Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01 Exécuté par Hamza (07-06-2018 18:05:04) Exécuté depuis C:\Users\Hamza\Desktop Windows 10 Home Version 1803 17134.48 (X64) (2018-05-24 15:58:09) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3044510447-1296552623-2508443125-500 - Administrator - Disabled) => C:\Users\Administrateur DefaultAccount (S-1-5-21-3044510447-1296552623-2508443125-503 - Limited - Disabled) Hamza (S-1-5-21-3044510447-1296552623-2508443125-1002 - Administrator - Enabled) => C:\Users\Hamza HomeGroupUser$ (S-1-5-21-3044510447-1296552623-2508443125-1006 - Limited - Enabled) Invité (S-1-5-21-3044510447-1296552623-2508443125-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3044510447-1296552623-2508443125-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated) Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated) Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated) Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated) AnalogX Capture (HKLM-x32\...\AnalogX Capture) (Version: - AnalogX) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden Arturia V Collection 6 (HKLM\...\V Collection 6_is1) (Version: 6.0.2 - Arturia) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software) Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.4888 - AVAST Software) Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.21.170501 - ) BitTorrent (HKLM-x32\...\BitTorrent) (Version: - BitTorrent, Inc) Camel Audio CamelCrusher64 (HKLM-x32\...\Camel Audio CamelCrusher64) (Version: 1.01.0 - Camel Audio) CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0446 - Disc Soft Ltd) darbuka-nut1.0 (HKLM-x32\...\darbuka-nut) (Version: - ) Dropbox (HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\Dropbox) (Version: 51.4.66 - Dropbox, Inc.) Dukto R6 (HKLM-x32\...\{386C0311-B146-4CE0-89E5-8469A3583156}}_is1) (Version: R6 - Emanuele Colombo) DX7 V (HKLM\...\DX7 V_is1) (Version: 1.0.0.1183 - Arturia & Team V.R) EarMaster 7.0 (HKLM-x32\...\EarMaster 7_is1) (Version: 7.0 - EarMaster ApS) Epubor Adobe ePUB&PDF DRM Removal (HKLM-x32\...\Epubor Adobe ePUB&PDF DRM Removal) (Version: 2.0.12.1111 - Epubor Inc.) EPubsoft EBook Converter 9.4.1 (HKLM-x32\...\{D7B74958-3A24-4F46-A178-059B36E8749A}) (Version: 9.4.1 - EPUBSOFT) f.lux (HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\Flux) (Version: - f.lux Software LLC) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden G-sonique Alien303 VSTi (HKLM-x32\...\G-sonique Alien303 VSTi) (Version: - ) IK Multimedia Authorization Manager version 1.0.19 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.19 - IK Multimedia) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation) KORG Collection - MonoPoly (HKLM\...\{DA31AE51-AB45-4368-9F4E-6AF05176AEE3}) (Version: 1.2.0 - KORG Inc.) Hidden KORG Collection - MonoPoly (HKLM-x32\...\KORG Collection - MonoPoly) (Version: 1.2.0 - KORG Inc.) KORG Collection - MS-20 (HKLM\...\{D9163B30-035A-45E8-A7FB-FC3D700DA159}) (Version: 1.4.0 - KORG Inc.) Hidden KORG Collection - MS-20 (HKLM-x32\...\KORG Collection - MS-20) (Version: 1.4.0 - KORG Inc.) KORG Collection - Polysix (HKLM\...\{D3AD748F-85C6-423D-B95F-268A0E1460A7}) (Version: 1.4.0 - KORG Inc.) Hidden KORG Collection - Polysix (HKLM-x32\...\KORG Collection - Polysix) (Version: 1.4.0 - KORG Inc.) KORG Collection - WAVESTATION (HKLM\...\{6C2C56CC-9075-491D-9B29-55147B67B892}) (Version: 1.8.0 - KORG Inc.) Hidden KORG Collection - WAVESTATION (HKLM-x32\...\KORG Collection - WAVESTATION) (Version: 1.8.0 - KORG Inc.) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Logitech - Assistant pour jeux vidéo 9.00 (HKLM\...\Logitech Gaming Software) (Version: 9.00.42 - Logitech Inc.) Logitech SetPoint 6.68 (HKLM\...\sp6) (Version: 6.68.250 - Logitech) LPK25 Editor (HKLM-x32\...\LPK25Editor) (Version: - ) Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft OneDrive (HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\OneDriveSetup.exe) (Version: 18.091.0506.0003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - ) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version: - ) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: - ) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: - ) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Mises à jour NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden mkv2vob (HKLM-x32\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) MPC-HC 1.7.13 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.13 - MPC-HC Team) MusicLab Virtual Midi Driver (64-bit) (HKLM\...