Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27.01.2018 Exécuté par Paty (02-02-2018 16:31:29) Exécuté depuis C:\Users\Paty\Desktop Windows 10 Home Insider Preview Version 1709 17083.1000 (X64) (2018-01-26 16:11:44) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2857391379-4175061016-2965674788-500 - Administrator - Enabled) DefaultAccount (S-1-5-21-2857391379-4175061016-2965674788-503 - Limited - Disabled) Invité (S-1-5-21-2857391379-4175061016-2965674788-501 - Limited - Disabled) Paty (S-1-5-21-2857391379-4175061016-2965674788-1001 - Administrator - Enabled) => C:\Users\Paty WDAGUtilityAccount (S-1-5-21-2857391379-4175061016-2965674788-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) . . (HKLM\...\{E99F3005-A18B-4BF7-B751-7E780C5E87F0}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{26ABF655-7062-4BBB-B954-F21DF44A1D76}) (Version: 2.9.0.2 - Intel) Hidden 3D-Viewer-innoplus (HKLM-x32\...\{B96DB037-DBEA-4186-9081-9CBD537F82E8}) (Version: 14.00.302 - INNOVA-engineering GmbH) 3Planesoft Screensaver Manager 1.1 (HKLM-x32\...\3Planesoft Screensaver Manager_is1) (Version: 1.1 - 3Planesoft) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) 9: Les Ténèbres de Notre-Dame (HKLM-x32\...\BFG-9 - Les Tenebres de Notre-Dame) (Version: - ) A Gnome's Home: Le Sceptre Mystique (HKLM-x32\...\BFG-A Gnome's Home - Le Sceptre Mystique) (Version: - ) Achiwa 2.3.0 (HKLM-x32\...\Achiwa) (Version: 2.3.0 - tibSys SARL) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.) Advanced IP Scanner 2.4 (HKLM-x32\...\{2F9C7771-D05A-4DBB-9736-C6B52E002F15}) (Version: 2.4.3021 - Famatech) Adventure Chronicles: A la Recherche des Trésors Perdus (HKLM-x32\...\BFG-Adventure Chronicles - A la Recherche des Tresors Perdus) (Version: - ) AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung) Amazing Pyramids (HKLM-x32\...\BFG-Amazing Pyramids) (Version: - ) Apple Application Support (32 bits) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Arizona Rose and the Pirates' Riddles (HKLM-x32\...\BFG-Arizona Rose and the Pirates' Riddles) (Version: - ) Around the World in 80 Days (HKLM-x32\...\BFG-Around the World in 80 Days) (Version: - ) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Atlantic Quest: Solitaire (HKLM-x32\...\BFG-Atlantic Quest - Solitaire) (Version: - ) Avalon Legends Solitaire 2 (HKLM-x32\...\BFG-Avalon Legends Solitaire 2) (Version: - ) Azada®: In Libro (HKLM-x32\...\BFG-Azada - In Libro) (Version: - ) B.cloud (HKLM\...\PogoplugBackup) (Version: 5.2.7.13 - Cloud Engines Inc.) Be a King (HKLM-x32\...\BFG-Be a King) (Version: - ) Be a King 2 (HKLM-x32\...\BFG-Be a King 2) (Version: - ) Be a King: Golden Empire (HKLM-x32\...\BFG-Be a King - Golden Empire) (Version: - ) Betternet for Windows (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF4C703740}) (Version: 3.7.4.0 - Betternet Technologies Inc.) Betternet for Windows (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF4C703900}) (Version: 3.9.0.0 - Betternet Technologies Inc.) Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - ) Bizagi Modeler (HKLM\...\{678285E9-FA95-4851-8E2D-0CA61A61B5FD}) (Version: 3.0.0022 - Bizagi Limited) Hidden Bizagi Modeler (HKLM-x32\...\InstallShield_{678285E9-FA95-4851-8E2D-0CA61A61B5FD}) (Version: 3.0.0022 - Bizagi Limited) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Bookworm Adventures (HKLM-x32\...\BFG-Bookworm Adventures) (Version: - ) Bookworm Deluxe (HKLM-x32\...\BFG-Bookworm Deluxe) (Version: - ) Build-a-lot 3: Passport to Europe (HKLM-x32\...\BFG-Build-a-lot 3 - Passport to Europe) (Version: - ) Build-a-Lot 4: Power Source (HKLM-x32\...\BFG-Build-a-Lot 4 - Power Source) (Version: - ) Build-a-lot: On Vacation (HKLM-x32\...\BFG-Build-a-lot - On Vacation) (Version: - ) Build-a-Lot: The Elizabethan Era (HKLM-x32\...\BFG-Build-a-Lot - The Elizabethan Era) (Version: - ) Cajun Cop: Le Casse des Bijouteries (HKLM-x32\...\BFG-Cajun Cop - Le Casse des Bijouteries) (Version: - ) Call of Atlantis: Treasures of Poseidon (HKLM-x32\...\BFG-Call of Atlantis - Treasures of Poseidon) (Version: - ) Call of the Ages (HKLM-x32\...\BFG-Call of the Ages) (Version: - ) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) Castle: Ne Vous Fiez Pas Aux Apparences (HKLM-x32\...\BFG-Castle - Ne Vous Fiez Pas Aux Apparences) (Version: - ) CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - ) Christmas Stories: Casse-Noisette (HKLM-x32\...\BFG-Christmas Stories - Casse-Noisette) (Version: - ) Christmas Stories: Le Soldat de Plomb d'après H. C. Andersen (HKLM-x32\...\BFG-Christmas Stories - Le Soldat de Plomb d apres H C Andersen) (Version: - ) Chronicles of Mystery: Secret of the Lost Kingdom (HKLM-x32\...\BFG-Chronicles of Mystery - Secret of the Lost Kingdom) (Version: - ) Chroniques de la Contrée d'Emerland Solitaire (HKLM-x32\...\BFG-Chroniques de la Contree d'Emerland Solitaire) (Version: - ) ClassPad Manager Subscription for ClassPad II Series (HKLM-x32\...\{EC998026-463A-48DC-AD5B-99933135A9E0}) (Version: 02.00.4000.0000 - CASIO COMPUTER CO., LTD.) Columbus: Le Fantôme de la Pierre Mystérieuse (HKLM-x32\...\BFG-Columbus - Le Fantome de la Pierre Mysterieuse) (Version: - ) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.43.53 - Conexant) Conforama_Cuisine_3D (HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\SquareClock_Production_Home_Conforama) (Version: - 3DVIA Dassault Systemes) Construction de la Grande Muraille de Chine (HKLM-x32\...\BFG-Construction de la Grande Muraille de Chine) (Version: - ) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dark Parables: La Petite Sirène et la Marée Mauve (HKLM-x32\...\BFG-Dark Parables - La Petite Sirene et la Maree Mauve) (Version: - ) Dark Parables: Le Prince Maudit (HKLM-x32\...\BFG-Dark Parables - Le Prince Maudit) (Version: - ) Dark Parables: L'Ordre du Chaperon Rouge (HKLM-x32\...\BFG-Dark Parables - L'Ordre du Chaperon Rouge) (Version: - ) Death at Fairing Point: Un Roman de Dana Knightstone (HKLM-x32\...\BFG-Death at Fairing Point - Un Roman de Dana Knightstone) (Version: - ) Demigods (HKLM-x32\...\BFG-Demigods) (Version: - ) Démo Azimut35 (HKLM-x32\...\{068EC8FA-95CE-4617-8325-CE5AF7C222CE}) (Version: 9.25 - Patrick Le Guen) DisplayLink Graphics Driver (HKLM\...\{9CB3871D-C815-43F3-8EEB-141FEAAB5DD3}) (Version: 8.3.1908.0 - DisplayLink Corp.) Dragon Crossroads (HKLM-x32\...\BFG-Dragon Crossroads) (Version: - ) DriversCloud.com (64 bits) (HKLM\...\{C514B5EE-C8E6-43C9-AFB9-6C1A7B3429E1}) (Version: 10.0.4.0 - Cybelsoft) Dropbox (HKLM-x32\...\Dropbox) (Version: 34.4.22 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden DTS Sound (HKLM-x32\...