Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20-09-2017
Exécuté par walid (21-09-2017 19:26:08)
Exécuté depuis C:\Users\walid\Desktop
Windows 10 Pro Version 1703 (X64) (2017-09-16 04:53:10)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-903209215-2254376086-2688177463-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-903209215-2254376086-2688177463-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-903209215-2254376086-2688177463-1002 - Limited - Enabled)
Invité (S-1-5-21-903209215-2254376086-2688177463-501 - Limited - Disabled)
walid (S-1-5-21-903209215-2254376086-2688177463-1000 - Administrator - Enabled) => C:\Users\walid
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Backup and Sync from Google (HKLM-x32\...\{9AC75ED0-A54A-4AEA-9563-87572879D91C}) (Version: 3.36.6721.3394 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Command and Conquer 3 Tiberium Wars Complete Collection version 1.02 (HKLM-x32\...\{01BB7046-6217-4225-BFA8-A5E5DB2B0977}_is1) (Version: 1.02 - Electronic Arts)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.0.6.909 - Foxit Software Inc.)
Free Virtual Keyboard 3.0.1.0 (HKLM-x32\...\{CA4F9519-1A83-4907-8651-F17073A0E1CE}_is1) (Version: 3.0 - Comfort Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
iSkysoft iTransfer ( Version 4.1.0 ) (HKLM-x32\...\{84A89F3A-B59A-4324-8598-3611853769C8}_is1) (Version: 4.1.0 - iSkysoft)
Kaspersky Internet Security (HKLM-x32\...\{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.2.2 - PandoraTV)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x64 fr) (HKLM\...\Mozilla Firefox 55.0.3 (x64 fr)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
OSTotoHotspot (HKLM-x32\...\OSTotoHotspot) (Version: 4.4.0.2 - )
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.8.8 - Vaclav Slavik)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-903209215-2254376086-2688177463-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-08-12] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2016-07-21] (Kaspersky Lab ZAO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2016-07-21] (Kaspersky Lab ZAO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2016-07-21] (Kaspersky Lab ZAO)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers5: [SynGlwPad] -> {681C10CE-5E5D-463A-A270-771AA48E4C71} => -> Pas de fichier
ContextMenuHandlers6: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2016-07-21] (Kaspersky Lab ZAO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Pas de fichier
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {047DB737-C54C-473D-B01D-3136C502133E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-21] (Google Inc.)
Task: {226DE8A2-46A1-4130-9403-950A6D7CA446} - System32\Tasks\{3C7FFC10-9474-4800-B7D6-1C576F4C1F16} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/ar/abandoninstall?source=lightinstaller&page=tsInstall
Task: {39C3A557-2E32-4D95-B906-051B1480B793} - System32\Tasks\{6A3E7E1F-FA29-4408-8970-10465D3E4EAE} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.25.0.106&LastError=12002
Task: {577DDDD1-F6DD-4C10-AB94-CCDC9700B359} - \CCleanerSkipUAC -> Pas de fichier <==== ATTENTION
Task: {7B8F6AD4-739C-45CC-BA9B-F2E47E750E56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-21] (Google Inc.)