\{2B019162-86C7-4D14-AED0-2CB5110BA4FF}) (Version: 2.0.3.0 - MusicLab, Inc.) Musitek SmartScore X Professional Edition v10.0.1 (HKLM-x32\...\Musitek SmartScore X Professional Edition_is1) (Version: - ) Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.7.3.37 - Native Instruments) Native Instruments Symphony Series Brass Ensemble (HKLM-x32\...\Native Instruments Symphony Series Brass Ensemble) (Version: 1.0.0.12 - Native Instruments) Native Instruments Symphony Series String Ensemble (HKLM-x32\...\Native Instruments Symphony Series String Ensemble) (Version: 1.0.0.17 - Native Instruments) NextUp Talker (HKLM-x32\...\NextUp Talker_is1) (Version: 1.0.46.0 - NextUp Technologies) Nicky Romero Kickstart 1.0.9 (HKLM\...\Kickstart_is1) (Version: 1.0.9 - Nicky Romero) NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA Pilote graphique 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Neon (HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\Opera Neon) (Version: 1.0.2531.0 - Opera Software AS) Opera Stable 53.0.2907.68 (HKLM-x32\...\Opera 53.0.2907.68) (Version: 53.0.2907.68 - Opera Software) PACE License Support Win64 (HKLM\...\{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Hidden Package de pilotes Windows - Hewlett-Packard hp scanjet 3600 series (04/26/2007 9.0.0.0) (HKLM\...\6AF27CD11B617BED2F81E26729D33AF8338D453C) (Version: 04/26/2007 9.0.0.0 - Hewlett-Packard) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Panneau de configuration NVIDIA 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.41 - NVIDIA Corporation) Hidden Piano V2 (HKLM\...\Piano V2_is1) (Version: 2.1.0.1391 - Arturia & Team V.R) Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.14.1 - Razer Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.3.0531.053017 - Razer Inc.) RealSpeak Solo pour la voix francaise Virginie (HKLM-x32\...\{58B0F3ED-6FAE-486C-9AB9-1C06514097B4}) (Version: 4.00.0000 - ScanSoft) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6728 - Realtek Semiconductor Corp.) Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC) reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - ) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\Spotify) (Version: 1.0.80.474.gef6b503e - Spotify AB) Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.184 - Synaptics Incorporated) TEAM R2R KORG Collection Authorizer (HKLM\...\KORG Collection Authorizer_is1) (Version: 1.0.0 - TEAM R2R) Total War Arena EU (HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\TWA.EU.PRODUCTION) (Version: - Wargaming.net) TT-Dynamic-Range 1.4 (HKLM-x32\...\TT-Dynamic-Range 1.4) (Version: - ) TunnelBear (HKLM-x32\...\{5dbd322e-98b2-41c8-a2d9-d9f21423afa9}) (Version: 3.2.0.6 - TunnelBear) TunnelBear (HKLM-x32\...\{EAF52E02-CC78-47F4-A304-F91FDB6A55D1}) (Version: 3.2.0.6 - TunnelBear) Hidden Twitch (HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation) ValhallaVintageVerb version 1.7.1 (HKLM-x32\...\{F63B0240-2765-450B-81CD-D305D9F53C3D}_is1) (Version: 1.7.1 - Valhalla DSP, LLC) VEGAS Pro 14.0 (64-bit) (HKLM\...\{B9DF5F21-0517-11E7-8469-C2A106E0D44C}) (Version: 14.0.244 - VEGAS) Vivaldi (HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\Vivaldi) (Version: 1.15.1147.42 - Vivaldi) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Voxengo SPAN Plus (HKLM\...\Voxengo SPAN Plus_is1) (Version: 1.4 - Voxengo) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) WebM Project Directshow Filters (HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\webmdshow) (Version: 1.0.4.1 - WebM Project) WordBuilder (HKLM-x32\...\{91C36BDB-B77C-4C2D-B278-3CF1D1005C8F}) (Version: 1.1.8 - East West) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) XLN Audio Addictive Drums 2 (HKLM\...\Addictive Drums 2_is1) (Version: 2.1.7 - XLN Audio) XMedia Recode version 3.3.2.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.2.8 - XMedia Recode) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3044510447-1296552623-2508443125-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-05] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-05] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-05] (AVAST Software) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-07-04] (WinZip Computing, S.L.) