Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Exécuté par amine (20-05-2018 22:31:30)
Exécuté depuis C:\Users\amine\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-10-25 02:26:29)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

abdennour (S-1-5-21-1726015121-2290051172-3778237215-1004 - Limited - Enabled) => C:\Users\abdennour
Administrateur (S-1-5-21-1726015121-2290051172-3778237215-500 - Administrator - Disabled)
amine (S-1-5-21-1726015121-2290051172-3778237215-1005 - Administrator - Enabled) => C:\Users\amine
HomeGroupUser$ (S-1-5-21-1726015121-2290051172-3778237215-1002 - Limited - Enabled)
Invité (S-1-5-21-1726015121-2290051172-3778237215-501 - Limited - Disabled)
tayeb (S-1-5-21-1726015121-2290051172-3778237215-1003 - Limited - Enabled) => C:\Users\tayeb
USER (S-1-5-21-1726015121-2290051172-3778237215-1000 - Administrator - Enabled) => C:\Users\USER

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Kaspersky Internet Security (Disabled - Out of date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Cracked Steam Uninstall (HKLM-x32\...\Cracked Steam Uninstall) (Version: Stable build 2 - Random Alex)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.101.209 - ALPS ELECTRIC CO., LTD.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.12.0 - Synaptics Incorporated)
FileZilla Client 3.31.0 (HKLM-x32\...\FileZilla Client) (Version: 3.31.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HMA! Pro VPN 2.8.24.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.24.0 - Privax Ltd)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.72.3 - HTC)
ICQ (version 10.0.12331) (HKU\S-1-5-21-1726015121-2290051172-3778237215-1005\...\icq.desktop) (Version: 10.0.12331 - ICQ)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.20.110.1 - Intel Security)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
K-Lite Mega Codec Pack 11.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.717.1 - McAfee, Inc.)
Microsoft .NET Framework 4.6 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MOBICONNECT (HKLM-x32\...\{BCE97917-E58C-41FA-9B53-859E3FDCE924}) (Version: 1.0.0.2 - ZTE Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 60.0.1 (x64 fr)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.3 - Mozilla)
MServices X (HKLM\...\{BA0F45CE-5734-4DF3-92D5-4FD29004A086}) (Version: 3.0.1 - Systema Natives) Hidden
Multitimer version 1.0 (HKLM-x32\...\Multitimer_is1) (Version: 1.0 - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
Opera Stable 52.0.2871.99 (HKLM-x32\...\Opera 52.0.2871.99) (Version: 52.0.2871.99 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PhotoFiltre Studio X (HKU\S-1-5-21-1726015121-2290051172-3778237215-1005\...\PhotoFiltre Studio X) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
Telegram Desktop version 1.2.6 (HKU\S-1-5-21-1726015121-2290051172-3778237215-1005\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.2.6 - Telegram Messenger LLP)
TV 3L PC version 2.1.6.0 (HKLM-x32\...\{D8CE29B4-FEA1-46F1-B773-1B5FE502C740}_is1) (Version: 2.1.6.0 - Smart PC Soft, LTD.)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{8D97B9A2-D73D-4CB6-9D1F-D25178AC4EDE}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version:  - Microsoft)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: 3.0.9.0 - HTC)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.3-0 - Bitnami)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [{BFD98515-CD74-48A4-98E2-13D209E3EE4F}] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\Windows\system32\mcicda64.dll -> Pas de fichier
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-11-27] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-01-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-01-11] (Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-06-13] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-06-13] (Intel Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-01-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-01-11] (Alexander Roshal)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0704DB89-7DF0-4D0E-9289-B83630246EEB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {08B25077-3538-4779-A6B3-B475E0AB7612} - System32\Tasks\{84038615-A8A6-48B9-A93C-FFB8966F6757} => C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe
Task: {08B83501-477E-4CFA-A0A3-C057ECF58DEC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-13] (Piriform Ltd)
Task: {091E170C-446C-41A9-907F-D608DEF45557} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {098DBA27-1041-40CF-9F4C-8BB7CF841B0C} - System32\Tasks\Opera scheduled Autoupdate 1449579605 => C:\Users\abdennour\AppData\Local\Programs\Opera\launcher.exe [2018-04-26] (Opera Software)
