Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:31-10-2015 Exécuté par gidur (2018-07-02 16:37:32) Exécuté depuis C:\Users\gidur\bureau\nettoyage\FRST-OlderVersion Windows 10 Pro (X64) (2017-12-12 11:32:34) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-4293477075-826502125-2794942712-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4293477075-826502125-2794942712-503 - Limited - Disabled) gidur (S-1-5-21-4293477075-826502125-2794942712-1000 - Administrator - Enabled) => C:\Users\gidur Invité (S-1-5-21-4293477075-826502125-2794942712-501 - Limited - Disabled) NeroMediaHomeUser.4 (S-1-5-21-4293477075-826502125-2794942712-1003 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-4293477075-826502125-2794942712-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - ) Adblock Plus pour IE (32-bits et 64-bits) (HKLM\...\{1C9A24E0-CA21-414D-8D21-22BF8981FC9F}) (Version: 1.5 - Eyeo GmbH) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated) Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated) Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.) Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.) ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.) ASRock XFast RAM v3.0.2 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.) Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.4888 - AVAST Software) Avast Premium (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software) AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.77.3.23060 - AVG Technologies) AVG PC TuneUp (x32 Version: 16.77.3 - AVG Technologies) Hidden AVS Document Converter 2.3.2 (HKLM-x32\...\AVS Document Converter_is1) (Version: 2.3.2.233 - Online Media Technologies Ltd.) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden C4400 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden CamStudio 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source) CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source) CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.A.) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DisplayDriverAnalyzer (Version: 397.93 - NVIDIA Corporation) Hidden DLL Suite 9.0 (HKLM-x32\...\{E557052E-9828-40E4-BFF6-311D3E89DB81}_is1) (Version: 9.0.0.0 - ) DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 4.0 - pXc-coding.com) DriversCloud.com (64 bits) (HKLM\...\{8B044631-6E1E-4A0B-8E7F-8CB932CC660F}) (Version: 10.0.5.3 - Cybelsoft) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden FMW 1 (Version: 1.227.45 - AVG Technologies) Hidden Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 3.1 - Gadwin Systems, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.17 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart C4400 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{886E586A-9121-4515-9C18-2C04202614B2}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{B11FEAD6-F19E-473E-A8B1-AE58C058F575}) (Version: 12.5.32.203 - HP Inc.) HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden IncrediBackup (x32 Version: 1.0.0.1087 - Nom de votre société) Hidden IncrediMail (x32 Version: 6.3.9.5274 - IncrediMail) Hidden IncrediMail 2.0 (HKLM-x32\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{939CD3F2-0EFA-4CE5-8164-1245F364EDD5}) (Version: 4.2.40.2418 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (x32 Version: 1.48.139.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (x32 Version: 1.48.139.0 - Intel Corporation) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation) K-Lite Codec Pack 14.2.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.2.5 - KLCP) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4293477075-826502125-2794942712-1000\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) Mises à jour NVIDIA 31.2.0.0 (Version: 31.2.0.0 - NVIDIA Corporation) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero BackItUp 4 (HKLM-x32\...\{d9c33cf1-c74a-4686-93c5-8b5ba1803329}) (Version: - Nero AG) Nero MediaHome 4 Trial (HKLM-x32\...\{746c02d8-f5a5-4f79-99fc-1eae39c97200}) (Version: - Nero AG) NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.93 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA Pilote graphique 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.93 - NVIDIA Corporation) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) OXPDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.1.0 - TaoRuan) Panneau de configuration NVIDIA 397.93 (Version: 397.93 - NVIDIA Corporation) Hidden PC Tools Registry Mechanic 11.1 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.1 - PC Tools) PDF Eraser V1.4 (HKLM-x32\...\PDF Eraser_is1) (Version: - hxxp://www.PDFEraser.net) PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version: - PokerStars.fr) PS_AIO_03_C4400_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.26.328.2018 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.) RogueKiller version 12.12.24.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.24.0 - Adlice Software) Sapphire_N Updater (HKLM-x32\...\{6BC18FCB-8EEA-48BE-B83F-CF59B0F908B5}) (Version: 2.00.0600 - Nom de votre société) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions) Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden Snooper USB driver (HKLM-x32\...\{312CFA20-68FD-41E2-B656-E110707F7BAA}) (Version: 1.00.0000 - Nom de votre société) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer) Technologie de stockage Intel(R) Rapid entreprise (HKLM-x32\...\{c5a854f6-5169-4e5c-81c6-e1aacb4f5098}) (Version: 5.3.0.1412 - Intel Corporation) TomTom HOME (HKLM-x32\...