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-22] (Disc Soft Ltd) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-05] (AVAST Software) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-05-22] (Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-07-04] (WinZip Computing, S.L.) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation) ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-05] (AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-07-04] (WinZip Computing, S.L.) ContextMenuHandlers1_S-1-5-21-3044510447-1296552623-2508443125-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-3044510447-1296552623-2508443125-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-3044510447-1296552623-2508443125-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Hamza\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {10C4C352-3DD6-411E-AC24-14C37AC3886F} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe Task: {159504D9-BF62-4D43-8355-CB50EB0541D6} - System32\Tasks\Driver Booster SkipUAC (Hamza) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe Task: {18B90D3A-D3F9-4D6E-BA93-F179099FF3D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {1915F52B-6AFF-4F52-B1EA-12050B86A6B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-09] (Adobe Systems Incorporated) Task: {1E76BA9F-091B-4319-A891-E649C970DA2A} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {2C53919E-F51D-4EF0-BA42-83CA61C0D265} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe Task: {3332F511-ECD2-4284-8EC7-77DD1B68E337} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-05-09] (Microsoft Corporation) Task: {349F7F46-D86D-4CFB-A4A1-7735AEDE8516} - System32\Tasks\AdobeGCInvoker-1.0-HBS-Hamza => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated) Task: {3B9350A2-B33D-4E65-9F14-6BCF5CF60C8C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation) Task: {4528F583-1080-440D-8A94-0A03E105EEAF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-08] (Adobe Systems Incorporated) Task: {4B87852A-A040-4A83-BDBC-6E9D535F8250} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3044510447-1296552623-2508443125-1002Core1d236d441de311e => C:\Users\Hamza\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {548D3B8F-61E1-4C6D-94F5-B7A19F7EEA4E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {65989334-759C-4AC5-AED4-8B8C60F0C5CB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-05] (AVAST Software) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {67D3CCC6-EED9-41F1-8444-A40F53BE9F7A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {6DF58E5C-8BBB-405F-9BFD-9084F41460EF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation) Task: {76F08A96-2F2B-4AEE-A812-36C5691968F3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation) Task: {7BCE13CA-1D0A-4FB8-9DBD-6FD30813659A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3044510447-1296552623-2508443125-1002Core => C:\Users\Hamza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-06] (Facebook Inc.) Task: {86974011-CD15-4A8E-AC72-FE3775C26CD3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe Task: {8EA8ECBB-ACC8-4BB6-BF54-EB6A15888A22} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-01-06] (AVAST Software) Task: {A527E450-4777-481A-A116-1C8A926689AB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-18] (NVIDIA Corporation) Task: {A88E1D6C-5C18-4CA7-8276-762A30C77601} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {ABB59338-1EF4-41E0-A359-8D66C4980215} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation) Task: {B94CEE9C-A679-49C5-8A65-940CAC27F3CD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-09] (Adobe Systems Incorporated) Task: {C3BB6470-2F88-4E37-88C8-E32239DBF44F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18] (NVIDIA Corporation) Task: {C4CA24E4-CE58-405D-BC64-593361E41D7A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-06] (AVAST Software) Task: {D5815F33-14E7-4F14-8956-76CFEC01C7DB} - System32\Tasks\{CFDC5C5C-80FC-4D55-B857-BDFE2A6CA0A6} => c:\program files (x86)\opera\launcher.exe [2018-05-23] (Opera Software) Task: {D83D7C48-817A-4565-AB98-B265449D811F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation) Task: {DEE18095-1C43-41A4-89EA-F9151249A7A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {DF663607-50EC-4452-B7E9-86B130B3AA41} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3044510447-1296552623-2508443125-1002UA1d236d4422398d0 => C:\Users\Hamza\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {E06B37D8-0424-42D7-9C31-FAFE371E7EF7} - System32\Tasks\{63D88B12-2A02-41F9-978A-83C07D12F3B8} => c:\program files (x86)\opera\launcher.exe [2018-05-23] (Opera Software) Task: {EA1F6DAA-6841-4506-90B4-C1357E426BFD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-18] (NVIDIA Corporation) Task: {EB600DEB-23A2-4AAD-AABB-F87127ED282C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd) Task: {EBA4C301-98E1-4320-93A6-B7E0961217E8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3044510447-1296552623-2508443125-1002UA => C:\Users\Hamza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-06] (Facebook Inc.) Task: {EF244232-C5F9-4FED-9FB9-86DC525596AF} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe Task: {F5A4B97A-496B-4C2E-8132-69B61D5BBE4C} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-05-21] (AVAST Software) Task: {F5A8A7FA-6F5C-4EB8-92F8-1D04F3A99F9E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {FE27A86D-ED8C-492A-A6D9-7A13AB8D7750} - System32\Tasks\Opera scheduled Autoupdate 1373463421 => C:\Program Files (x86)\Opera\launcher.exe [2018-05-23] (Opera Software) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3044510447-1296552623-2508443125-1002Core1d236d441de311e.job => C:\Users\Hamza\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3044510447-1296552623-2508443125-1002UA1d236d4422398d0.job => C:\Users\Hamza\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3044510447-1296552623-2508443125-1002Core.job => C:\Users\Hamza\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3044510447-1296552623-2508443125-1002UA.job => C:\Users\Hamza\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2015-01-05 01:34 - 2012-09-18 17:27 - 000192512 ____H () C:\WINDOWS\System32\zlhp1020.dll 2013-08-22 11:33 - 2012-09-18 17:27 - 000065024 ____H () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll 2013-03-15 21:22 - 2013-03-15 21:22 - 000495616 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe 2011-05-10 05:47 - 2011-05-10 05:47 - 000416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll 2011-05-10 05:46 - 2011-05-10 05:46 - 002760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll 2013-03-15 21:22 - 2013-03-15 21:22 - 000217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll 2011-05-10 05:56 - 2011-05-10 05:56 - 009856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll 2011-05-10 05:48 - 2011-05-10 05:48 - 000990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll 2011-05-10 21:32 - 2011-05-10 21:32 - 000731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll 2017-09-18 03:22 - 2017-08-18 06:32 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-01-23 00:46 - 2016-01-23 00:46 - 000076152 ____H () C:\WINDOWS\system32\PnkBstrA.exe 2017-10-20 17:42 - 2017-10-20 17:42 - 000393200 ____H () C:\WINDOWS\system32\igfxTray.exe 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-04-12 01:35 - 2018-04-12 18:23 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-05-21 21:01 - 2018-05-21 21:02 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-05-21 21:01 - 2018-05-21 21:02 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-05-16 19:46 - 2018-05-16 19:46 - 000077824 _____ () C:\Program Files\Common Files\Logishrd\LAClient\zlib.dll 2018-05-16 19:46 - 2018-05-16 19:46 - 000144896 _____ () C:\Program Files\Common Files\Logishrd\LAClient\libssh2.dll 2016-12-16 22:03 - 2016-12-16 22:03 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll 2018-05-28 01:30 - 2018-05-28 01:31 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-05-28 01:30 - 2018-05-28 01:31 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-11-22 21:19 - 2017-11-22 21:19 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-05-28 01:30 - 2018-05-28 01:31 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-05-04 13:29 - 2018-05-04 13:29 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll 2018-05-28 01:30 - 2018-05-28 01:31 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-05-28 01:30 - 2018-05-28 01:31 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-04-06 14:13 - 2018-04-06 