Task: {0AECF48C-1882-42C6-8698-83AEA60551AF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0AECF48C-1882-42C6-8698-83AEA60551AF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
Task: {0B29E68B-0387-4C33-9A32-75177C801C38} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {0BB2465E-06FC-4067-8185-BD9071E9E030} - System32\Tasks\Microsoft\Windows\UPnP\IEX => C:\Windows\IME\svhost.exe [2018-03-30] (www.microsoft.com)
Task: {11632CD9-C877-4A5A-921F-7886C347AE2F} - System32\Tasks\{B2504F72-67F4-45FF-BCC8-8D11CC3A2497} => C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe
Task: {1F754747-BDA0-490A-AD36-4EAC9774910D} - System32\Tasks\Browse => C:\Browse\Browse.exe [2018-05-02] (Web Applications Inc.)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Pas de fichier <==== ATTENTION
Task: {32DF8995-E29D-4487-BA6E-A26ADF6D9EB2} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Pas de fichier <==== ATTENTION
Task: {33183C8E-D3B8-4FC6-B981-27A3F387B083} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)
Task: {3C43B674-81FE-4DEE-AAD4-8AC49B60FB6F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {3C43B674-81FE-4DEE-AAD4-8AC49B60FB6F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
Task: {524343FA-4C6B-4B67-8838-5F8E16198E13} - System32\Tasks\{5DBD565C-7AC6-4D87-806F-6F7816C0128D} => C:\Windows\system32\pcalua.exe -a C:\Users\amine\Downloads\Programs\WDM_R274.exe -d C:\Users\amine\AppData\Roaming\IDM
Task: {61A732FB-589B-4F5C-B550-A3BBB3640F0D} - System32\Tasks\update64 => C:\Program Files\Systema Natives\MServices X\update64.exe [2018-05-13] (Systema Natives)
Task: {64F6B40D-B687-474F-8E8D-12AA5BD813D2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {69AB9E87-8F5C-4CA9-8353-A34EF59D33A4} - System32\Tasks\{6018BA7A-245B-4FE1-9099-7DD4EFD1CFA9} => C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe
Task: {77608F15-9F3F-4477-9AB7-E63A43E6027D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {77608F15-9F3F-4477-9AB7-E63A43E6027D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
Task: {84212E5C-6B78-43B1-B4A2-D5303F8E9B4E} - System32\Tasks\cmdsrv => C:\Browse\cmdsrvs.exe [2018-03-13] (Secrypt Inc.)
Task: {9AA4E9DE-3179-4638-8695-AB88B77AA054} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {9AA4E9DE-3179-4638-8695-AB88B77AA054} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {9AA4E9DE-3179-4638-8695-AB88B77AA054} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-08] (Microsoft Corporation)
Task: {9D359A6C-28F4-46AA-ABE2-EF6AF3FD0DE0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {A074801D-82BB-4B3F-8A5E-FFDEFAB834F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A243917A-4E03-41F1-971E-D19B241971D5} - System32\Tasks\AtriProPrinter => C:\Windows\system32\rundll32.exe "C:\Program Files\AtriProPrinter\AtriProPrinter.dll",SixxVFpimN <==== ATTENTION
Task: {A79FE45E-5FCE-4679-8153-C7683673144B} - System32\Tasks\{8D5B69EF-C198-4BC4-AF1A-2906B2F303F9} => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2016-03-01] (Tonec Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Pas de fichier <==== ATTENTION
Task: {B710DDAD-D471-44DC-8CF6-92551A1F6535} - System32\Tasks\Secure Magic => C:\Windows\system32\rundll32.exe "C:\Program Files\Secure Magic\Secure Magic.dll",fMchsZ <==== ATTENTION
Task: {BBD956E6-CD93-4F3C-9C64-EDA482442D9A} - System32\Tasks\{61DF4236-00F6-44BA-B599-BCE50E9D6506} => C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe
Task: {BD4A56F4-DE9C-4BEB-A215-95275DBC7ACE} - System32\Tasks\JanoTools Accounting => C:\Windows\system32\rundll32.exe "C:\Program Files\JanoTools Accounting\JanoTools Accounting.dll",vrnehGYexeFu <==== ATTENTION
Task: {BE215D72-A08D-42CD-AE74-D8396E4E08A3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Pas de fichier <==== ATTENTION
Task: {C2D0CC38-7114-4BF5-B6C5-CE1E4EB6CA43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {C9E41972-5557-4A80-AE1A-BE0956D08A36} - System32\Tasks\{32F31990-C213-428A-9A8B-90F7EF7CFF05} => C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Pas de fichier <==== ATTENTION
Task: {D2B69F15-AF77-4D35-B1A9-1EF21523CAF8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {E4080B30-F426-499D-8643-911FDF2FE594} - System32\Tasks\Microsoft\Windows\UPnP\Spoolsv => C:\Windows\IME\Microsofts\spoolsv.exe [2017-11-06] (Microsoft Corporation)
Task: {E59CDC5D-FDEE-4163-81B3-6C9D3FE87FCA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {ECAFF969-316F-4E7D-A385-1D5DA8A8A4B7} - System32\Tasks\Opera scheduled Autoupdate 1453197501 => C:\Program Files (x86)\Opera\launcher.exe [2018-04-26] (Opera Software)
Task: {ED27C027-953C-4353-962A-491DAE3D6268} - System32\Tasks\MainPM => powershell -ExecutionPolicy ByPass -File pm.ps1
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Pas de fichier <==== ATTENTION