\{793B70D2-41E9-46AB-9DDC-B34C99D07DB5}) (Version: 1.02.4100 - DTS, Inc.) e-Carte Bleue La Banque Postale (HKLM-x32\...\{73734A45-6D87-4624-9EE9-8CC9291FFC12}) (Version: 5.6.0.0 - e-Carte Bleue La Banque Postale) Echoes of the Past: Le Château des Ombres (HKLM-x32\...\BFG-Echoes of the Past - Le Chateau des Ombres) (Version: - ) Echoes of the Past: Le Guérisseur-Loup (HKLM-x32\...\BFG-Echoes of the Past - Le Guerisseur-Loup) (Version: - ) Elven Legend 2: The Bewitched Tree (HKLM-x32\...\BFG-Elven Legend 2 - The Bewitched Tree) (Version: - ) Elven Legend 3: The New Menace (HKLM-x32\...\BFG-Elven Legend 3 - The New Menace) (Version: - ) Encyclopaedia Universalis 2014 (HKLM-x32\...\Encyclopaedia Universalis 2014) (Version: 2014.1.0.0 - Encyclopaedia Universalis) Encyclopaedia Universalis 2018 (HKLM-x32\...\Encyclopaedia Universalis 2018) (Version: 2018.1.0.0 - Encyclopaedia Universalis) Enregistrement utilisateur de Canon MG5200 series (HKLM-x32\...\Enregistrement utilisateur de Canon MG5200 series) (Version: - ) Fable of Dwarfs (HKLM-x32\...\BFG-Fable of Dwarfs) (Version: - ) Fables of the Kingdom (HKLM-x32\...\BFG-Fables of the Kingdom) (Version: - ) Faded Reality (HKLM-x32\...\BFG-Faded Reality) (Version: - ) Fill And Cross Christmas Riddles (HKLM-x32\...\BFG-Fill And Cross Christmas Riddles) (Version: - ) Fill and Cross Pirate Riddles (HKLM-x32\...\BFG-Fill and Cross Pirate Riddles) (Version: - ) Fireside Christmas 3D Screensaver 1.0 (HKLM-x32\...\Fireside Christmas 3D Screensaver_is1) (Version: 1.0 - 3Planesoft) Foldit (HKLM-x32\...\Foldit) (Version: - ) Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gardenscapes (HKLM-x32\...\BFG-Gardenscapes) (Version: - ) Gardenscapes 2 (HKLM-x32\...\BFG-Gardenscapes 2) (Version: - ) Gardenscapes: Mansion Makeover™ (HKLM-x32\...\BFG-Gardenscapes - Mansion Makeover) (Version: - ) Geneanet Upload (HKLM-x32\...\Geneanet Upload) (Version: 1.2.1 - Geneanet) Gestionnaire de téléchargement Microsoft (HKLM-x32\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation) Ghostery (HKLM-x32\...\Ghostery) (Version: - Ghostery Inc) Gizmos: Aventures Terrifiantes (HKLM-x32\...\BFG-Gizmos - Aventures Terrifiantes) (Version: - ) Gizmos: Esprit de Noël (HKLM-x32\...\BFG-Gizmos - Esprit de Noel) (Version: - ) Gizmos: L’énigme de l’univers (HKLM-x32\...\BFG-Gizmos - L enigme de l univers) (Version: - ) Golden Trails 2 : L'Héritage Perdu Edition Collector (HKLM-x32\...\BFG-Golden Trails 2 - L'Heritage Perdu Edition Collector) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.) Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden HashTab 6.0.0.28 (HKLM\...\HashTab) (Version: 6.0.0.28 - Implbits Software) Haunted Legends: Le Livre des Souhaits (HKLM-x32\...\BFG-Haunted Legends - Le Livre des Souhaits) (Version: - ) Hero of the Kingdom II (HKLM-x32\...\BFG-Hero of the Kingdom II) (Version: - ) Hidden World (HKLM-x32\...\BFG-Hidden World) (Version: - ) HitmanPro 3.7 (HKLM\...\HitmanPro38) (Version: 3.8.0.292 - SurfRight B.V.) Hotspot 4G BTelecom (HKLM-x32\...\Hotspot 4G BTelecom) (Version: 1.12.00.479 - Huawei Technologies Co.,Ltd) iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.) Incredible Dracula: Chasing Love (HKLM-x32\...\BFG-Incredible Dracula - Chasing Love) (Version: - ) IncrediMail (HKLM-x32\...\{5C083736-2916-4D06-BCE9-4F981EA53AEC}) (Version: 6.6.0.5328 - IncrediMail) Hidden IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5328 - IncrediMail Ltd.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{e0c04d85-bdcb-4572-ac96-c3e248f87a87}) (Version: 2.9.0.2 - Intel) iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kingdom Chronicles (HKLM-x32\...\BFG-Kingdom Chronicles) (Version: - ) Kingdom Tales (HKLM-x32\...\BFG-Kingdom Tales) (Version: - ) Kingdom Tales 2 (HKLM-x32\...\BFG-Kingdom Tales 2) (Version: - ) Kingdom Tales 2 (HKLM-x32\...\WTA-73a19fd1-8011-4dcb-b0e9-454d562bfb5b) (Version: 3.0.2.59 - WildTangent) Hidden Légende d'Elven (HKLM-x32\...\BFG-Legende d Elven) (Version: - ) Legends of Atlantis: Exodus (HKLM-x32\...\BFG-Legends of Atlantis - Exodus) (Version: - ) Legends of Solitaire: La Malédiction Draconique (HKLM-x32\...\BFG-Legends of Solitaire - La Malediction Draconique) (Version: - ) Les Trésors de l'île Mystérieuse: Le Vaisseau Fantôme (HKLM-x32\...\BFG-Les Tresors de l'ile Mysterieuse - Le Vaisseau Fantome) (Version: - ) Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{26c576b1-592d-4155-b546-d623123cbe8c}) (Version: 10.1.2.86 - Intel(R) Corporation) Hidden Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Lost Chronicles: Salem (HKLM-x32\...\BFG-Lost Chronicles - Salem) (Version: - ) Love Chronicles: La Rose et l'Epée Edition Collector (HKLM-x32\...\BFG-Love Chronicles - La Rose et l'Epee Edition Collector) (Version: - ) Magic Cards Solitaire (HKLM-x32\...\BFG-Magic Cards Solitaire) (Version: - ) Mahjongg Dimensions Deluxe (HKLM-x32\...\BFG-Mahjongg Dimensions Deluxe) (Version: - ) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.8827.2148 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\OneDriveSetup.exe) (Version: 17.005.0107.0004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Millennium Secrets: Le Collier de Roxanne (HKLM-x32\...\BFG-Millennium Secrets - Le Collier de Roxanne) (Version: - ) MiniTool Partition Wizard 10.2.2 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) Module complémentaire de navigateur pour la désactivation de Google Analytics (HKLM\...\{0841EE67-124A-496E-BD27-3BA36191B57B}) (Version: 0.9.6.0 - Google Inc.) Module de compatibilité pour Microsoft Office System 2007 (HKLM-x32\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Monument Builders: Titanic (HKLM-x32\...\BFG-Monument Builders - Titanic) (Version: - ) Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 39.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla) Mummy's Treasure (HKLM-x32\...\BFG-Mummy's Treasure) (Version: - ) My Kingdom for the Princess (HKLM-x32\...\BFG-My Kingdom for the Princess) (Version: - ) My Kingdom for the Princess II (HKLM-x32\...\BFG-My Kingdom for the Princess II) (Version: - ) My Kingdom for the Princess III (HKLM-x32\...\BFG-My Kingdom for the Princess III) (Version: - ) My Vapor Record 1.4 (HKLM-x32\...\My Vapor Record 1.4) (Version: - ) Mystery Case Files: Dire Grove, Forêt Sacrée (HKLM-x32\...\BFG-Mystery Case Files - Dire Grove Foret Sacree) (Version: - ) Nightmare Adventures: Le Fardeau des Wystwick (HKLM-x32\...\BFG-Nightmare Adventures - Le Fardeau des Wystwick) (Version: - ) Northern Tale (HKLM-x32\...\BFG-Northern Tale) (Version: - ) Northern Tale 2 (HKLM-x32\...\BFG-Northern Tale 2) (Version: - ) Northern Tale 2 (HKLM-x32\...\WTA-9188f91e-abdb-48ba-bfa0-effced02ee39) (Version: 3.0.2.59 - WildTangent) Hidden Northern Tale 3 (HKLM-x32\...