14:15 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-05-28 01:30 - 2018-05-28 01:31 - 014850560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-05-28 01:30 - 2018-05-28 01:31 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-05-28 01:30 - 2018-05-28 01:30 - 003265536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-05-28 01:30 - 2018-05-28 01:31 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2018-05-28 01:30 - 2018-05-28 01:31 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-05-28 01:30 - 2018-05-28 01:31 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2018-05-07 09:33 - 2018-05-07 09:33 - 001096840 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2018-05-07 09:33 - 2018-05-07 09:33 - 000241800 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-05-04 23:18 - 2017-10-25 13:22 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2015-05-04 23:18 - 2017-10-25 13:22 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2015-05-04 23:18 - 2017-10-25 13:22 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-05-04 23:18 - 2017-10-25 13:22 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2018-06-05 02:54 - 2018-06-05 02:54 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-06-05 02:52 - 2018-06-05 02:52 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2018-06-05 02:51 - 2018-06-05 02:51 - 000293592 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217] AlternateDataStreams: C:\ProgramData:90CD1E2D7E39835B [217] AlternateDataStreams: C:\ProgramData:F5D82EF9C21FFAAA [217] AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217] AlternateDataStreams: C:\Users\All Users:90CD1E2D7E39835B [217] AlternateDataStreams: C:\Users\All Users:F5D82EF9C21FFAAA [217] AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217] AlternateDataStreams: C:\ProgramData\Application Data:90CD1E2D7E39835B [217] AlternateDataStreams: C:\ProgramData\Application Data:F5D82EF9C21FFAAA [217] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2012-07-26 07:26 - 2018-05-23 15:58 - 000001128 ____H C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 www.r2rdownload.net 127.0.0.1 www.r2rdownload.com 127.0.0.1 www.elephantafiles.com ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Hamza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 172.18.13.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\StartupFolder: => "WinZip Quick Pick.lnk" HKLM\...\StartupApproved\StartupFolder: => "Qualcomm Atheros Killer Network Manager.lnk" HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "Radio Manager" HKLM\...\StartupApproved\Run: => "MBCfg64" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "Launch LCore" HKLM\...\StartupApproved\Run32: => "RzWizard" HKLM\...\StartupApproved\Run32: => "KLM" HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "Super-Charger" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "Live Update" HKLM\...\StartupApproved\Run32: => "CloneCDTray" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Ultralingua 7 Hotkey" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "SCM" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\StartupFolder: => "Facebook Messenger.lnk" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "GameCenterMailRu" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "Facebook Update" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "BingSvc" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "Vivaldi Update Notifier" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "f.lux" HKU\S-1-5-21-3044510447-1296552623-2508443125-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{C3AC3FEB-173C-48EA-8B9C-896F9BB6C934}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [UDP Query User{5C4F6F85-B97C-48F9-B409-05FF60AD6A9A}C:\program files (x86)\native instruments\native access\addlibrary.exe] => (Allow) C:\program files (x86)\native instruments\native access\addlibrary.exe FirewallRules: [TCP Query User{36834FAD-CAE4-4FE5-B8C7-C9DC11B212C6}C:\program files (x86)\native instruments\native access\addlibrary.exe] => (Allow) C:\program files (x86)\native instruments\native access\addlibrary.exe FirewallRules: [{1A855276-9356-452C-AA03-E54494E226A2}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe FirewallRules: [UDP Query