\{0E778C56-3A87-497E-BEF0-EF0D3EE4871C}) (Version: 2.10.2 - Nom de votre société) TomTom HOME (HKLM-x32\...\{F55189F0-F34D-49E4-9ABF-31D28DCA328E}) (Version: 2.11.1 - Nom de votre société) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) TomTom MyDrive Connect 4.1.6.3253 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden UCheck version 2.3.2.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 2.3.2.0 - Adlice Software) UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation) WinSCP 5.11.1 (HKLM-x32\...\winscp3_is1) (Version: 5.11.1 - Martin Prikryl) WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. ) WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy) XFast LAN v9.05 (HKLM\...\XFast LAN) (Version: 9.05 - cFos Software GmbH, Bonn) XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.38 - ASRock Inc.) Yahoo Messenger (HKU\S-1-5-21-4293477075-826502125-2794942712-1000\...\yahoomessenger) (Version: 0.8.288 - Yahoo! Inc) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-4293477075-826502125-2794942712-1000_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\gidur\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4293477075-826502125-2794942712-1000_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\gidur\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4293477075-826502125-2794942712-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\gidur\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4293477075-826502125-2794942712-1000_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\gidur\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4293477075-826502125-2794942712-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () ==================== Points de restauration ========================= 01-07-2018 23:51:19 Windows Update ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-12-12 18:59 - 2018-06-29 22:01 - 00002257 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A00230D0A302E302E302E30207365726975732E6D77627379732E636F6D0D0A0D0A0D0A2320756E636865636B795F626567696E0D0A232054686573652072756C657320776572652061646465642062792074686520556E636865636B792070726F6772616D20696E206F7264657220746F20626C6F636B206164766572746973696E6720736F667477617265206D6F64756C65730D0A302E302E302E3020302E302E302E3020232066697820666F72207472616365726F75746520616E64206E65747374617420646973706C617920616E6F6D616C790D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D2E73332E616D617A6F6E6177732E636F6D0D0A302E302E302E30206D656469612E6F70656E63616E64792E636F6D0D0A302E302E302E302063646E2E6F70656E63616E64792E636F6D0D0A302E302E302E3020747261636B696E672E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E6F70656E63616E64792E636F6D0D0A302E302E302E30206170692E7265636F6D6D656E64656473772E636F6D0D0A302E302E302E302072702E796566656E657269322E636F6D0D0A302E302E302E30206F732E796566656E657269322E636F6D0D0A302E302E302E30206F73322E796566656E657269322E636F6D0D0A302E302E302E3020696E7374616C6C65722E626574746572696E7374616C6C65722E636F6D0D0A302E302E302E3020696E7374616C6C65722E66696C6562756C6C646F672E636F6D0D0A302E302E302E302064336F78746E31783362386437692E636C6F756466726F6E742E6E65740D0A302E302E302E3020696E6E6F2E62697372762E636F6D0D0A302E302E302E30206E7369732E62697372762E636F6D0D0A302E302E302E302063646E2E66696C65326465736B746F702E636F6D0D0A302E302E302E302063646E2E676F617465617374636163682E75730D0A302E302E302E302063646E2E677574746173746174646B2E75730D0A302E302E302E302063646E2E696E736B696E6D656469612E636F6D0D0A302E302E302E302063646E2E696E7374612E6F6962756E646C6573322E636F6D0D0A302E302E302E302063646E2E696E7374612E706C617962727974652E636F6D0D0A302E302E302E302063646E2E6C6C6F67657466617374636163682E75730D0A302E302E302E302063646E2E6D6F6E74696572612E636F6D0D0A302E302E302E302063646E2E6D7364776E6C642E636F6D0D0A302E302E302E302063646E2E6D7970636261636B75702E636F6D0D0A302E302E302E302063646E2E7070646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E72696365617465617374636163682E75730D0A302E302E302E302063646E2E73687961706F7461746F2E75730D0A302E302E302E302063646E2E736F6C696D62612E636F6D0D0A302E302E302E302063646E2E7475746F3470632E636F6D0D0A302E302E302E302063646E2E617070726F756E642E62697A0D0A302E302E302E302063646E2E626967737065656470726F2E636F6D0D0A302E302E302E302063646E2E62697370642E636F6D0D0A302E302E302E302063646E2E62697372762E636F6D0D0A302E302E302E302063646E2E63646E64702E636F6D0D0A302E302E302E302063646E2E646F776E6C6F61642E73776565747061636B732E636F6D0D0A302E302E302E302063646E2E6470646F776E6C6F61642E636F6D0D0A302E302E302E302063646E2E76697375616C6265652E6E65740D0A2320756E636865636B795F656E640D0A00000D0A302E302E302E30206B657973746F6E652E6D77627379732E636F6D0A0A ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0319D346-9E60-4CE2-B937-EF6C981CC0F1} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration Task: {03FC65EF-4B69-46C6-84C4-70242DE7C993} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {050CEDD3-9FA4-4FD4-9E7D-0C1BD2A2327C} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask Task: {05BB4C70-BB44-4C4E-8411-B838D849D642} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {063C5598-8803-4821-9E12-89A7C54CD86D} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-05-30] (AVAST Software) Task: {06CC8994-FA97-4C10-A6F3-4FCA2652EE18} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {08ECD6F8-3E70-482C-9F54-C96A9C1A773F} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2018-01-01] (Microsoft Corporation) Task: {09095AB3-3A8D-4695-B18F-F9F1101E133D} - \{1022EAE7-CA13-DEEC-C21F-0FF1437D7CDD} -> Pas de fichier <==== ATTENTION Task: {0B0769E9-1E00-4421-A10B-980BA1360A23} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh Task: {0B6B6109-7193-42F0-B9A2-2C2FA62FBF28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {0F538974-96AB-4BFC-9BBC-D7D3F1F3C78F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {0F807A51-1ECC-4778-B874-7A001F54BA47} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand Task: {1309246E-5E1B-4274-A3EB-A057954E65ED} - System32\Tasks\{DA73CEB9-2B59-4B1E-9D77-8A67466AE6B1} => pcalua.exe -a "C:\Program Files (x86)\Clarus\Samsung Drive Manager\AccaSv.exe" -d "C:\Program Files (x86)\Clarus\Samsung Drive Manager" Task: {15AF6331-E5A6-4F9F-AEDF-E3C7A2515F69} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {1DEDB8B7-5A75-42C2-9D02-7662B60B74FF} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2018-01-22] (AVG Technologies CZ, s.r.o.) Task: {2282F37B-4046-4F5E-9C54-CEA129319388} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-23] (NVIDIA Corporation) Task: {22CE4332-A8D7-4E5F-A8B1-CDF64CD796D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange Task: {267D34FC-F2E4-4DEC-832F-B7FEFDDE0A69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated) Task: {27063F07-F01A-4F6E-8A90-DF0D9F497D77} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange Task: {2C78B5AF-6B52-469F-A4C3-DF4BD029724F} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate Task: {2F491FA2-CE8B-40FF-BEDB-8CEBC46886E9} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2017-09-29] (Microsoft Corporation) Task: {2F59DB56-F819-409B-9547-5D046353935F} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28] (Oracle Corporation) Task: {34CA836B-1F88-49E1-B52C-35C7C32914DB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {36713542-0103-4035-B316-A447E72506AC} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login Task: {37E715E6-383C-4ADF-813E-10FF9F50D9F7} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2017-09-29] (Microsoft Corporation) Task: {38067969-9B64-450C-BC6D-1CF52DD5BB54} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\Windows\system32\Notifier.exe [2018-05-04] (Microsoft Corporation) Task: {388E7D70-4229-40D2-8DF3-D644BCB84E09} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask Task: {38D4694E-3776-416A-A772-F5776E1EFF5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {4028F806-9647-43EC-87FA-8B810DFD9141} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense Task: {404E5205-AAF2-4EFB-88F5-4447014797E1} - System32\Tasks\SafeZone scheduled Autoupdate 1460583081 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {41460F9F-2029-401E-B98D-7FAB6DDFD08B} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-01-01] (Microsoft Corporation) Task: {4207AB65-CDA7-45CB-ABB2-DDCDD240699D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {42C9994F-FF96-4B6D-9AEA-5BF5F2AA3A3C} - System32\Tasks\{A33E1156-A25F-4865-8179-BCF66EDAAC6F} => pcalua.exe -a "F:\périphérique inconnu ordi de\Setup.exe" -d "F:\périphérique inconnu ordi de" Task: {43BA917C-CE39-45E8-9D2E-9E7590E11033} - System32\Tasks\{4C1D18B3-550A-44C7-A0F0-447D429A7B24} => pcalua.exe -a "C:\Program Files (x86)\IncrediMail\Bin\ImSetup.exe" -c /uninstallProduct /addon:incredimail Task: {463F24F7-0101-48A3-B30F-C8D9A5751755} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {46B99C38-B0C1-4A4A-9C40-B95A73EC983D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-29] (AVAST Software) Task: {49BE0209-874E-4175-8E1D-EC5BFEE65DE6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {4A52E557-CBD2-4032-A8DF-42811A3A773D} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications Task: {4A7742D7-718C-4CB8-A9A0-3B6C7B719928} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {4FC5FA4E-102D-41FF-AD93-38654F2D12F2} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2017-09-29] (Microsoft Corporation) Task: {516C5FDB-A678-435B-AF90-AB7E5B5A2972} - System32\Tasks\SafeZone scheduled Autoupdate 1509370461 => C:\Program Files (x86)\Avast SafeZone\launcher.exe Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff Task: {5267392F-5BB8-45A6-AD93-10211E2F8850} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2017-09-29] (Microsoft Corporation) Task: {5352CAB9-AD29-4F93-81D0-C34A2499EC7E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd) Task: {54A49E15-16C5-4143-8167-4E9ABAD77427} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2017-09-29] (Microsoft Corporation) Task: {57B3E015-51B1-4F71-AA95-FE22BE6E66A1} - System32\Tasks\{44A566BC-517A-4E1C-BBE3-72273DD6406E} => pcalua.exe -a C:\Users\gidur\Desktop\win64_153614.exe -d C:\Users\gidur\Desktop Task: {580823F3-6F8D-4E05-A5CB-CAD9BB3DD9A7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {5903CEA4-9BB2-4502-9DF0-A61633F93FFB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-11-08] (Intel(R) Corporation) Task: {5A201377-91EE-4904-B2C6-9F7D7456A03F} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2018-06-08] (Microsoft Corporation) Task: {5DF18478-B58F-450A-895F-7B745A6EE513} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {5E41493A-0ABA-46BE-8DEE-AB6DC6D37AFF} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe Task: {5ECD04DE-8153-43C9-AE05-D4F05D1E9F55} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {6107F012-7F2C-45BF-85BA-D8C3B7037A5D} - System32\Tasks\GoogleUpdateTaskMachineCore1d3733c22452f7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-16] (Google Inc.) Task: {612BB539-5F6D-45AE-9CB3-7BDB5BD0CE1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-16] (Google Inc.) Task: {61BAF05A-8050-481F-9368-9B62A53BC9C5} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2017-09-29] (Microsoft Corporation) Task: {633F3CB4-2560-4B1B-9A02-2A234DE10CB9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [2018-04-11] (Adobe Systems Incorporated) Task: {67AE940E-7F9F-466F-846B-9C627656E8FF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {67D2EBE9-6945-4ADD-A3B2-B2F2F9A266C5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {6831246E-D3E2-469C-9079-23FA53AC7712} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2017-09-29] (Microsoft Corporation) Task: {6E5F8BCA-89EE-4A07-81A9-4BC979E04A40} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged Task: {70B37760-296A-4A81-9E39-BDC9948F803D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-23] (NVIDIA Corporation) Task: {7181BD34-3AE2-4B20-9B0A-0B3DFE3DC217} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {72823FDD-BD1E-49B3-B82A-E44C027AE934} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession Task: {729E5B57-86FB-43E1-BF89-83336D0E3876} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {72D63C46-B523-4F74-8A48-1D1E20B8804E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2018-06-08] (Microsoft Corporation) Task: {78E99F23-65B3-41FD-AD3B-32A34CEAF41F} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2017-09-30] (Microsoft Corporation) Task: {78EB22E6-F889-411C-8F8D-E131D5195F5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {798E0AF4-3ED7-4D41-B06F-5261474509DE} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange Task: {802691A3-166B-4F58-A49A-619110F17212} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-16] (Google Inc.) Task: {82F4D23B-6094-4A71-881F-1E15A6319E3E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice Task: {82FE6C87-7603-4197-9D06-1B40FD38BFAB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {8C5D0486-F6FB-491D-BDE8-EA17DFD04457} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh Task: {8DC4F6F2-5AC8-41B5-8461-383B58804B47} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2017-09-29] (Microsoft Corporation) Task: {9146CAF1-986F-4406-95B4-117BFF427166} - System32\Tasks\SafeZone scheduled Autoupdate 1509329563 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {9308C795-C441-482B-89E1-07B4D080EE59} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {931BE2FA-8F50-4C1A-BFD8-150C55D25502} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task Task: {93E4E9BC-143C-419D-8AE2-A62972B07A64} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation) Task: {95F6887A-7EE7-4217-969C-0C72DBA7B8FC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-23] (NVIDIA Corporation) Task: {963BF889-B2F4-4B23-9821-ED640491A062} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4293477075-826502125-2794942712-1000 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {9A149913-6192-4221-841A-2D904528AAC3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck Task: {9ADA3139-1E94-4ACE-A585-E7DFA6D59F99} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-23] (NVIDIA Corporation) Task: {A06F6F66-CBFB-4EE0-997C-06C7674D277A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe Task: {A108828C-AC12-4613-8D0C-9DF73E983E77} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization Task: {A1557688-4EE9-4B41-9981-61FCA457BE67} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d -> Pas de fichier <==== ATTENTION Task: {A1EC9716-B6B1-4FC6-BE2F-E33BF6F42E33} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {A5C1489F-D79F-43B2-B433-EAAFE0E7ADA5} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task Task: {A7874EDA-EFDA-44A9-A9F2-4538B8750311} - System32\Tasks\SafeZone scheduled Autoupdate 1447706156 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {A7C57A41-D764-4AAB-BBDE-BB8DAA2BE5DD} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2017-09-29] (Microsoft Corporation) Task: {A981F507-0528-4D32-81B3-5EC996666BD3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {AB90E5E3-399D-47FF-B197-A0A789D8C521} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange Task: {ABAAFA95-4331-4259-B7CF-AD53C5E8B786} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task Task: {B2B85895-09A2-4BC3-BBF9-9B74780BFE62} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 Task: {B32F9624-1B89-48D0-9B8E-37D9184C7709} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe Task: {B517C484-E97D-4163-815C-631B71E03CE6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {B5EE5400-5823-4F7C-AF55-C3878E89DA03} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {B90177C1-965B-4B0F-990D-9D366957F7FF} - System32\Tasks\klcp_update => CodecTweakTool.exe Task: {BA7372F5-9227-45A5-91B1-CDF52684155B} - System32\Tasks\{B0B4CC1E-0073-467E-A4C6-3E41827957E7} => pcalua.exe -a C:\Users\gidur\Documents\Setup.exe -d C:\Users\gidur\Documents Task: {BB8AD5D4-7625-4308-9E7C-18BE6A0ABE05} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation) Task: {BCD9B773-2F2E-4003-9235-4CF2996D9108} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation) Task: {BE50030E-4D6F-474B-A8CD-B1A53998C492} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate Task: {BF22E38E-8BFF-417F-BA6A-5AF65E889A40} - System32\Tasks\Programme de mise à jour en ligne de Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {C1BC90B0-6517-4236-AACF-6DB990FFACE8} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" Task: {C4FF9C83-94A6-4183-8351-9FA670846DB1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation) Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 Task: {C70648DF-6885-45F2-A703-060272F36AB7} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {CBD3FF03-5199-4CDE-96B6-12123FD13A79} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.) Task: {CBE5BD65-6BAA-471C-A2F8-34D24F3469E0} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2017-09-30] (Microsoft Corporation) Task: {CD8B37EF-F8C8-4414-B193-D944BD68B122} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-08] (AVAST Software) Task: {CDE1589E-5CB4-4534-80AD-18D0417C0188} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {CE3B0DB5-A6E5-40E3-AAD9-A65F81BFFAC8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork Task: {D512AEC7-397A-47E4-BEDE-72E02F69397A} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation) Task: {D56B6493-1C8E-4511-BD37-2789B1FDF3D5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-23] (NVIDIA Corporation) Task: {D79F475D-4638-44CE-AE6A-F20F107C41CE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange Task: {D7DDAA17-8A89-4257-BBBB-6197E753F161} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {DEA64383-B0C8-469A-9B3D-6E271201E95F} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" Task: {E0D45B22-1A56-43FE-854C-DAFD1DDA1D61} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2017-09-29] (Microsoft Corporation) Task: {E4C93221-6D8B-4104-9B72-51D77217C07B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-23] (NVIDIA Corporation) Task: {E52928DD-BCA2-4E32-9B84-FFA7606694BE} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2017-09-29] (Microsoft Corporation) Task: {E8C1EAF5-5A52-4F3C-8A32-80ED4CE14861} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd) Task: {E9BF9DDD-8920-4580-AE12-524BC8E3109B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {E9FE3409-6CE2-47D8-91AA-CCE650AF764E} - System32\Tasks\{6148E344-C337-4AAD-B511-00CFFC6B2563} => pcalua.exe -a C:\Users\gidur\Desktop\office2003-kb892258-client-fra.exe -d C:\Users\gidur\Desktop Task: {EAE0C854-3205-4265-85E9-2499FB43B873} - System32\Tasks\SafeZone scheduled Autoupdate 1460725697 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {EBC98788-6390-4C89-8DA8-94D6DBAF2038} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 Task: {EF54804E-C223-4211-94FA-93F425575B5B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask Task: {EFC1298E-E083-4116-982F-6E29309536D1} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task Task: {F0277D4E-7510-4CF9-A619-57E93F2E1486} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {F18F27EA-2785-4606-AAAD-84DB088BA6A2} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon -> Pas de fichier <==== ATTENTION Task: {F52A2CAB-5001-4BCD-BB88-C6389D24A525} - System32\Tasks\RMAutoUpdate => C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\SULauncher.exe [2012-08-21] (PC Tools) Task: {F54F02A3-3571-41DA-85C8-579CFE1E25AE} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation => C:\Windows\System32\WaaSMedic.exe [2017-09-29] (Microsoft Corporation) Task: {F5FC3EF1-2613-4CF9-B010-942AAEA3265D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {F65048F2-3C4C-42C7-A1CF-D4497D1E0210} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {F762479F-5A5A-4A57-99A4-19D5F576F34C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand Task: {F8062C61-5EC8-4E83-AF9D-94635B54AB82} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {F8F8902D-2BE6-4F12-8A9A-00FA221A3146} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask Task: {F929E4DB-38BD-48A3-8325-4D2E72370191} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {F99D8703-70C7-4010-BAED-F5C999213164} - System32\Tasks\SafeZone scheduled Autoupdate 1509324922 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {FDBE5C78-654C-4655-879A-D22D0C121C58} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {FDF446E0-B1F5-4C40-A448-33C9DF228409} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-23] (NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\RMAutoUpdate.job => C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\SULauncher.exe ==================== Modules chargés (Avec liste blanche) ============== 2017-09-29 15:41 - 2017-09-29 15:41 - 00184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2015-02-01 03:46 - 2005-03-12 02:07 - 00087040 _____ () C:\WINDOWS\System32\pdfcmnnt.dll 2018-05-31 14:16 - 2018-05-23 00:00 - 01314752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-06-03 03:05 - 2018-07-02 15:31 - 02297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-06-03 03:05 - 2018-07-02 15:31 - 02493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-04-27 04:22 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll 2018-07-01 14:31 - 2018-06-08 08:00 - 11044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-07-01 14:31 - 2018-06-08 07:56 - 01804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-05-31 12:24 - 2018-05-31 12:26 - 00086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-05-31 12:24 - 2018-05-31 12:26 - 00195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-05-31 12:24 - 2018-05-31 12:27 - 22374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-05-31 12:24 - 2018-05-31 12:26 - 02610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll 2018-04-30 13:20 - 2018-04-30 13:20 - 00061408 _____ () C:\Program Files\CCleaner\branding.dll 2018-06-24 13:26 - 2018-06-24 13:26 - 00097272 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2018-06-29 22:13 - 2018-06-29 22:13 - 00483544 _____ () c:\program files\avast software\avast\streamback.dll 2017-09-26 21:22 - 2017-09-26 21:22 - 01984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll 2018-03-29 15:00 - 2018-03-29 