Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Exécuté par JEAN (22-06-2018 14:04:12)
Exécuté depuis C:\Users\JEAN\Desktop
Windows 10 Home Version 1803 17134.112 (X64) (2018-06-07 21:30:03)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-1044213066-2550500255-2834308233-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1044213066-2550500255-2834308233-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1044213066-2550500255-2834308233-1003 - Limited - Enabled)
Invité (S-1-5-21-1044213066-2550500255-2834308233-501 - Limited - Disabled)
JEAN (S-1-5-21-1044213066-2550500255-2834308233-1001 - Administrator - Enabled) => C:\Users\JEAN
UpdatusUser (S-1-5-21-1044213066-2550500255-2834308233-1000 - Limited - Enabled) => C:\Users\UpdatusUser
WDAGUtilityAccount (S-1-5-21-1044213066-2550500255-2834308233-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}) (Version: 1.8.17.26026 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}) (Version: 1.8.17.26026 - Alcor Micro Corp.)
ALZip 8.51 (HKLM-x32\...\ALZip_is1) (Version: v8.51 - ESTsoft Corp.)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.23 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0013 - ASUS)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Étude pour l'amélioration du produit HP ENVY 4520 series (HKLM\...\{A4A64935-E38B-4DB0-97C5-452928C381C1}) (Version: 40.11.1122.1796 - HP Inc.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Funbridge (HKLM-x32\...\funbridge.goto-games_is1) (Version: 4.28.18.3 - Goto-Games)
Funbridge2 (HKLM-x32\...\Funbridge2) (Version: 2.6.0.0 - Goto.Games)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Dropbox Plugin (HKLM-x32\...\{6401399A-F5DA-4C04-87AA-E8107DF00751}) (Version: 36.0.41.58587 - HP)
HP ENVY 4520 series Aide (HKLM-x32\...\{D9C0AB86-384B-49FF-A667-717724F07740}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{63BCC696-0FB4-4E9C-8144-2DA4F248FC17}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Logiciel de base du périphérique HP ENVY 4520 series (HKLM\...\{3FFE72AE-0C03-4126-A3C8-EBF4D409C991}) (Version: 40.11.1122.1796 - HP Inc.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office Professionnel Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mises à jour NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Mozilla Firefox 60.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 60.0.2 (x64 fr)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Package de pilotes Windows - Roche (WinUSB) PHDC  (02/11/2016 1.0.1.1) (HKLM\...\EC9A7BD36DE6C6BFC4BCE76D04254ABAECDD3738) (Version: 02/11/2016 1.0.1.1 - Roche)
Package de pilotes Windows - Roche (WinUSB) PHDC  (02/25/2016 1.0.0.1) (HKLM\...\DA249EF752C7BF768848EF6A7E6EC28C5A14AD77) (Version: 02/25/2016 1.0.0.1 - Roche)
Package de pilotes Windows - Roche (WinUSB) PHDC  (08/01/2015 1.0.0.4) (HKLM\...\6F1C9527B1FB1BD08E3CA1408737931EF998A9CE) (Version: 08/01/2015 1.0.0.4 - Roche)
Package de pilotes Windows - Roche (WinUSB) PHDC  (11/11/2015 1.0.0.0) (HKLM\...\979A80A103D57E5926172F0B1F8FD744AB4FBC6B) (Version: 11/11/2015 1.0.0.0 - Roche)
Package de pilotes Windows - Roche (WinUSB) PHDC  (12/18/2015 1.0.1.0) (HKLM\...\12176FE3E21D342A297DA7382801B135B0D4C969) (Version: 12/18/2015 1.0.1.0 - Roche)
Package de pilotes Windows - Roche (WinUSB) PHDC  (12/18/2015 1.0.1.0) (HKLM\...\7BFA9AF9317420D5155775C6885A44EC2F91F611) (Version: 12/18/2015 1.0.1.0 - Roche)
Panneau de configuration NVIDIA 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 369.09 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
PhotoFiltre 7 (HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\PhotoFiltre 7) (Version:  - )
ProRealTime (HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\ProRealTime_is1) (Version: 1.12 - IT-Finance)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.9.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