Task: {89752CD4-8F40-4A23-A921-C6AA464F29A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {9796440C-9782-46CF-BA03-5E0DB640C7D0} - System32\Tasks\{E56BB50F-8D8A-4C49-BB0C-85F9F0F5AFDA} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.25.0.106&LastError=12002
Task: {9985DFB1-D9F8-4459-88AA-B703131BDED5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {C7BD5B93-9D87-4546-A230-49A86B048CC1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {EC69BE9B-5878-421F-9509-053F02DD4205} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {F578D798-110B-491F-BF15-C67D6AA7B110} - System32\Tasks\{C1325A51-B662-4060-8EE6-241C78DD932B} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.29.80.102/fr/abandoninstall?page=tsProgressBar
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\walid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
==================== Modules chargés (Avec liste blanche) ==============
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-09 01:47 - 2015-11-04 11:12 - 001114608 _____ () C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-08-31 17:18 - 2017-08-31 17:18 - 040257336 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2017-08-29 01:31 - 2017-08-23 09:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-08-29 01:31 - 2017-08-23 09:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2017-08-22 22:25 - 2017-08-22 22:40 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-22 22:25 - 2017-08-22 22:40 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-22 22:25 - 2017-08-22 22:40 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-22 22:25 - 2017-08-22 22:40 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-26 16:34 - 2017-07-26 16:37 - 032960512 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-07-26 16:34 - 2017-07-26 16:36 - 009161728 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-07-07 13:33 - 2017-07-07 13:39 - 003500456 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-26 16:34 - 2017-07-26 16:37 - 013154304 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-07-26 16:34 - 2017-07-26 16:36 - 010910208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-06-01 16:15 - 2017-06-01 16:20 - 000117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL
2017-03-18 21:59 - 2017-03-20 06:12 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 000794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2017-07-09 03:08 - 2014-05-19 17:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2017-07-09 03:08 - 2014-10-31 16:40 - 001498112 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2017-09-20 18:19 - 2017-09-20 18:19 - 000088064 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_ctypes.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000918528 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_hashlib.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000098816 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32api.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000110080 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\pywintypes27.dll
2017-09-20 18:19 - 2017-09-20 18:19 - 000364544 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\pythoncom27.dll
2017-09-20 18:19 - 2017-09-20 18:19 - 000686080 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\unicodedata.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000320512 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32com.shell.shell.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 001177088 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._core_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000806912 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._gdi_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000816640 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._windows_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 001067520 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._controls_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000733696 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._misc_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000736256 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\pysqlite2._sqlite.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000119808 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32file.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000108544 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32security.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000007168 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\hashobjs_ext.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000017920 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\thumbnails_ext.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000082432 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\usb_ext.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000013824 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\common.time34.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000018432 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32event.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000088576 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\windows.volumes.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000017408 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\windows.winwrap.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000167936 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32gui.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000046080 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_socket.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 001309696 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_ssl.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000129536 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_elementtree.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000127488 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\pyexpat.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000038912 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32inet.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000077824 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._html2.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000036864 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_psutil_windows.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000524248 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\windows._lib_cacheinvalidation.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000011264 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32crypt.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000218624 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\PIL._imaging.