15:00 - 67126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-06-29 22:13 - 2018-06-29 22:13 - 00483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2018-06-29 22:12 - 2018-06-29 22:12 - 00282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2018-05-31 14:16 - 2018-05-23 00:00 - 01032640 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-04-16 12:09 - 2018-04-16 12:08 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll 2016-05-12 13:58 - 2016-05-12 13:58 - 00268712 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll 2016-05-12 13:58 - 2016-05-12 13:58 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll 2016-05-12 13:58 - 2016-05-12 13:58 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll 2016-05-12 13:58 - 2016-05-12 13:58 - 00133544 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll 2016-05-12 13:58 - 2016-05-12 13:58 - 00080296 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Program Files\Adblock Plus for IE:Win32App_1 AlternateDataStreams: C:\Program Files\DriversCloud.com:Win32App_1 AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App_1 AlternateDataStreams: C:\Program Files\RogueKiller:Win32App_1 AlternateDataStreams: C:\Program Files\UNP:Win32App_1 AlternateDataStreams: C:\Program Files\WOT:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\CamStudio 2.7:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\CDBurnerXP:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\DoNotSpy10:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Free PDF to Word Doc Converter:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\HP:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\IncrediBackup:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\IncrediMail:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\K-Lite Codec Pack:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Microsoft Office:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Microsoft Silverlight:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Microsoft Visual Studio 8:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\MyDrive Connect:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\PDF Eraser:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\PokerStars.FR:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Sapphire_N Updater:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\SIW:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Snooper USB driver:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\TeamViewer:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\TomTom HOME 2:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\WinSCP:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\WOT:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\ZHPFix:Win32App_1 AlternateDataStreams: C:\WINDOWS\SysWOW64\Adobe:Win32App_1 AlternateDataStreams: C:\ProgramData\DriversCloud.com:Win32App_1 AlternateDataStreams: C:\ProgramData\HP:Win32App_1 AlternateDataStreams: C:\ProgramData\HP Product Assistant:Win32App_1 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 AlternateDataStreams: C:\Users\gidur\bureau\Outlook.com.website:TASKICON_0OLFavIE91284348923 AlternateDataStreams: C:\Users\gidur\bureau\Outlook.com.website:TASKICON_1OCalFavIE91545382048 AlternateDataStreams: C:\Users\gidur\bureau\Outlook.com.website:TASKICON_2PeopleFav302369383 AlternateDataStreams: C:\Users\gidur\bureau\Outlook.com.website:TASKICON_3SkyDriveFav-1311630743 AlternateDataStreams: C:\Users\gidur\bureau\Outlook.com.website:TASKICON_4OLFavIE91410631431 AlternateDataStreams: C:\Users\gidur\AppData\LocalLow\Adblock Plus for IE:Win32App_1 ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware" ==================== EXE Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\S-1-5-21-4293477075-826502125-2794942712-1000\...\clubic.com -> hxxp://www.clubic.com IE restricted site: HKU\S-1-5-21-4293477075-826502125-2794942712-1000\...\skype.com -> hxxps://apps.skype.com ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-4293477075-826502125-2794942712-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\gidur\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\reflections1.jpg HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) MSCONFIG\Services: GSService => 3 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: NvTelemetryContainer => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! SecureLine.lnk => C:\Windows\pss\avast! SecureLine.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\WINDOWS\pss\FAH.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ISCTSystray.lnk => C:\Windows\pss\ISCTSystray.lnkCommon Startup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Notifications de Mises à jour.lnk => C:\WINDOWS\pss\Notifications de Mises à jour.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Préchargeur.lnk => C:\WINDOWS\pss\WinZip Préchargeur.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^gidur^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Enregistrement du produit.lnk => C:\Windows\pss\Logitech . Enregistrement du produit.lnk.Startup MSCONFIG\startupreg: Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe MSCONFIG\startupreg: BitTorrent => "C:\Users\gidur\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: GUDelayStartup => MSCONFIG\startupreg: HotKeysCmds => MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe" MSCONFIG\startupreg: IncrediMail => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: msnmsgr => MSCONFIG\startupreg: NBKeyScan => MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN MSCONFIG\startupreg: Persistence => MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Simp => C:\Program Files (x86)\Secway\SimpLite-MSN 2.5\SimpLite-MSN.