SketchUp Viewer (HKLM\...\{75A33ABF-2B6B-42F5-88E5-0E2CC23E254D}) (Version: 17.2.2555 - Trimble, Inc.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation)
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation)
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {01C995FF-D178-4E7B-AC4A-9E950006A207} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0837D897-84CB-4E30-A8DD-807937A81DFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0F1FC558-90E6-41AA-8D37-4FBE69053762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1060D36B-F7D6-4F27-A8CC-0022F4DBCAB6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {148318FC-5974-4508-A415-B3AFD16E5DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1A2F3BBA-858D-4FBC-9114-C644BF503DB0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {1CD4B68F-2E72-4C0C-91D0-3EF2F77026C1} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {24F29E36-1D58-466E-B7E7-331750FAF75E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {29308477-8F7E-4D4F-92D5-F1534E61B6F5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2AFCCB0A-8E69-42B3-BB72-40BA1ED9860A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {3436D299-AF35-4EBC-9919-F58AE20CC6B9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-09] (Adobe Systems Incorporated)
Task: {3C9616B2-742C-4820-AFAE-F3D2459E9677} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D966D87-5FE5-4FBC-8E90-DB0F48E454DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E3E65EA-6693-4ACC-947D-206853F50D65} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42145BE5-4059-431F-919A-1A381C5966DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4661470B-4FDE-48B4-B86E-E1A60E99185A} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {50AC2956-1568-40B4-8279-786B26D306C3} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {65CDE886-F549-4CE8-8CC3-51216719D798} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-27] (Google Inc.)
Task: {6E793354-5368-4E69-AC21-AAB1DF0EED01} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-05] (AVAST Software)
Task: {6FECF9BE-AED8-4627-80ED-91FF5361960F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72CEE312-E32B-4FBD-A205-194BE3D5F6B9} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {773492A6-4F08-4DAF-9C1B-778BC17ACAED} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {78588675-6CF3-4E50-B5B1-1EC34EAA2F6B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C778374C-94FE-41B0-B705-5FC952201AC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CA55D7BF-51A3-48BA-AC89-2DA4F8257D90} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-12] (AVAST Software)
Task: {CC8D36D1-617E-47EB-B868-12DDEB5D18B1} - System32\Tasks\Driver Booster SkipUAC (JEAN) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
Task: {DCF6F1B9-BD61-4FFD-9722-37D80C79543D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-27] (Google Inc.)
Task: {DD548504-31EE-43FF-A573-1E9BCB56DC76} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E959E007-A71C-4952-8EA8-22DE146D6227} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EA615F5B-48C6-47AE-9302-5D8DC57F5370} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-09] (Adobe Systems Incorporated)
Task: {F0496437-71B1-4E96-9E9C-3BC2F52CDE46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F217A6CE-F18A-4C0E-9CE3-7842D46E356B} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [2017-04-06] (HP Inc.)
Task: {FACB8164-0888-403B-B4E6-7F59329EA90F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FAD0611C-ACD3-40C5-A91D-59D99BCFA8EB} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {FBC8485F-A585-489F-8E2C-C65FEABC1BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FCE41C24-12A8-4431-AA70-0B05EE04BDA2} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22] (ASUS)
Task: {FFEE4F98-789F-4BC5-9EBF-91D4AC658C46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)