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000027648 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_multiprocessing.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000020480 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_yappi.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000035840 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32process.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000024064 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32pipe.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000010240 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\select.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000025600 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32pdh.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000058880 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\windows.device_monitor.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000017408 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32profile.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000022528 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32ts.pyd
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2016-07-21 03:15 - 2016-07-21 03:10 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\StartupApproved\Run: => "EPSON Stylus CX4300 Series"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{31ED7948-7581-4135-9756-14925CC87A32}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3CB8A646-FD82-4A34-908F-D9DF89B14C1A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EA3BBE28-6793-4F41-82C9-D2D13DC3FE5C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9EA822F3-8F64-4E4B-9F22-1AC503565F5F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C6FA513C-8737-47FB-893A-9C2588F9357D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C23B6BFA-C006-4BFC-B960-B182874D920D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{26727123-7513-4A0F-BE01-A8F8B8ED56F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43FA8792-40E2-4320-AC1F-3B75CB5865E2}] => (Block) C:\program files (x86)\ostotohotspot\hotspot.exe
FirewallRules: [{1D13261A-FF30-439A-84EE-C5A9FAFD509A}] => (Block) C:\program files (x86)\ostotohotspot\hotspot.exe
FirewallRules: [UDP Query User{FDD58C0B-F132-4DF0-A5A3-D8EAF8687FE2}C:\program files (x86)\ostotohotspot\hotspot.exe] => (Allow) C:\program files (x86)\ostotohotspot\hotspot.exe
FirewallRules: [TCP Query User{9B073D77-7178-4897-8887-9A725B9F2FE7}C:\program files (x86)\ostotohotspot\hotspot.exe] => (Allow) C:\program files (x86)\ostotohotspot\hotspot.exe
FirewallRules: [{1459DC92-48FC-4ABA-8D38-28135F8A575B}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{F418BD7B-7D89-421F-A7A5-BCD1733F59AB}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{3EF24904-B93E-46A8-B7D4-AD33640DF787}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{F32F39FA-7820-4E1F-851B-BC9D4CB0A522}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{2869DAE8-3D23-4A7F-B0E4-234DC5ADAD51}] => (Allow) C:\Users\walid\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8E47E8D6-020A-465C-ACE5-1003ABBDBFC2}] => (Allow) C:\Users\walid\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B00F7D1F-56BE-4383-B29A-68E972B58EE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7E50837-70C2-4D54-8411-9DDDC8ABDE03}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B2D35A3B-CC9C-4985-B30D-765BDB99099B}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{422113DD-1602-4C14-AA9D-7C2BE5D1FFF8}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{014292FF-6DB1-43AF-94F4-38797B3B6AD7}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{1A4532E5-C329-4B5B-8BD8-B1E2B38D902C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{817001C5-A669-4E6A-91D1-7D0635E7CD93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CB1757F5-4A04-4C7A-8969-BB8BB7C436FC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBE2E791-629A-47E3-90A8-DF03789644D7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A6B77245-A826-4EFE-8400-D6CD3BCD9FE3}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{4CC8B4DC-7CEC-42AF-AAA6-BE72668F0530}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{1E9D1BEA-493C-40F0-81C8-0C2F9E2705E1}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{4E0F4E30-1E30-45D9-8E49-9A4ADBD2AD9B}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
==================== Points de restauration =========================
21-09-2017 18:47:00 Point de contrôle planifié
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (09/21/2017 04:12:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1343
Error: (09/21/2017 04:12:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1343
Error: (09/21/2017 04:12:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/21/2017 03:54:00 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/21/2017 03:52:10 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={11D23FE4-1A48-4F9A-990A-622A8D424D20} : L’utilisateur walid-PC\walid a composé le numéro de la connexion KGRG. La connexion a échoué. Code d’erreur retourné : 651.
Error: (09/21/2017 06:53:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1297
Error: (09/21/2017 06:53:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1297
Error: (09/21/2017 06:53:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/21/2017 01:56:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1297
Error: (09/21/2017 01:56:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1297
Erreurs système:
=============
Error: (09/20/2017 05:56:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur :
Cette demande n’est pas prise en charge.
Error: (09/20/2017 05:55:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service MBAMService.
Error: (09/20/2017 04:51:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Optimisation de livraison est en attente de démarrage.
Error: (09/20/2017 04:47:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur :
Cette demande n’est pas prise en charge.
Error: (09/20/2017 04:46:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Apple Mobile Device Service n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (09/20/2017 04:46:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Apple Mobile Device Service.
Error: (09/20/2017 04:46:03 PM) (Source: DCOM) (EventID: 10010) (User: walid-PC)
Description: Le serveur {D63B10C5-BB46-4990-A94F-E40B9D520160} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/20/2017 04:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service SHAREit Hotspot Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (09/20/2017 04:45:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.