User{61DCF9A7-3C83-48E3-B3E9-ACC6BD46D905}C:\users\hamza\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\hamza\appdata\local\vivaldi\application\vivaldi.exe FirewallRules: [TCP Query User{F09FC5E6-007B-4EE5-9B36-36436EE23953}C:\users\hamza\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\hamza\appdata\local\vivaldi\application\vivaldi.exe FirewallRules: [UDP Query User{30A1E80E-0DED-494B-A24B-914FC9C71E3A}C:\users\hamza\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\hamza\appdata\local\vivaldi\application\vivaldi.exe FirewallRules: [TCP Query User{1E05FE3D-5E37-4E6A-A0A0-5920477D5D79}C:\users\hamza\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\hamza\appdata\local\vivaldi\application\vivaldi.exe FirewallRules: [UDP Query User{903A3102-0A0B-4D79-B80F-483D50A22EB3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{3F34C9EB-34EE-418A-80D1-4F683E39FE71}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{ACD8FB63-A60E-4B5B-9CA4-D2D75795F703}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [TCP Query User{D1A8D6AF-3C50-4FDF-A79B-926EA9EA13B5}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [UDP Query User{14D950BC-D3D3-4B00-8ACC-EA1021E8E9E1}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{C241AD03-61F8-4FE9-952C-FF2CFB883DEC}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{9E90B2F0-9E45-4F31-A3C3-25ED01DC08E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D7861C9C-1B57-4336-B8F0-6BE2380D399D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D1F03CD4-01BD-4A1C-BAE6-F7B881856679}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{87F2D10A-1F18-4295-B8ED-2FBB8432F746}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{AE5C4FC9-EE4B-458A-9140-663A17D30F91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [UDP Query User{B5CA43FA-FA6A-4235-9C69-674FA54A7A2E}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Allow) C:\program files (x86)\pando networks\media booster\pmb.exe FirewallRules: [TCP Query User{E4105039-DD0F-4232-B3E3-851EAB57C2C7}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Allow) C:\program files (x86)\pando networks\media booster\pmb.exe FirewallRules: [UDP Query User{B6E78910-D830-459F-AD8A-DBCE54B18CEB}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [TCP Query User{CEF04A71-4BFB-47A6-94DD-25C001E883C3}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [UDP Query User{CF7FDDFC-891E-46E7-9EE9-DC9E01CEEFD8}C:\users\hamza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hamza\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{714C596D-65EF-4621-BAD3-A891433B601B}C:\users\hamza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hamza\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{62D7429D-4825-4848-9CED-322DEAA0A893}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{D9F49690-EBEA-42D1-9B83-C278609E303A}] => (Allow) C:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe FirewallRules: [{02D6FAF5-B6C0-4CA5-87DD-5F17D8F7640E}] => (Allow) C:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe FirewallRules: [UDP Query User{B8F2262B-475F-46AA-8ECE-2526E5A6DFDE}C:\users\hamza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hamza\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{F280D351-0137-439D-A530-9CFB7418B269}C:\users\hamza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hamza\appdata\roaming\spotify\spotify.exe FirewallRules: [{12090ED1-C35F-46B2-81E6-20A720DDAD3F}] => (Allow) C:\Program Files (x86)\Opera\53.0.2907.68\opera.exe FirewallRules: [TCP Query User{A845DBA6-9314-473A-8077-E9D28FCE61E6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{BC8B578C-13B3-4B69-9256-BE9F23FF8607}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{D1B943B3-A58E-40B7-A149-F76110F80621}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{524EF510-5EB5-4E44-BB96-A1C64B7DD445}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{702D6C9C-8068-4E2E-8BB3-D430D475D8D0}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe FirewallRules: [TCP Query User{113FF830-40CD-41EA-A8ED-03BB217E13A1}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe FirewallRules: [UDP Query User{113EECBE-CFE9-4DC1-9360-830534037E1E}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe FirewallRules: [{100BCD25-2E3A-4B97-912E-FE4C5D6E83C3}] => (Allow) C:\program files (x86)\dukto\dukto.exe FirewallRules: [{0CE699D9-E135-45A2-947E-015AFB7DB285}] => (Allow) C:\program files (x86)\dukto\dukto.exe ==================== Points de restauration ========================= 02-06-2018 04:03:39 Removed Razer Synapse. 