\BFG-Northern Tale 3) (Version: - ) Northern Tale 4 (HKLM-x32\...\BFG-Northern Tale 4) (Version: - ) Northern Tale 4 (HKLM-x32\...\WTA-b111c5c5-bd73-439c-ae7e-2e3d02365ae6) (Version: 3.0.2.59 - WildTangent) Hidden Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team) Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden OpenOffice 4.1.2 (HKLM-x32\...\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}) (Version: 4.12.9782 - Apache Software Foundation) OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - ) Order of the Rose (HKLM-x32\...\BFG-Order of the Rose) (Version: - ) Outta This Kingdom (HKLM-x32\...\BFG-Outta This Kingdom) (Version: - ) Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security) Patricia's Quest for Sun (HKLM-x32\...\BFG-Patricia's Quest for Sun) (Version: - ) Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.) PhotoStation Creation (HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\PhotoStation Creation) (Version: PhotoStation Creation 3.3.0 - CGIN) Pirate Chronicles Édition Collector (HKLM-x32\...\BFG-Pirate Chronicles Edition Collector) (Version: - ) PrivateVpn (HKLM-x32\...\{23A36C4E-1BE1-4E6A-BDCE-A7F5BC16F4B0}) (Version: 2.2.4 - Privat Kommunikation AB) Hidden PrivateVPN Client (HKLM-x32\...\{ad5181a2-6641-4bfe-b522-8d0f76714c35}) (Version: 2.2.4 - Privat Kommunikation AB) Protection Center (HKLM-x32\...\{1DDF0BBC-440C-446E-BB6A-594D2FD44DC6}) (Version: 6.0.0.1076 - IncrediMail) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Regency Solitaire (HKLM-x32\...\BFG-Regency Solitaire) (Version: - ) Roads of Rome II (HKLM-x32\...\BFG-Roads of Rome II) (Version: - ) Roads of Rome III (HKLM-x32\...\BFG-Roads of Rome III) (Version: - ) Royal Envoy (HKLM-x32\...\BFG-Royal Envoy) (Version: - ) Royal Envoy 2 (HKLM-x32\...\BFG-Royal Envoy 2) (Version: - ) Royal Envoy 3 (HKLM-x32\...\BFG-Royal Envoy 3) (Version: - ) Royal Envoy: Campaign for the Crown (HKLM-x32\...\BFG-Royal Envoy - Campaign for the Crown) (Version: - ) Rush for Gold: Alaska (HKLM-x32\...\BFG-Rush for Gold - Alaska) (Version: - ) Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd) Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.6.5.13 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Secrets of the Dark: Domaine de la Peur (HKLM-x32\...\BFG-Secrets of the Dark - Domaine de la Peur) (Version: - ) Seven Seas Solitaire (HKLM-x32\...\BFG-Seven Seas Solitaire) (Version: - ) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.) Solitaire Chevalier 2 (HKLM-x32\...\BFG-Solitaire Chevalier 2) (Version: - ) Solitaire Chevalier 3 (HKLM-x32\...\BFG-Solitaire Chevalier 3) (Version: - ) Solitaire de Fêtes Pâques (HKLM-x32\...\BFG-Solitaire de Fetes Paques) (Version: - ) Solitaire du Père Noël (HKLM-x32\...\BFG-Solitaire du Pere Noel) (Version: - ) Solitaire Mystery: Four Seasons (HKLM-x32\...\BFG-Solitaire Mystery - Four Seasons) (Version: - ) Solitaire Mystery: Stolen Power (HKLM-x32\...\BFG-Solitaire Mystery - Stolen Power) (Version: - ) Solitaire Noël (HKLM-x32\...\BFG-Solitaire Noel) (Version: - ) Solitaire Pique-Nique Victorien (HKLM-x32\...\BFG-Solitaire Pique-Nique Victorien) (Version: - ) Solitaire Pirate (HKLM-x32\...\BFG-Solitaire Pirate) (Version: - ) Solitaire Pirate 2 (HKLM-x32\...\BFG-Solitaire Pirate 2) (Version: - ) Solitaire Pirate 3 (HKLM-x32\...\BFG-Solitaire Pirate 3) (Version: - ) Strimko (HKLM-x32\...\BFG-Strimko) (Version: - ) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated) Tales of the Orient: Le Soleil Levant (HKLM-x32\...\BFG-Tales of the Orient - Le Soleil Levant) (Version: - ) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Terres Oubliées: Première Colonie (HKLM-x32\...\BFG-Terres Oubliees - Premiere Colonie) (Version: - ) The Beardless Wizard (HKLM-x32\...\BFG-The Beardless Wizard) (Version: - ) The Far Kingdoms: Winter Solitaire (HKLM-x32\...\BFG-The Far Kingdoms - Winter Solitaire) (Version: - ) The Legend of Sanna: La Naissance d'un Grand Royaume (HKLM-x32\...\BFG-The Legend of Sanna - La Naissance d'un Grand Royaume) (Version: - ) The Rise of Atlantis (HKLM-x32\...\BFG-The Rise of Atlantis) (Version: - ) The TimeBuilders: Pyramid Rising II (HKLM-x32\...\BFG-The TimeBuilders - Pyramid Rising II) (Version: - ) Times of Vikings (HKLM-x32\...\BFG-Times of Vikings) (Version: - ) TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA) TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.18.6 - Toshiba Corporation) TOSHIBA Audio Enhancement (HKLM-x32\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.18.6 - Toshiba Corporation) TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.08.6402 - Toshiba Corporation) TOSHIBA Display Utility (HKLM\...\{0B39C39A-3ECE-4582-9C91-842D22819A24}) (Version: - ) TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.0.6406 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{ABB33FFD-6D6C-4670-9EF4-6181BB4D0DF2}) (Version: 1.1.15.6404 - Toshiba Corporation) TOSHIBA Gesture Controller (HKLM-x32\...\{D2484156-5F50-46CA-994A-3EC35F891950}) (Version: 4.0.110.0 - Toshiba Corporation) TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA) TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 5.0.1.0 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 5.01.03.6403 - Toshiba Corporation) TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.11.1 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{4E688A2F-C4FB-4606-9282-1045B79CBFE2}) (Version: 2.6.16.0 - Toshiba Corporation) TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 3.0.1.0 - TOSHIBA) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation) TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.0.6.6401 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation) Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH) TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.50.2 - Toshiba Corporation) Tu Vi 3.0 démo (HKLM-x32\...\{CABCCEE5-E6AE-49B1-853D-0B57AC756AD1}) (Version: 3.0 - Sma) Unknown Device Identifier 9.01 (HKLM\...\Unknown Device Identifier_is1) (Version: 9.01 - Huntersoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden ViewRight Web PC 3.6.0.0 (HKLM-x32\...\{27961C9F-1965-48D9-A579-40F8EBEA0603}) (Version: 3.6.0.0 - Verimatrix, Inc.) VirginMega ItunesSynchro (HKLM-x32\...\{AFBEA7A1-88B1-4236-F431-7E43622ACB1C}) (Version: 3.0.7 - VirginMega) Hidden VirginMega ItunesSynchro (HKLM-x32\...\VirginMega.ItunesSynchro) (Version: 3.0.7 - VirginMega) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WD Backup (HKLM-x32\...\{457EB8FA-4E11-48FC-A17B-7E8AD8AA99F2}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc) Hidden WD Backup (HKLM-x32\...