Error: (09/20/2017 04:45:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Apple Mobile Device Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Pourcentage de mémoire utilisée: 90%
Mémoire physique - RAM - totale: 3914.35 MB
Mémoire physique - RAM - disponible: 375.55 MB
Mémoire virtuelle totale: 7242.35 MB
Mémoire virtuelle disponible: 2534.38 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:161.95 GB) (Free:29.03 GB) NTFS
Drive d: () (Fixed) (Total:146.48 GB) (Free:55.71 GB) NTFS
Drive e: () (Fixed) (Total:157.23 GB) (Free:93.03 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 12806EA3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=162 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=157.2 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================
Exécuté par walid (21-09-2017 19:26:08)
Exécuté depuis C:\Users\walid\Desktop
Windows 10 Pro Version 1703 (X64) (2017-09-16 04:53:10)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-903209215-2254376086-2688177463-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-903209215-2254376086-2688177463-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-903209215-2254376086-2688177463-1002 - Limited - Enabled)
Invité (S-1-5-21-903209215-2254376086-2688177463-501 - Limited - Disabled)
walid (S-1-5-21-903209215-2254376086-2688177463-1000 - Administrator - Enabled) => C:\Users\walid
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Backup and Sync from Google (HKLM-x32\...\{9AC75ED0-A54A-4AEA-9563-87572879D91C}) (Version: 3.36.6721.3394 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Command and Conquer 3 Tiberium Wars Complete Collection version 1.02 (HKLM-x32\...\{01BB7046-6217-4225-BFA8-A5E5DB2B0977}_is1) (Version: 1.02 - Electronic Arts)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.0.6.909 - Foxit Software Inc.)
Free Virtual Keyboard 3.0.1.0 (HKLM-x32\...\{CA4F9519-1A83-4907-8651-F17073A0E1CE}_is1) (Version: 3.0 - Comfort Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
iSkysoft iTransfer ( Version 4.1.0 ) (HKLM-x32\...\{84A89F3A-B59A-4324-8598-3611853769C8}_is1) (Version: 4.1.0 - iSkysoft)
Kaspersky Internet Security (HKLM-x32\...\{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.2.2 - PandoraTV)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x64 fr) (HKLM\...\Mozilla Firefox 55.0.3 (x64 fr)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
OSTotoHotspot (HKLM-x32\...\OSTotoHotspot) (Version: 4.4.0.2 - )
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.8.8 - Vaclav Slavik)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-903209215-2254376086-2688177463-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-08-12] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2016-07-21] (Kaspersky Lab ZAO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2016-07-21] (Kaspersky Lab ZAO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2016-07-21] (Kaspersky Lab ZAO)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers5: [SynGlwPad] -> {681C10CE-5E5D-463A-A270-771AA48E4C71} => -> Pas de fichier
ContextMenuHandlers6: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2016-07-21] (Kaspersky Lab ZAO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Pas de fichier
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {047DB737-C54C-473D-B01D-3136C502133E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-21] (Google Inc.)
Task: {226DE8A2-46A1-4130-9403-950A6D7CA446} - System32\Tasks\{3C7FFC10-9474-4800-B7D6-1C576F4C1F16} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/ar/abandoninstall?source=lightinstaller&page=tsInstall
Task: {39C3A557-2E32-4D95-B906-051B1480B793} - System32\Tasks\{6A3E7E1F-FA29-4408-8970-10465D3E4EAE} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.25.0.106&LastError=12002
Task: {577DDDD1-F6DD-4C10-AB94-CCDC9700B359} - \CCleanerSkipUAC -> Pas de fichier <==== ATTENTION
Task: {7B8F6AD4-739C-45CC-BA9B-F2E47E750E56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-21] (Google Inc.)