03-06-2018 13:40:13 Removed DriversCloud.com (64 bits) 07-06-2018 16:43:40 Fjernet Fotogalleri 07-06-2018 16:44:24 Supprimé Fotogalerii 07-06-2018 16:45:00 Supprimé Fotogalerie 07-06-2018 16:45:17 Supprimé Fotogalerija 07-06-2018 16:45:40 Supprimé Foto-galerija 07-06-2018 16:46:11 Supprimé Fotogalleriet 07-06-2018 16:46:30 Supprimé Fotogaléria 07-06-2018 16:46:50 Supprimé Fotoğraf Galerisi 07-06-2018 16:47:30 Supprimé Fotoattēlu galerija 07-06-2018 16:47:46 Supprimé Fotótár 07-06-2018 16:48:13 Removido Galeria de Fotografias ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) Description: Contrôleur Killer E2200 Gigabit Ethernet Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Rivet Networks Service: KillerEth Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VPN Client Adapter - VPN Description: VPN Client Adapter - VPN Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: SoftEther VPN Project Service: Neo_VPN Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: TunnelBear Adapter V9 Description: TunnelBear Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TunnelBear Provider V9 Service: tap-tb-0901 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Périphérique USB inconnu (échec de définition d’adresse) Description: Périphérique USB inconnu (échec de définition d’adresse) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Contrôleur hôte USB standard) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (06/07/2018 05:18:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme ShellExperienceHost.exe version 10.0.17134.1 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 2ba4 Heure de début : 01d3fe6b55b387f0 Heure de fin : 4294967295 Chemin d'accès de l'application : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : 88d7c8ec-47ae-4cf9-8959-d46666c3e025 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy ID de l'application relative au package défaillant : App Error: (06/07/2018 04:42:25 PM) (Source: Microsoft Office 12) (EventID: 2001) (User: ) Description: Rejected Safe Mode action : Microsoft Office Outlook. Error: (06/07/2018 04:29:54 PM) (Source: iumsvc) (EventID: 3) (User: ) Description: Traceback (most recent call last): File "win32serviceutil.py", line 835, in SvcRun File "updtr/service.py", line 238, in SvcDoRun File "updtr/service.py", line 263, in run File "updtr/core/entities/win_certs_store_bundle.py", line 41, in get_filename_for_windows_ca_bundle File "updtr/core/entities/win_certs_store_bundle.py", line 33, in _create_bundle_from_win_store IOError: (13, 'Permission denied', 'C:\\ProgramData\\Intel(R) Update Manager\\AppData\\root_ca_certs.pem') Error: (06/07/2018 04:11:32 PM) (Source: Google Update) (EventID: 20) (User: HBS) Description: Event-ID 20 Error: (06/07/2018 04:04:29 PM) (Source: iumsvc) (EventID: 3) (User: ) Description: Traceback (most recent call last): File "win32serviceutil.py", line 835, in SvcRun File "updtr/service.py", line 238, in SvcDoRun File "updtr/service.py", line 263, in run File "updtr/core/entities/win_certs_store_bundle.py", line 41, in get_filename_for_windows_ca_bundle File "updtr/core/entities/win_certs_store_bundle.py", line 33, in _create_bundle_from_win_store IOError: (13, 'Permission denied', 'C:\\ProgramData\\Intel(R) Update Manager\\AppData\\root_ca_certs.pem') Error: (06/07/2018 04:03:59 PM) (Source: Software Protection Platform Service) (EventID: 8211) (User: ) Description: Les jetons de clé de produit et licence Windows mis à jour ont échoué avec le code d’erreur 0x80070005. Error: (06/07/2018 04:01:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante KLM.exe, version : 1.0.1104.2501, horodatage : 0x4db4e179 Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.1, horodatage : 0x149ab0fd Code d’exception : 0xe0434352 Décalage d’erreur : 0x0010d722 ID du processus défaillant : 0x379c Heure de début de l’application défaillante : 0x01d3fe67d38ce49e Chemin d’accès de l’application défaillante : C:\Program Files (x86)\MSI\KLM\KLM.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 573ceb91-9a49-4936-b9e2-c63f95c3212d Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (06/07/2018 04:01:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : KLM.