\{6cbbe2b9-c94a-400c-92cd-14859a8e4808}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc.) WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{EDBCC917-ADE2-4470-83F1-D0A233D9495C}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden Weather Lord (HKLM-x32\...\BFG-Weather Lord) (Version: - ) Weather Lord: Following the Princess (HKLM-x32\...\BFG-Weather Lord - Following the Princess) (Version: - ) Weather Lord: Hidden Realm (HKLM-x32\...\BFG-Weather Lord - Hidden Realm) (Version: - ) Weather Lord: Legendary Hero! (HKLM-x32\...\BFG-Weather Lord - Legendary Hero) (Version: - ) When In Rome (HKLM-x32\...\BFG-When In Rome) (Version: - ) Who Is On My Wifi version 4.0.4 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 4.0.4 - IO3O LLC) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.11.14 - WildTangent) Hidden Win10Pcap (HKLM-x32\...\{B5B58F8A-1984-4F3E-B400-235A6E005002}) (Version: 10.2.5002 - Daiyuu Nobori, University of Tsukuba, Japan) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Media Player Yule Log Visualization (HKLM-x32\...\{47CEA7F4-73CA-4E15-BF14-BCB857EAEF53}) (Version: 1.0.1 - Sean Alexander and Microsoft) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) Witches' Legacy: La Reine des Sorcières (HKLM-x32\...\BFG-Witches Legacy - La Reine des Sorcieres) (Version: - ) Word Mojo Gold (HKLM-x32\...\BFG-Word Mojo Gold) (Version: - ) Word Monaco (HKLM-x32\...\BFG-Word Monaco) (Version: - ) World Mosaics 7 (HKLM-x32\...\BFG-World Mosaics 7) (Version: - ) World Riddles: Seven Wonders (HKLM-x32\...\BFG-World Riddles - Seven Wonders) (Version: - ) Zuma Deluxe (HKLM-x32\...\BFG-Zuma Deluxe) (Version: - ) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2857391379-4175061016-2965674788-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-03-08] () ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-07-08] (Apple Inc.) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-14] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0794E4C8-837E-48E8-BDBF-19A9D7A50BF5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {07D40B78-175E-4025-97AC-A0FBF98C81BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {127E3CF3-EC78-487E-AD9E-B34ABB37B004} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe Task: {1658830E-971E-4DE8-A348-D37306234BF2} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] () Task: {17BEA35A-D2CF-465C-9DBB-5DEFD99A18BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.) Task: {1ABC7D1A-143E-41DE-B515-4922B4F803FF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {1FB93B93-D38E-4443-9C3F-0BF07FC3031C} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-11-17] (Toshiba Europe GmbH) Task: {220F953C-5964-45A9-9A1E-B97BED180986} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [2015-05-27] () Task: {29A0E5CC-50C0-4F8B-A955-BCFBD1A3177A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-22] (Microsoft Corporation) Task: {30FA0033-FD6D-44A8-93C4-6CB619D711D9} - \WPD\SqmUpload_S-1-5-21-2857391379-4175061016-2965674788-1001 -> Pas de fichier <==== ATTENTION Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3AE7C9E7-8BC5-428B-BB8C-2C6B0344A275} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION Task: {4061FF4E-CDC6-4ED2-AD78-E066971BFC71} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry Task: {439B6DE1-58F7-48A1-AD8B-5B1EBC6CD269} - \Microsoft\XblGameSave\XblGameSaveTask\Logon -> Pas de fichier <==== ATTENTION Task: {43FBDCA5-42D9-43C8-B1A9-BE395C943DB9} - System32\Tasks\{A1CA63F3-F0D6-414B-9896-C95359433CC9} => C:\Windows\system32\pcalua.exe -a C:\Users\Paty\Downloads\picturevizII.exe -d C:\Users\Paty\Desktop Task: {4797774C-ED9C-431D-89EE-11C3D0B6295C} - \Microsoft\Windows\UNP\Campaigns\{3D2E6D6C-D655-43CB-B39B-D2B876D9E480}\ExperienceTargeted\Unlock -> Pas de fichier <==== ATTENTION Task: {4CE95890-B968-4893-A45A-F1DF4FAB2E5D} - System32\Tasks\{F9019E58-2A97-4D3B-80E6-437F5D024C2A} => C:\Windows\system32\pcalua.exe -a F:\PortablePhotoshop7\Portable_PS_7.exe -d F:\PortablePhotoshop7 Task: {5385DBDF-1996-4846-81DE-EB15CF15D8CB} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates Task: {55C1C2B3-8123-491C-9EEF-9AA9D53EECC6} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates Task: {6B1BC7FA-BCD0-47E7-901C-EBD7005213AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {6C2EE5D6-BBBB-4BE1-86A9-CB2E8119B1FA} - \Microsoft\Windows\UNP\Campaigns\{3D2E6D6C-D655-43CB-B39B-D2B876D9E480}\ExperienceTargeted\Logon -> Pas de fichier <==== ATTENTION Task: {6C6455F1-A33D-4CFD-882C-5571A3CDF348} - System32\Tasks\{904FCA10-ECBB-4A7D-9158-8490DB76A359} => C:\Windows\system32\pcalua.exe -a D:\Imageviewer_Fnac\run_app.exe -d D:\ Task: {6DEB3998-170C-4A17-B5CA-EC3679527DCF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-22] (Microsoft Corporation) Task: {6E783C59-8760-49FA-AC73-3239ADA60251} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation Task: {70A9BD9F-BF68-4A6A-95D6-7F230D03D5AF} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback Task: {729AFB2A-CF12-4CDC-8BD2-30F58E3B75DD} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2018-01-20] (Microsoft Corporation) Task: {73771B0E-BDE1-4FB5-A54C-870C6E4CEFCE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation) Task: {8AA70CD2-C801-4144-A88D-272B8595E201} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {97B43A29-98D6-46C7-BC1B-91A071A191A3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-22] (Microsoft Corporation) Task: {9B09C66C-34C5-4BC2-A2BD-344A4759A1B1} - System32\Tasks\{A52C3575-DB9C-402A-8B02-10174D751117} => C:\Windows\system32\pcalua.exe -a C:\Users\Paty\Downloads\SoftyVisII.exe -d C:\Users\Paty\Desktop Task: {9F1E3043-661F-4E45-A6D7-0B0491AC8BAF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {AF551C72-F29C-4215-B518-B4A078F4123D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {B429CC14-7D12-4209-98D5-E7B0F6D9A7CC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {BE08226F-1763-4F0F-8B6A-B77D56631E09} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2018-01-20] (Microsoft Corporation) Task: {C16055D6-041E-46B4-AF7C-BCBD6E928B41} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.) Task: {CB730F69-8652-4BEB-AC22-40530153C943} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs" Task: {CFC69A44-151C-4ACB-A6A4-435747DEEC66} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {D2E6E647-A759-4633-B0B5-C671CEDABFA7} - \Microsoft\Windows\UNP\Campaigns\{3D2E6D6C-D655-43CB-B39B-D2B876D9E480}\ExperienceTargeted\OnIdle -> Pas de fichier <==== ATTENTION Task: {E15D0692-401F-477B-A71E-D377FC1D0682} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {E1BA6C6C-558C-4789-AB40-C16A88813DBC} - System32\Tasks\{6EEE9446-5A6C-413B-B0BF-1286A8D3C453} => C:\Windows\system32\pcalua.exe -a C:\Users\Paty\Downloads\T3vis.exe -d C:\Users\Paty\Desktop Task: {E2F532A7-639C-4893-BBEB-16B84ED718D8} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources Task: {E400356D-D639-49F6-806D-B1933FB73801} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {E70A0862-8414-4198-9B6B-46999DE5D34E} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-01-20] () Task: {E8EA977E-800D-486F-B0BE-B2B1A5493A48} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates Task: {E9B7C0D2-0996-4FDE-BBC4-31C921345A13} - System32\Tasks\S-1-5-21-2857391379-4175061016-2965674788-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-01-20] (Microsoft Corporation) Task: {EF554E27-984D-4E71-895D-C094FA000491} - System32\Tasks\{E45E92B8-4784-46E8-AD2B-E7868FE243D3} => C:\Windows\system32\pcalua.exe -a D:\start.exe -d D:\ Task: {F11FF685-E1C0-4524-A232-B12AA37D9D83} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser Task: {F19DB787-4ADB-4C64-8C11-0EB031337021} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation) Task: {F21C9A8E-B384-4E73-B458-E74448E7FC7A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation) Task: {F23A2EFE-1918-4732-A8DB-E9FE0F4FDE67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {FCCDF3F4-E705-4E65-8CE6-8500F0AA6FB1} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {FD8A9801-86ED-4B7F-B81B-60E4C43A557E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {FFE6EDC5-75C2-4A93-B272-D7402C674A99} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2018-01-20 16:50 - 2018-01-20 16:50 - 000456080 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-01-20 16:50 - 2018-01-20 16:50 - 000471552 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-01-20 16:50 - 2018-01-20 16:50 - 002520576 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2017-03-08 03:42 - 2017-03-08 03:42 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2018-01-20 16:51 - 2018-01-21 05:05 - 002113024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2012-07-18 17:38 - 2012-07-18 17:38 - 000020904 _____ () C:\Program Files\TOSHIBA\System Setting\SmoothView.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\WINDOWS\system32\Drivers\hykqzatr.sys:changelist [1210] AlternateDataStreams: C:\ProgramData\TEMP:04B053B3 [250] AlternateDataStreams: C:\ProgramData\TEMP:063969F8 [209] AlternateDataStreams: C:\ProgramData\TEMP:07C99568 [123] AlternateDataStreams: C:\ProgramData\TEMP:099E4813 [237] AlternateDataStreams: C:\ProgramData\TEMP:09AEED56 [231] AlternateDataStreams: C:\ProgramData\TEMP:0ACF1AF5 [132] AlternateDataStreams: C:\ProgramData\TEMP:0ADCCF52 [247] AlternateDataStreams: C:\ProgramData\TEMP:0E22C5DB [219] AlternateDataStreams: C:\ProgramData\TEMP:109BD730 [134] AlternateDataStreams: C:\ProgramData\TEMP:13765436 [218] AlternateDataStreams: C:\ProgramData\TEMP:15381DB9 [132] AlternateDataStreams: C:\ProgramData\TEMP:18345E10 [252] AlternateDataStreams: C:\ProgramData\TEMP:258D2F8B [149] AlternateDataStreams: C:\ProgramData\TEMP:2652902F [223] AlternateDataStreams: C:\ProgramData\TEMP:2701CA70 [239] AlternateDataStreams: C:\ProgramData\TEMP:2A6DC3A2 [235] AlternateDataStreams: C:\ProgramData\TEMP:2BFD5B04 [235] AlternateDataStreams: C:\ProgramData\TEMP:2C86E2AD [412] AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134] AlternateDataStreams: C:\ProgramData\TEMP:2F539966 [236] AlternateDataStreams: C:\ProgramData\TEMP:2F947175 [225] AlternateDataStreams: C:\ProgramData\TEMP:30AAD6AF [231] AlternateDataStreams: C:\ProgramData\TEMP:32AA69ED [237] AlternateDataStreams: C:\ProgramData\TEMP:33CE1BF1 [129] AlternateDataStreams: C:\ProgramData\TEMP:35629AE6 [136] AlternateDataStreams: C:\ProgramData\TEMP:366B74CA [234] AlternateDataStreams: C:\ProgramData\TEMP:38D2EA83 [227] AlternateDataStreams: C:\ProgramData\TEMP:38FF076E [235] AlternateDataStreams: C:\ProgramData\TEMP:3A4676D7 [251] AlternateDataStreams: C:\ProgramData\TEMP:3ADE134E [239] AlternateDataStreams: C:\ProgramData\TEMP:3B75B877 [233] AlternateDataStreams: C:\ProgramData\TEMP:3DB6F365 [216] AlternateDataStreams: C:\ProgramData\TEMP:40773738 [492] AlternateDataStreams: C:\ProgramData\TEMP:41B2DADD [410] AlternateDataStreams: C:\ProgramData\TEMP:432EC713 [141] AlternateDataStreams: C:\ProgramData\TEMP:46A2F27B [125] AlternateDataStreams: C:\ProgramData\TEMP:4C4BD66D [243] AlternateDataStreams: C:\ProgramData\TEMP:4C71A42B [232] AlternateDataStreams: C:\ProgramData\TEMP:4E938256 [135] AlternateDataStreams: C:\ProgramData\TEMP:5279F7BF [296] AlternateDataStreams: C:\ProgramData\TEMP:57173DB4 [232] AlternateDataStreams: C:\ProgramData\TEMP:57DFBE4E [223] AlternateDataStreams: C:\ProgramData\TEMP:581B0446 [195] AlternateDataStreams: C:\ProgramData\TEMP:5AE33054 [228] AlternateDataStreams: C:\ProgramData\TEMP:5CD70138 [249] AlternateDataStreams: C:\ProgramData\TEMP:5D10C56A [214] AlternateDataStreams: C:\ProgramData\TEMP:5D1BA9DE [496] AlternateDataStreams: C:\ProgramData\TEMP:5E13B54C [226] AlternateDataStreams: C:\ProgramData\TEMP:62CB5A85 [498] AlternateDataStreams: C:\ProgramData\TEMP:67842DB7 [248] AlternateDataStreams: C:\ProgramData\TEMP:68A41423 [220] AlternateDataStreams: C:\ProgramData\TEMP:6915E961 [512] AlternateDataStreams: C:\ProgramData\TEMP:6A9AB738 [145] AlternateDataStreams: C:\ProgramData\TEMP:6B251180 [255] AlternateDataStreams: C:\ProgramData\TEMP:6BF0805F [205] AlternateDataStreams: C:\ProgramData\TEMP:6C724D09 [128] AlternateDataStreams: C:\ProgramData\TEMP:708BB0FA [123] AlternateDataStreams: C:\ProgramData\TEMP:7804B508 [482] AlternateDataStreams: C:\ProgramData\TEMP:784B20D3 [245] AlternateDataStreams: C:\ProgramData\TEMP:79C6A9CE [249] AlternateDataStreams: C:\ProgramData\TEMP:7ADA8871 [498] AlternateDataStreams: C:\ProgramData\TEMP:7B52659E [432] AlternateDataStreams: C:\ProgramData\TEMP:7BB584AA [240] AlternateDataStreams: C:\ProgramData\TEMP:7D288858 [141] AlternateDataStreams: C:\ProgramData\TEMP:7DB56DCB [140] AlternateDataStreams: C:\ProgramData\TEMP:7DEE2F6C [240] AlternateDataStreams: C:\ProgramData\TEMP:803039D6 [235] AlternateDataStreams: C:\ProgramData\TEMP:81943D40 [250] AlternateDataStreams: C:\ProgramData\TEMP:82756AB7 [498] AlternateDataStreams: C:\ProgramData\TEMP:8525283D [128] AlternateDataStreams: C:\ProgramData\TEMP:8751B175 [251] AlternateDataStreams: C:\ProgramData\TEMP:89FC8EEB [243] AlternateDataStreams: C:\ProgramData\TEMP:8AC20936 [223] AlternateDataStreams: C:\ProgramData\TEMP:8BE7A048 [229] AlternateDataStreams: C:\ProgramData\TEMP:8C12CFCD [251] AlternateDataStreams: C:\ProgramData\TEMP:957E9765 [213] AlternateDataStreams: C:\ProgramData\TEMP:961B84C5 [206] AlternateDataStreams: C:\ProgramData\TEMP:961F8A8A [232] AlternateDataStreams: C:\ProgramData\TEMP:97B3B270 [231] AlternateDataStreams: C:\ProgramData\TEMP:99A29126 [430] AlternateDataStreams: C:\ProgramData\TEMP:99AC3203 [123] AlternateDataStreams: C:\ProgramData\TEMP:9D03192E [217] AlternateDataStreams: C:\ProgramData\TEMP:9DB6A08C [249] AlternateDataStreams: C:\ProgramData\TEMP:9EBE2014 [488] AlternateDataStreams: C:\ProgramData\TEMP:9F50A55A [215] AlternateDataStreams: C:\ProgramData\TEMP:9FB6814A [251] AlternateDataStreams: C:\ProgramData\TEMP:A103830F [470] AlternateDataStreams: C:\ProgramData\TEMP:A1A86E40 [137] AlternateDataStreams: C:\ProgramData\TEMP:A1D3FEF0 [402] AlternateDataStreams: C:\ProgramData\TEMP:A22AF60D [127] AlternateDataStreams: C:\ProgramData\TEMP:A3840F5B [252] AlternateDataStreams: C:\ProgramData\TEMP:A3F7C8F8 [252] AlternateDataStreams: C:\ProgramData\TEMP:A43B789A [146] AlternateDataStreams: C:\ProgramData\TEMP:A558D81E [462] AlternateDataStreams: C:\ProgramData\TEMP:A6A65B80 [246] AlternateDataStreams: C:\ProgramData\TEMP:A6B07419 [245] AlternateDataStreams: C:\ProgramData\TEMP:A6CDBCAC [112] AlternateDataStreams: C:\ProgramData\TEMP:A6D89509 [436] AlternateDataStreams: C:\ProgramData\TEMP:A745DB5D [211] AlternateDataStreams: C:\ProgramData\TEMP:A7BB14DF [235] AlternateDataStreams: C:\ProgramData\TEMP:A819A132 [224] AlternateDataStreams: C:\ProgramData\TEMP:A9ABA3FF [229] AlternateDataStreams: C:\ProgramData\TEMP:AB354A63 [284] AlternateDataStreams: C:\ProgramData\TEMP:AC73CDCE [228] AlternateDataStreams: C:\ProgramData\TEMP:ACCFA538 [474] AlternateDataStreams: C:\ProgramData\TEMP:AECF4772 [230] AlternateDataStreams: C:\ProgramData\TEMP:B162D6FD [460] AlternateDataStreams: C:\ProgramData\TEMP:B37B4664 [253] AlternateDataStreams: C:\ProgramData\TEMP:B65E763D [234] AlternateDataStreams: C:\ProgramData\TEMP:B6FBC05A [239] AlternateDataStreams: C:\ProgramData\TEMP:B762A0C2 [225] AlternateDataStreams: C:\ProgramData\TEMP:B8791731 [229] AlternateDataStreams: C:\ProgramData\TEMP:BB0F4AA4 [239] AlternateDataStreams: C:\ProgramData\TEMP:C04D2B44 [239] AlternateDataStreams: C:\ProgramData\TEMP:C3392F75 [228] AlternateDataStreams: C:\ProgramData\TEMP:C82210DD [224] AlternateDataStreams: C:\ProgramData\TEMP:C86B29EB [104] AlternateDataStreams: C:\ProgramData\TEMP:C8E3A625 [226] AlternateDataStreams: C:\ProgramData\TEMP:C94DB16A [456] AlternateDataStreams: C:\ProgramData\TEMP:C9B27A06 [416] AlternateDataStreams: C:\ProgramData\TEMP:C9BC8592 [232] AlternateDataStreams: C:\ProgramData\TEMP:CA400C1B [458] AlternateDataStreams: C:\ProgramData\TEMP:CC7382F6 [155] AlternateDataStreams: C:\ProgramData\TEMP:CDC8FF42 [242] AlternateDataStreams: C:\ProgramData\TEMP:CE707633 [250] AlternateDataStreams: C:\ProgramData\TEMP:CFFC9DD0 [131] AlternateDataStreams: C:\ProgramData\TEMP:D01ACC06 [234] AlternateDataStreams: C:\ProgramData\TEMP:D2397415 [0] AlternateDataStreams: C:\ProgramData\TEMP:D3331ADB [148] AlternateDataStreams: C:\ProgramData\TEMP:D453E38B [227] AlternateDataStreams: C:\ProgramData\TEMP:D61EB62D [230] AlternateDataStreams: C:\ProgramData\TEMP:D6D084A5 [209] AlternateDataStreams: C:\ProgramData\TEMP:D882BE37 [118] AlternateDataStreams: C:\ProgramData\TEMP:D987CB43 [256] AlternateDataStreams: C:\ProgramData\TEMP:DA2268D5 [237] AlternateDataStreams: C:\ProgramData\TEMP:DCB27118 [249] AlternateDataStreams: C:\ProgramData\TEMP:E153075C [227] AlternateDataStreams: C:\ProgramData\TEMP:E1D06077 [223] AlternateDataStreams: C:\ProgramData\TEMP:E33D8F51 [229] AlternateDataStreams: C:\ProgramData\TEMP:E5BA9ADD [233] AlternateDataStreams: C:\ProgramData\TEMP:E73594F0 [231] AlternateDataStreams: C:\ProgramData\TEMP:E81603BC [244] AlternateDataStreams: C:\ProgramData\TEMP:E895790F [230] AlternateDataStreams: C:\ProgramData\TEMP:EB333CFC [231] AlternateDataStreams: C:\ProgramData\TEMP:EB86F355 [222] AlternateDataStreams: C:\ProgramData\TEMP:EC752217 [254] AlternateDataStreams: C:\ProgramData\TEMP:ED6B6C83 [284] AlternateDataStreams: C:\ProgramData\TEMP:F0F90DC6 [241] AlternateDataStreams: C:\ProgramData\TEMP:F3591DDB [218] AlternateDataStreams: C:\ProgramData\TEMP:F4362715 [512] AlternateDataStreams: C:\ProgramData\TEMP:F5E30F6A [488] AlternateDataStreams: C:\ProgramData\TEMP:F5FC5DCE [147] AlternateDataStreams: C:\ProgramData\TEMP:F6CDA594 [254] AlternateDataStreams: C:\ProgramData\TEMP:F7370879 [115] AlternateDataStreams: C:\ProgramData\TEMP:F75FE298 [252] AlternateDataStreams: C:\ProgramData\TEMP:F98E6C67 [300] AlternateDataStreams: C:\ProgramData\TEMP:FA09FC72 [138] AlternateDataStreams: C:\ProgramData\TEMP:FC414D14 [506] AlternateDataStreams: C:\ProgramData\TEMP:FCA8C9CD [129] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-1118934071 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-1142110319 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-1354487501 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-156600214 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-236165174 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-391380418 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-410298084 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-411785733 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-420047103 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-439648697 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon-722416980 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon1205380749 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon153898036 [10862] AlternateDataStreams: C:\Users\Paty\AppData\Roaming\Microsoft\Windows\Start Menu\News France Actualités & informations - Yahoo Actualités FR.website:DESTICON_favicon593622550 [10862] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19374712.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19374712.