Task: {89752CD4-8F40-4A23-A921-C6AA464F29A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {9796440C-9782-46CF-BA03-5E0DB640C7D0} - System32\Tasks\{E56BB50F-8D8A-4C49-BB0C-85F9F0F5AFDA} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.25.0.106&LastError=12002
Task: {9985DFB1-D9F8-4459-88AA-B703131BDED5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {C7BD5B93-9D87-4546-A230-49A86B048CC1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {EC69BE9B-5878-421F-9509-053F02DD4205} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {F578D798-110B-491F-BF15-C67D6AA7B110} - System32\Tasks\{C1325A51-B662-4060-8EE6-241C78DD932B} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.29.80.102/fr/abandoninstall?page=tsProgressBar
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\walid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
==================== Modules chargés (Avec liste blanche) ==============
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-09 01:47 - 2015-11-04 11:12 - 001114608 _____ () C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-08-31 17:18 - 2017-08-31 17:18 - 040257336 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2017-08-29 01:31 - 2017-08-23 09:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-08-29 01:31 - 2017-08-23 09:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2017-08-22 22:25 - 2017-08-22 22:40 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-22 22:25 - 2017-08-22 22:40 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-22 22:25 - 2017-08-22 22:40 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-22 22:25 - 2017-08-22 22:40 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-26 16:34 - 2017-07-26 16:37 - 032960512 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-07-26 16:34 - 2017-07-26 16:36 - 009161728 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-07-07 13:33 - 2017-07-07 13:39 - 003500456 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-26 16:34 - 2017-07-26 16:37 - 013154304 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-07-26 16:34 - 2017-07-26 16:36 - 010910208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-06-01 16:15 - 2017-06-01 16:20 - 000117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL
2017-03-18 21:59 - 2017-03-20 06:12 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 000794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2017-07-09 03:08 - 2014-05-19 17:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2017-07-09 03:08 - 2014-10-31 16:40 - 001498112 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2017-09-20 18:19 - 2017-09-20 18:19 - 000088064 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_ctypes.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000918528 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_hashlib.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000098816 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32api.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000110080 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\pywintypes27.dll
2017-09-20 18:19 - 2017-09-20 18:19 - 000364544 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\pythoncom27.dll
2017-09-20 18:19 - 2017-09-20 18:19 - 000686080 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\unicodedata.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000320512 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32com.shell.shell.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 001177088 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._core_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000806912 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._gdi_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000816640 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._windows_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 001067520 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._controls_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000733696 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._misc_.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000736256 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\pysqlite2._sqlite.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000119808 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32file.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000108544 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32security.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000007168 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\hashobjs_ext.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000017920 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\thumbnails_ext.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000082432 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\usb_ext.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000013824 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\common.time34.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000018432 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32event.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000088576 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\windows.volumes.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000017408 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\windows.winwrap.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000167936 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32gui.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000046080 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_socket.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 001309696 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_ssl.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000129536 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_elementtree.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000127488 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\pyexpat.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000038912 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32inet.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000077824 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\wx._html2.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000036864 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_psutil_windows.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000524248 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\windows._lib_cacheinvalidation.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000011264 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32crypt.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000218624 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\PIL._imaging.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000027648 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_multiprocessing.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000020480 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\_yappi.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000035840 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32process.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000024064 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32pipe.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000010240 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\select.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000025600 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32pdh.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000058880 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\windows.device_monitor.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000017408 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32profile.pyd