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TomTomHOME.exe => MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: XFast LAN => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe MSCONFIG\startupreg: XFastUSB => "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk" HKLM\...\StartupApproved\StartupFolder: => "Notifications de Mises à jour.lnk" HKLM\...\StartupApproved\StartupFolder: => "WinZip Préchargeur.lnk" HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk" HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk" HKLM\...\StartupApproved\Run: => "AvgUi" HKLM\...\StartupApproved\Run: => "WindowsDefender" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "StereoLinksInstall" HKLM\...\StartupApproved\Run32: => "DelaypluginInstall" HKU\S-1-5-21-4293477075-826502125-2794942712-1000\...\StartupApproved\StartupFolder: => "Logitech . Enregistrement du produit.lnk" HKU\S-1-5-21-4293477075-826502125-2794942712-1000\...\StartupApproved\Run: => "Yahoo Messenger Updater" HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\StartupApproved\Run: => "OneDriveSetup" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [{97585195-6E95-40D0-99D4-B8924F7757AD}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{8E7744EB-AB75-4DB0-B52B-4543C5731388}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{7F7F8C3B-CE71-4B21-97BB-E8F63A2CB994}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{BA43D614-E930-44EC-91F9-AFA8A48F5277}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{45D44FC6-1049-4437-AA8B-B9AB34CEE4F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{F0FE23AB-1A10-437F-8B08-48876C0A4ED2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{94C012FE-E077-4010-B221-29D93AD910A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{0046DBFB-5820-47C1-8EDC-7EBAF24D851B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{4669038A-FCA6-4566-B632-72B0439C207B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{863A326F-A703-45C8-B4D8-988A6FC000EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{8949C6A9-EC5B-43C3-830E-E479DA75FEBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{1B8F65DE-1E86-4B59-8B0E-FC1B571BBF16}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{3E5D3146-77C7-43C2-BF27-9545A491DB97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{27D5B159-C6EA-4063-985E-3B3AAF60D238}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{958CCAF5-38D5-4353-8D58-25217024F123}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe FirewallRules: [{8FF0E207-8124-4F65-8758-7360AA647E9C}] => (Block) C:\Windows\explorer.exe FirewallRules: [{1290FED4-4ADF-4EE2-9C80-1B7B9033F84D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe FirewallRules: [{600B2ED6-F351-4D24-B523-049345C040A4}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe FirewallRules: [{A13B80DC-A732-47A9-80E5-3BA6CB5F735B}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe FirewallRules: [{7900D09A-500C-4170-9EA4-978892128A48}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe FirewallRules: [TCP Query User{B27472CE-BF16-472A-B54A-6BE50BB8EA46}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{EE0C68B9-8A24-4222-AE84-D81CE9577A5D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{D5C6CE1E-6F7D-40E6-893B-059053E9DAB0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe FirewallRules: [{8B280A3A-1346-4FCD-8FF9-ED9D7CB60994}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe FirewallRules: [{5A6DF1C3-7DAE-4B81-A5A3-B7E4C59BD66F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe FirewallRules: [{886C980B-D19D-4F94-B030-E8080341C19B}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe FirewallRules: [{9DD40E3B-5CCF-4905-9315-342A09CD458A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{ECD39DC2-5FC5-40D1-8D30-58EC8282A588}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{818165FA-3BEF-4A90-B28C-7599D613FC69}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{82263EB8-CD73-4DB3-81B2-10B96EC553BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{0DA0A398-CAFB-4728-8CCF-F980888CB59B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{91FA193A-16E1-4950-8CA0-905330A8C751}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{901CB31A-E552-40BE-8E4B-B626740ED8EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{14F864F5-4460-4DD3-998B-1ADCC845FA9B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{CF94ABEE-040E-4590-BE5F-200CAE8245AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{20C5C794-115C-40D1-B75C-4152B0B69165}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{BB43E278-1F87-48A8-931E-2C5522E39B29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7248BAD3-D155-4E96-8612-77983078F67A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{0DA8144F-EAF1-4B4F-B40E-524135E89BD9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{62A1E8D4-0414-4FBC-A0D7-EF7D7985A9F7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{4CA38750-65B2-470A-A11F-5FD4CA100D01}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{AAFBD76B-2923-43DE-9BA7-1166924F952A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{099E8A04-113B-416E-B480-F7BBABB439FD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (07/02/2018 03:07:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (07/02/2018 03:05:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Wondershare Driver