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\adobe.com -> hxxps://www.adobe.com IE trusted site: HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\cfpc.ca -> hxxp://www.cfpc.ca IE trusted site: HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\edf.com -> hxxps://commerce-contact.edf.com IE trusted site: HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\edf.fr -> hxxps://particulier.edf.fr IE trusted site: HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\microsoft.com -> hxxps://support.microsoft.com IE trusted site: HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\rtbf.be -> hxxps://www.rtbf.be ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 14:25 - 2017-09-21 16:39 - 000000953 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 localhost 127.0.0.1 localhost ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img10.jpg DNS Servers: 192.168.48.248 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == MSCONFIG\Services: a2AntiMalware => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AIPS => 2 MSCONFIG\Services: AllShare Framework DMS => 2 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: brlapi => 3 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: CxAudMsg => 2 MSCONFIG\Services: dbupdate => 2 MSCONFIG\Services: dbupdatem => 3 MSCONFIG\Services: DbxSvc => 2 MSCONFIG\Services: DokanCEMounter => 2 MSCONFIG\Services: DSAService => 2 MSCONFIG\Services: dts_apo_service => 3 MSCONFIG\Services: ekrn => 2 MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 3 MSCONFIG\Services: GamesAppIntegrationService => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: gupdate => 3 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: HitmanProScheduler => 2 MSCONFIG\Services: HWDeviceService64.exe => 2 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: igfxCUIService1.0.0.0 => 2 MSCONFIG\Services: IJPLMSVC => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) ME Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LBTServ => 3 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MBAMService => 3 MSCONFIG\Services: McComponentHostService => 3 MSCONFIG\Services: media center Bouygues Telecom => 2 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: Samsung Link Service => 2 MSCONFIG\Services: SkypeUpdate => 3 MSCONFIG\Services: ssh-agent => 3 MSCONFIG\Services: sshd => 3 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: SynTPEnhService => 2 MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2 MSCONFIG\Services: TemproMonitoringService => 3 MSCONFIG\Services: TMachInfo => 3 MSCONFIG\Services: TOSHIBA eco Utility Service => 2 MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3 MSCONFIG\Services: WDDriveService => 2 HKLM\...\StartupApproved\StartupFolder: => "Who Is On My Wifi.lnk" HKLM\...\StartupApproved\StartupFolder: => "MediaServerTray.lnk" HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk" HKLM\...\StartupApproved\StartupFolder: => "WinZip Préchargeur.lnk" HKLM\...\StartupApproved\StartupFolder: => "Notifications de Mises à jour.lnk" HKLM\...\StartupApproved\Run: => "cAudioFilterAgent" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "TecoResident" HKLM\...\StartupApproved\Run: => "TSSSrv" HKLM\...\StartupApproved\Run: => "CanonMyPrinter" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "Samsung Link" HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run: => "EvtMgr6" HKLM\...\StartupApproved\Run: => "DisplayLinkUI" HKLM\...\StartupApproved\Run: => "emsisoft anti-malware" HKLM\...\StartupApproved\Run: => "egui" HKLM\...\StartupApproved\Run32: => "TSVU" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "WDAppManager" HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker" HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper" HKLM\...\StartupApproved\Run32: => "WD Quick View" HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad" HKLM\...\StartupApproved\Run32: => "Achiwa" HKLM\...\StartupApproved\Run32: => "ToshibaServiceStation" HKLM\...\StartupApproved\Run32: => "OPTENET_GUI" HKLM\...\StartupApproved\Run32: => "DSATray" HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\StartupApproved\Run: => "Pogoplug Backup" HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\StartupApproved\Run: => "Mobile Partner" HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\StartupApproved\Run: => "CUCore Agent" HKU\S-1-5-21-2857391379-4175061016-2965674788-1001\...\StartupApproved\Run: => "iCloudServices" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{93EC7D0A-D238-4512-A2DF-6F67FF1FD0FD}] => (Allow) C:\Users\Paty\Desktop\CKScanner.exe FirewallRules: [{E587E307-E238-46ED-AB38-9BF32E498E6D}] => (Allow) C:\Users\Paty\Desktop\CKScanner.exe FirewallRules: [{40A484BE-1495-4BE8-BC51-C3B3FD9403AC}] => (Allow) C:\Users\Paty\Desktop\CKScanner.exe FirewallRules: [{1821B480-2A74-4D1A-8E5B-D5D04F5422BC}] => (Allow) C:\Users\Paty\Desktop\CKScanner.exe FirewallRules: [{7B714EAF-F5A3-42B6-BDAB-5919405E62C9}] => (Allow) C:\Users\Paty\Desktop\winchk_2.0.exe FirewallRules: [{AF8E1578-6381-4F70-AAF7-36DB5B4BFAC9}] => (Allow) C:\Users\Paty\Desktop\winchk_2.0.exe FirewallRules: [{7F5B9F65-AE60-42A8-91B3-4D4187448B3C}] => (Allow) C:\Users\Paty\Desktop\winchk_2.0.exe FirewallRules: [{4B8AD1A8-D443-4B9D-97DB-33F6865BAA64}] => (Allow) C:\Users\Paty\Desktop\winchk_2.0.exe FirewallRules: [{7A6D6D0A-B845-4DE5-B602-FFDF9AB6C32D}] => (Allow) C:\Users\Paty\Desktop\FRST64.exe FirewallRules: [{11D2581F-7ED5-4CBA-8A00-B23FBE6525EE}] => (Allow) C:\Users\Paty\Desktop\FRST64.exe FirewallRules: [{4371C0B5-DEF2-495D-A9F7-01A3C39A7DDC}] => (Allow) C:\Users\Paty\Desktop\FRST64.exe FirewallRules: [{2266A363-34F4-4CC4-89ED-7F66101C5DE5}] => (Allow) C:\Users\Paty\Desktop\FRST64.exe FirewallRules: [{2ADD8F44-9156-4211-9E93-8701331C1AEA}] => (Allow) C:\Users\Paty\Desktop\ZHPDiag3.exe FirewallRules: [{BA81C5DD-8FA2-4050-B3AF-2E97FC9DC5B7}] => (Allow) C:\Users\Paty\Desktop\ZHPDiag3.exe FirewallRules: [{72CDF788-176A-4CF7-9679-CF41913BCD4C}] => (Allow) C:\Users\Paty\Desktop\ZHPDiag3.exe FirewallRules: [{27C4EC7A-6BC9-4E3C-BA60-8C5B1DE90BD8}] => (Allow) C:\Users\Paty\Desktop\ZHPDiag3.exe ==================== Points de restauration ========================= 31-01-2018 15:24:01 Point de contrôle planifié 02-02-2018 13:37:05 avant désinfection ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: USB Serial Converter Description: USB Serial Converter Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: FTDI Service: FTDIBUS Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (02/02/2018 04:34:17 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme iexplore.exe version 11.0.17083.1000 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 7bc Heure de début : 01d39c32e920a479 Heure de fin : 26 Chemin d'accès de l'application : C:\Program Files (x86)\Internet Explorer\iexplore.exe ID de rapport : 9c67601c-5870-4cd6-a410-697518b99a6b Nom complet du package défaillant : ID de l'application relative au package défaillant : Error: (02/02/2018 04:30:08 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: PATRICIA) Description: httphttp-2147467263 Error: (02/02/2018 04:07:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SecurityHealthService.exe, version : 4.13.17083.1000, horodatage : 0x06476311 Nom du module défaillant : ntdll.dll, version : 10.0.17083.1000, horodatage : 0x11f0cc07 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000306e1 ID du processus défaillant : 0xfac Heure de début de l’application défaillante : 0x01d39c36105771f7 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\SecurityHealthService.