1567.37 MB Mémoire virtuelle totale: 6253.76 MB Mémoire virtuelle disponible: 3582.89 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:891.74 GB) (Free:768.18 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.21 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: A885466B) Partition: GPT. ==================== Fin de Addition.txt ============================