Install Service since QueryServiceConfig API failed System Error: Le fichier spécifié est introuvable. . Error: (07/02/2018 03:05:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Wondershare Application Framework Service since QueryServiceConfig API failed System Error: Le fichier spécifié est introuvable. . Error: (07/02/2018 03:05:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante NeroStartSmart.exe, version : 9.0.6.100, horodatage : 0x48b7e7d9 Nom du module défaillant : ntdll.dll, version : 10.0.16299.492, horodatage : 0xaeec4354 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0002c236 ID du processus défaillant : 0x848 Heure de début de l’application défaillante : 0xNeroStartSmart.exe0 Chemin d’accès de l’application défaillante : NeroStartSmart.exe1 Chemin d’accès du module défaillant: NeroStartSmart.exe2 ID de rapport : NeroStartSmart.exe3 Nom complet du package défaillant : NeroStartSmart.exe4 ID de l’application relative au package défaillant : NeroStartSmart.exe5 Error: (07/02/2018 02:58:17 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (07/02/2018 02:54:46 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (07/02/2018 02:53:20 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {1ea16eeb-7291-4647-b7a6-52155503e6ce} Error: (07/02/2018 02:09:49 PM) (Source: ESENT) (EventID: 454) (User: ) Description: DllHost (1096,U,0) Internet_NOEDP_LEGACY_IDB: La récupération/restauration de la base de données a échoué en raison d’une erreur inattendue -1216. Error: (07/02/2018 02:09:49 PM) (Source: ESENT) (EventID: 494) (User: ) Description: DllHost (1096,U,0) Internet_NOEDP_LEGACY_IDB: Échec de la récupération de base de données avec l’erreur -1216 en raison de références à la base de données « C:\Users\gidur\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.edb », qui n’existe plus. La base de données n’a pas été amenée dans un état d’arrêt correct avant d’être supprimée (ou déplacée ou renommée). Le moteur de base de données ne permettra pas à la récupération de se terminer pour cette instance tant que la base de données manquante n’aura pas été réintégrée. Si la base de données n’est vraiment plus disponible ni requise, des procédures pour la récupération de cette erreur sont disponibles dans la Base de connaissances Microsoft ou via le lien « plus d’informations » au bas de ce message. Error: (07/02/2018 01:35:45 PM) (Source: W3SVC-WP) (EventID: 2307) (User: ) Description: Le processus de travail du pool d'applications 'DefaultAppPool' a rencontré une erreur 'Impossible de lire le fichier de configuration ' lors de la tentative de lecture des données de configuration à partir du fichier '\\?\', ligne numéro '0'. Le champ de données contient le code d'erreur. Erreurs système: ============= Error: (07/02/2018 03:31:58 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Gestionnaire des cartes téléchargées est en attente de démarrage. Error: (07/02/2018 03:30:08 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/02/2018 03:27:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Adaptateur d'écouteur Net.Pipe n’a pas pu démarrer en raison de l’erreur : %%1053 Error: (07/02/2018 03:27:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service NetPipeActivator. Error: (07/02/2018 03:27:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Adaptateur d'écouteur Net.Msmq n’a pas pu démarrer en raison de l’erreur : %%1053 Error: (07/02/2018 03:27:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service NetMsmqActivator. Error: (07/02/2018 03:27:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service NetTcpActivator dépend du service NetTcpPortSharing qui n’a pas pu démarrer en raison de l’erreur : %%1053 Error: (07/02/2018 03:27:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service NetTcpPortSharing n’a pas pu démarrer en raison de l’erreur : %%1053 Error: (07/02/2018 03:27:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service NetTcpPortSharing. Error: (07/02/2018 01:53:35 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible CodeIntegrity: =================================== Date: 2018-06-03 02:15:43.339 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\drivers\iaStorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-06-03 02:15:43.320 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\drivers\iaStorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-06-03 02:15:41.907 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\drivers\iaStorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-06-03 02:15:41.872 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\drivers\iaStorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-05-19 19:56:10.386 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-19 19:56:10.166 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-19 19:56:10.003 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-19 19:56:09.807 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-19 19:56:09.471 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-19 19:56:09.011 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz Pourcentage de mémoire utilisée: 34% Mémoire physique - RAM - totale: 8131.26 MB Mémoire physique - RAM - disponible: 5311.93 MB Mémoire virtuelle totale: 16835.26 MB Mémoire virtuelle disponible: 13501.7 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:930.97 GB) (Free:857.41 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F36B912B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Fin de Addition.txt ============================