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Management.ManagementException à System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus) à System.Management.ManagementEventWatcher.Start() à KLM.MainWindow.<.ctor>b__0() à System.Threading.ThreadHelper.ThreadStart_Context(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à System.Threading.ThreadHelper.ThreadStart() Erreurs système: ============= Error: (06/07/2018 06:02:31 PM) (Source: DCOM) (EventID: 10016) (User: HBS) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID HBS\Hamza de l’utilisateur (S-1-5-21-3044510447-1296552623-2508443125-1002) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (06/07/2018 05:18:36 PM) (Source: DCOM) (EventID: 10016) (User: HBS) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID HBS\Hamza de l’utilisateur (S-1-5-21-3044510447-1296552623-2508443125-1002) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (06/07/2018 04:26:21 PM) (Source: DCOM) (EventID: 10016) (User: HBS) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID HBS\Hamza de l’utilisateur (S-1-5-21-3044510447-1296552623-2508443125-1002) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (06/07/2018 04:24:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (06/07/2018 04:24:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} et l’APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (06/07/2018 04:03:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Intel(R) Management and Security Application Local Management Service est en attente de démarrage. Error: (06/07/2018 04:01:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Optimisation de livraison est en attente de démarrage. Error: (06/07/2018 03:58:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service MSI_LiveUpdate_Service s’est terminé de façon inattendue pour la 1ème fois. Windows Defender: =================================== Date: 2018-06-05 04:00:35.120 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.255.163.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.14305.0 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2018-06-05 04:00:35.120 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.255.163.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Logiciel anti-espion Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.14305.0 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2018-06-05 04:00:35.119 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.255.163.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.14305.0 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2018-06-05 04:00:28.715 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.255.163.0 Source de mise à jour : Serveur Microsoft Update Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.14305.0 Code d’erreur : 0x8024402c Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. CodeIntegrity: =================================== Date: 2018-06-06 20:52:26.422 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-06 20:52:26.414 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-06 13:18:05.861 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-06 13:18:05.848 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-05 04:15:48.208 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-05 04:15:48.032 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-05 03:25:28.071 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-05 03:25:27.866 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Pourcentage de mémoire utilisée: 34% Mémoire physique - RAM - totale: 8079.3 MB Mémoire physique - RAM - disponible: 5285.47 MB Mémoire virtuelle totale: 10383.3 MB Mémoire virtuelle disponible: 7487.61 MB ==================== Lecteurs ================================ Drive c: (OS_Install) (Fixed) (Total:425.39 GB) (Free:101.55 GB) NTFS Drive d: (Data) (Fixed) (Total:253.42 GB) (Free:118.92 GB) NTFS \\?\Volume{1e78589e-2557-45d5-a12e-1ed4ebf81923}\ (WinRE tools) (Fixed) (Total:0.59 GB) (Free:0.36 GB) NTFS \\?\Volume{a48b798d-e076-4770-9807-5ed8f7c7c66f}\ (BIOS_RVY) (Fixed) (Total:18.82 GB) (Free:0.71 GB) NTFS \\?\Volume{2b734fbf-d836-4749-afd5-0fe639103157}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32 ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 8DD3C44C) Partition: GPT. ==================== Fin de Addition.txt ============================