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 9e0cf77c-a4cb-42d1-9121-2ace73334f7f Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/02/2018 03:55:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SecurityHealthService.exe, version : 4.13.17083.1000, horodatage : 0x06476311 Nom du module défaillant : ntdll.dll, version : 10.0.17083.1000, horodatage : 0x11f0cc07 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000306c6 ID du processus défaillant : 0x1e6c Heure de début de l’application défaillante : 0x01d39c346c201fc5 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\SecurityHealthService.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : e2b76783-99d1-4525-9d2d-d3af442f9d3d Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/02/2018 03:50:02 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: ) Description: TSS Load: could not communicate with TMachInfo service Error: (02/02/2018 03:50:02 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: ) Description: Impossible de démarrer le service TMachInfo sur l'ordinateur '.'. Error: (02/02/2018 03:44:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SecurityHealthService.exe, version : 4.13.17083.1000, horodatage : 0x06476311 Nom du module défaillant : ntdll.dll, version : 10.0.17083.1000, horodatage : 0x11f0cc07 Code d’exception : 0xc0000374 Décalage d’erreur : 0x00000000000f69eb ID du processus défaillant : 0xbbc Heure de début de l’application défaillante : 0x01d39c32bf54b928 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\SecurityHealthService.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : f4c84f43-19b5-4f9f-bdd4-f8b7387596d5 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/02/2018 03:22:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SecHealthUI.exe, version : 10.0.17083.1000, horodatage : 0x5a62c4d7 Nom du module défaillant : SecHealthUIDataModel.dll, version : 0.0.0.0, horodatage : 0x5a62c3c2 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000022221a ID du processus défaillant : 0xec0 Heure de début de l’application défaillante : 0x01d39c313e47fccd Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll ID de rapport : 592c8a3d-27cf-4561-805c-20360ea85e15 Nom complet du package défaillant : Microsoft.Windows.SecHealthUI_10.0.17083.1000_neutral__cw5n1h2txyewy ID de l’application relative au package défaillant : SecHealthUI Error: (02/02/2018 03:22:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SecHealthUI.exe, version : 10.0.17083.1000, horodatage : 0x5a62c4d7 Nom du module défaillant : SecHealthUIDataModel.dll, version : 0.0.0.0, horodatage : 0x5a62c3c2 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000022221a ID du processus défaillant : 0x1714 Heure de début de l’application défaillante : 0x01d39c3134704d0e Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll ID de rapport : 8c4a6267-df4c-411d-8c62-78847c3bc303 Nom complet du package défaillant : Microsoft.Windows.SecHealthUI_10.0.17083.1000_neutral__cw5n1h2txyewy ID de l’application relative au package défaillant : SecHealthUI Error: (02/02/2018 02:40:01 PM) (Source: COM) (EventID: 10031) (User: ) Description: Une vérification de stratégie d’unmarshaling a été effectuée lors de l’unmarshaling d’un objet marshalé personnalisé et la classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} a été refusée Erreurs système: ============= Error: (02/02/2018 04:07:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Service Centre de sécurité Windows Defender s’est terminé de façon inattendue pour la 3ème fois. Error: (02/02/2018 03:55:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Service Centre de sécurité Windows Defender s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error: (02/02/2018 03:44:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Service Centre de sécurité Windows Defender s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error: (02/02/2018 03:36:28 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (02/02/2018 03:35:15 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID Windows.SecurityCenter.WscBrokerManager et l’APPID Non disponible au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (02/02/2018 03:35:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Service Broker Microsoft Octagon s’est arrêté avec l’erreur : Cette demande n’est pas prise en charge. Error: (02/02/2018 03:33:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Windows Defender Advanced Threat Protection Service s’est arrêté avec l’erreur : Le fichier spécifié est introuvable. Error: (02/02/2018 03:33:09 PM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Cet ordinateur est configuré en tant que membre d’un groupe de travail, et non en tant que membre d’un domaine. Il n’est pas nécessaire d’exécuter le service Accès réseau dans cette configuration. Error: (02/02/2018 03:33:08 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 15:04:48 le ‎02/‎02/‎2018 n’était pas prévu. Error: (02/02/2018 10:18:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Service Centre de sécurité Windows Defender s’est terminé de façon inattendue pour la 3ème fois. CodeIntegrity: =================================== Date: 2018-02-02 16:07:43.088 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-02 16:07:43.072 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-02 16:07:33.382 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-02 16:07:33.372 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-02 16:07:33.339 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-02 16:07:33.326 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-02 16:07:33.033 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dbgeng.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-02 16:07:33.006 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-02 16:07:32.947 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-02 15:55:53.622 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Pourcentage de mémoire utilisée: 56% Mémoire physique - RAM - totale: 3987.27 MB Mémoire physique - RAM - disponible: 1749.48 MB Mémoire virtuelle totale: 4691.27 MB Mémoire virtuelle disponible: 2503.96 MB ==================== Lecteurs ================================ Drive c: (TI31206700A) (Fixed) (Total:487.35 GB) (Free:292.38 GB) NTFS Drive e: (Ecrits) (Fixed) (Total:8.68 GB) (Free:7.71 GB) NTFS Drive j: (Jeux) (Fixed) (Total:98.35 GB) (Free:63.95 GB) NTFS Drive m: (Musiques) (Fixed) (Total:45.08 GB) (Free:18.06 GB) NTFS Drive p: (Patricia Cours) (Fixed) (Total:284.91 GB) (Free:90.49 GB) NTFS Drive t: (Tutelle Henri Nourry ) (Fixed) (Total:5.03 GB) (Free:4.56 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fin de Addition.txt ============================