2017-09-20 18:19 - 2017-09-20 18:19 - 000022528 _____ () C:\Users\walid\AppData\Local\Temp\_MEI107802\win32ts.pyd
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2016-07-21 03:15 - 2016-07-21 03:10 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-903209215-2254376086-2688177463-1000\...\StartupApproved\Run: => "EPSON Stylus CX4300 Series"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{31ED7948-7581-4135-9756-14925CC87A32}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3CB8A646-FD82-4A34-908F-D9DF89B14C1A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EA3BBE28-6793-4F41-82C9-D2D13DC3FE5C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9EA822F3-8F64-4E4B-9F22-1AC503565F5F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C6FA513C-8737-47FB-893A-9C2588F9357D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C23B6BFA-C006-4BFC-B960-B182874D920D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{26727123-7513-4A0F-BE01-A8F8B8ED56F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43FA8792-40E2-4320-AC1F-3B75CB5865E2}] => (Block) C:\program files (x86)\ostotohotspot\hotspot.exe
FirewallRules: [{1D13261A-FF30-439A-84EE-C5A9FAFD509A}] => (Block) C:\program files (x86)\ostotohotspot\hotspot.exe
FirewallRules: [UDP Query User{FDD58C0B-F132-4DF0-A5A3-D8EAF8687FE2}C:\program files (x86)\ostotohotspot\hotspot.exe] => (Allow) C:\program files (x86)\ostotohotspot\hotspot.exe
FirewallRules: [TCP Query User{9B073D77-7178-4897-8887-9A725B9F2FE7}C:\program files (x86)\ostotohotspot\hotspot.exe] => (Allow) C:\program files (x86)\ostotohotspot\hotspot.exe
FirewallRules: [{1459DC92-48FC-4ABA-8D38-28135F8A575B}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{F418BD7B-7D89-421F-A7A5-BCD1733F59AB}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{3EF24904-B93E-46A8-B7D4-AD33640DF787}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{F32F39FA-7820-4E1F-851B-BC9D4CB0A522}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{2869DAE8-3D23-4A7F-B0E4-234DC5ADAD51}] => (Allow) C:\Users\walid\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8E47E8D6-020A-465C-ACE5-1003ABBDBFC2}] => (Allow) C:\Users\walid\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B00F7D1F-56BE-4383-B29A-68E972B58EE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7E50837-70C2-4D54-8411-9DDDC8ABDE03}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B2D35A3B-CC9C-4985-B30D-765BDB99099B}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{422113DD-1602-4C14-AA9D-7C2BE5D1FFF8}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{014292FF-6DB1-43AF-94F4-38797B3B6AD7}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{1A4532E5-C329-4B5B-8BD8-B1E2B38D902C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{817001C5-A669-4E6A-91D1-7D0635E7CD93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CB1757F5-4A04-4C7A-8969-BB8BB7C436FC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBE2E791-629A-47E3-90A8-DF03789644D7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A6B77245-A826-4EFE-8400-D6CD3BCD9FE3}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{4CC8B4DC-7CEC-42AF-AAA6-BE72668F0530}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{1E9D1BEA-493C-40F0-81C8-0C2F9E2705E1}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{4E0F4E30-1E30-45D9-8E49-9A4ADBD2AD9B}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
==================== Points de restauration =========================
21-09-2017 18:47:00 Point de contrôle planifié
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (09/21/2017 04:12:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1343
Error: (09/21/2017 04:12:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1343
Error: (09/21/2017 04:12:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/21/2017 03:54:00 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/21/2017 03:52:10 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={11D23FE4-1A48-4F9A-990A-622A8D424D20} : L’utilisateur walid-PC\walid a composé le numéro de la connexion KGRG. La connexion a échoué. Code d’erreur retourné : 651.
Error: (09/21/2017 06:53:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1297
Error: (09/21/2017 06:53:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1297
Error: (09/21/2017 06:53:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/21/2017 01:56:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1297
Error: (09/21/2017 01:56:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1297
Erreurs système:
=============
Error: (09/20/2017 05:56:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur :
Cette demande n’est pas prise en charge.
Error: (09/20/2017 05:55:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service MBAMService.
Error: (09/20/2017 04:51:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Optimisation de livraison est en attente de démarrage.
Error: (09/20/2017 04:47:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur :
Cette demande n’est pas prise en charge.
Error: (09/20/2017 04:46:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Apple Mobile Device Service n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (09/20/2017 04:46:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Apple Mobile Device Service.
Error: (09/20/2017 04:46:03 PM) (Source: DCOM) (EventID: 10010) (User: walid-PC)
Description: Le serveur {D63B10C5-BB46-4990-A94F-E40B9D520160} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/20/2017 04:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service SHAREit Hotspot Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (09/20/2017 04:45:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.
Error: (09/20/2017 04:45:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Apple Mobile Device Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Pourcentage de mémoire utilisée: 90%
Mémoire physique - RAM - totale: 3914.35 MB
Mémoire physique - RAM - disponible: 375.55 MB
Mémoire virtuelle totale: 7242.35 MB
Mémoire virtuelle disponible: 2534.38 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:161.95 GB) (Free:29.03 GB) NTFS
Drive d: () (Fixed) (Total:146.48 GB) (Free:55.71 GB) NTFS
Drive e: () (Fixed) (Total:157.23 GB) (Free:93.03 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 12806EA3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=162 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=157.2 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================