==================== Modules chargés (Avec liste blanche) ==============

2017-06-19 18:00 - 2016-08-01 14:54 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-06-11 23:58 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\office.odf
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-13 08:48 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-23 15:11 - 2018-05-23 15:12 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 15:11 - 2018-05-23 15:12 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 15:11 - 2018-05-23 15:13 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 15:11 - 2018-05-23 15:12 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-01 08:07 - 2018-06-01 08:07 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-26 14:52 - 2018-05-26 14:53 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-26 14:52 - 2018-05-26 14:53 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 08:51 - 2017-09-26 08:51 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-26 14:52 - 2018-05-26 14:53 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll
2011-10-13 03:36 - 2011-05-05 14:30 - 000057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2010-02-28 03:08 - 2010-02-28 03:08 - 001549152 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2017-03-18 13:09 - 2015-12-28 14:49 - 000629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2018-03-14 21:25 - 2018-03-14 21:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-12 20:11 - 2018-05-12 20:11 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-05-12 20:10 - 2018-05-12 20:10 - 000293592 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\100sexlinks.com -> 100sexlinks.com

Il y a 4788 plus de sites.


==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2016-12-28 11:49 - 2016-12-28 11:49 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\Control Panel\Desktop\\Wallpaper -> d:\humbert\mes images\singe-anime-1.gif
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
HKU\S-1-5-21-1044213066-2550500255-2834308233-1001\...\StartupApproved\Run: => "Skype"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{5480853E-5FE0-4B80-A8D2-D3DC3F6F3C11}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1230EA9A-339E-49C7-80CB-239E29A26115}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{A5863DFE-26D7-4002-8749-4924B1463DF4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5587E8FC-F1F8-4C90-928C-E7E041F9D8FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{ACE9B49C-7DE8-4BF1-8826-9447CC1729DD}C:\users\jean\appdata\local\it-finance\prorealtime\runtime\bin\java.exe] => (Allow) C:\users\jean\appdata\local\it-finance\prorealtime\runtime\bin\java.exe
FirewallRules: [TCP Query User{9EEA109E-EFD4-4465-B5FD-6DFD81B61046}C:\users\jean\appdata\local\it-finance\prorealtime\runtime\bin\java.exe] => (Allow) C:\users\jean\appdata\local\it-finance\prorealtime\runtime\bin\java.exe
FirewallRules: [{74E6EDEC-E4D0-4D86-9CDD-699BA5905B5B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{DB03B5CE-6980-4F9B-8CEA-121277C2C043}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{AC882C1F-EBF3-48BF-83D5-5954B640008A}] => (Allow) LPort=1900
FirewallRules: [{728C3760-A594-4DED-8B6E-8DD1C4E77369}] => (Allow) LPort=2869
FirewallRules: [TCP Query User{DD0AC4E9-5A98-4E75-A7C8-62EA884B6EA5}C:\users\jean\appdata\local\it-finance\prorealtime\runtime\bin\java.exe] => (Allow) C:\users\jean\appdata\local\it-finance\prorealtime\runtime\bin\java.exe
FirewallRules: [UDP Query User{33B6839E-2799-4A44-AC93-F9AA61B525CC}C:\users\jean\appdata\local\it-finance\prorealtime\runtime\bin\java.exe] => (Allow) C:\users\jean\appdata\local\it-finance\prorealtime\runtime\bin\java.exe
FirewallRules: [{4D8BAF2B-9901-47DA-B875-5BAB3EC7C28A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E10F4E1A-AB2F-4FE6-816D-D94551F1D786}] => (Allow) C:\Users\JEAN\AppData\Local\Temp\7zS6199\HP.EasyStart.exe
FirewallRules: [{DAF6E7C0-94B8-4882-903B-9A59B0869A63}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{E4935C2F-485C-461C-87E9-07942473E936}] => (Allow) LPort=5357
FirewallRules: [{11380B3D-3106-4088-BA30-DC2CD2DFFA46}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe

==================== Points de restauration =========================

08-06-2018 01:38:08 Windows Update
13-06-2018 08:47:34 Windows Update
20-06-2018 11:49:24 Point de contrôle planifié
21-06-2018 21:55:39 Removed Free DWG Viewer
21-06-2018 23:40:16 Opération de restauration

==================== Éléments en erreur du Gestionnaire de périphériques =============

Name: Intel(R) HD Graphics 3000
Description: Intel(R) HD Graphics 3000
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (06/22/2018 01:41:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Un périphérique attaché au système ne fonctionne pas correctement.
.


Opération :
   Opération asynchrone en cours d’exécution

Contexte :
   État actuel: DoSnapshotSet

Error: (06/22/2018 01:40:48 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé.
.
Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.


Opération :
   Données du rédacteur en cours de collecte

Contexte :
   ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
   Nom du rédacteur: System Writer
   ID d’instance du rédacteur: {205eda08-d9e7-4b6e-950d-a63a9d693e7e}

Error: (06/22/2018 12:21:11 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: asus-X73S)
Description: httphttp-2147467263

Error: (06/22/2018 12:19:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: asus-X73S)
Description: httphttp-2147467263

Error: (06/22/2018 11:39:56 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: asus-X73S)
Description: httphttp-2147467263

Error: (06/22/2018 11:39:42 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: asus-X73S)
Description: httphttp-2147467263

Error: (06/22/2018 09:44:27 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: asus-X73S)
Description: httphttp-2147467263

Error: (06/22/2018 09:44:14 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: asus-X73S)
Description: httphttp-2147467263


Erreurs système:
=============
Error: (06/22/2018 01:44:13 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Cet ordinateur est configuré en tant que membre d’un groupe de travail,
et non en tant que membre d’un domaine. Il n’est pas nécessaire
d’exécuter le service Accès réseau dans cette configuration.


==================== Infos Mémoire =========================== 

Processeur: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Pourcentage de mémoire utilisée: 42%
Mémoire physique - RAM - totale: 6050.14 MB
Mémoire physique - RAM - disponible: 3494.67 MB
Mémoire virtuelle totale: 12194.14 MB
Mémoire virtuelle disponible: 9836.83 MB

==================== Lecteurs ================================

Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:213.02 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)]
Drive d: (DATA) (Fixed) (Total:394.18 GB) (Free:308.75 GB) NTFS

\\?\Volume{a1b10883-3cd1-11e6-90d7-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.09 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=279 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=394.2 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================