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)


Shortcut: C:\Users\amine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

==================== Modules chargés (Avec liste blanche) ==============

2018-05-02 09:59 - 2015-05-31 22:52 - 001370624 _____ () C:\Program Files\Secure Magic\Secure Magic.dll
2015-12-17 11:38 - 2015-12-17 11:38 - 000085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 11:38 - 2015-12-17 11:38 - 001328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 07:27 - 2013-10-17 07:27 - 000166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2018-03-21 00:36 - 2018-03-01 05:39 - 000078848 ____N () C:\Program Files (x86)\AppPatch\java.exe
2018-03-14 01:55 - 2018-03-14 01:55 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-11-27 11:55 - 2016-11-27 11:55 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-05-20 20:45 - 2018-05-20 20:45 - 000885248 _____ () C:\Windows\TEMP\g60D6.tmp.exe
2018-05-02 09:52 - 2018-05-02 09:52 - 001176064 _____ () C:\Program Files (x86)\Google\Chrome\Application\WINHTTP.dll
2018-03-22 18:19 - 2018-03-20 00:00 - 002683224 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\swiftshader\libglesv2.dll
2018-03-22 18:19 - 2018-03-20 00:00 - 000127832 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\swiftshader\libegl.dll
2018-05-13 19:53 - 2018-05-13 19:53 - 003975680 _____ () C:\Program Files\Systema Natives\MServices X\runcore64.exe
2018-03-22 18:19 - 2018-03-20 00:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-22 18:19 - 2018-03-20 00:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2016-06-03 07:36 - 2016-06-03 07:36 - 000030720 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2016-06-03 07:37 - 2016-06-03 07:37 - 000607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2016-06-03 07:38 - 2016-06-03 07:38 - 000059392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2016-06-03 07:37 - 2016-06-03 07:37 - 000035864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2016-06-03 07:39 - 2016-06-03 07:39 - 000079888 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2016-06-03 07:41 - 2016-06-03 07:41 - 000129016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2016-06-03 07:44 - 2016-06-03 07:44 - 000223240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


==================== Hosts contenu: ==========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2009-07-13 20:34 - 2018-05-02 11:01 - 000009328 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com
127.0.0.1	gf.tools.avast.com
127.0.0.1	pair.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	id.avast.com
127.0.0.1	s5355946.iavs9x.u.avast.com
127.0.0.1	s5355946.ivps9x.u.avast.com
127.0.0.1	s5355946.ivps9tiny.u.avast.com
127.0.0.1	s5355946.vpsnitro.u.avast.com
127.0.0.1	s5355946.vpsnitrotiny.u.avast.com
127.0.0.1	s5355946.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com
127.0.0.1	submit5.avast.com
127.0.0.1	geoip.avast.com
127.0.0.1	l2932126.iavs9x.u.avast.com
127.0.0.1	l2932126.ivps9x.u.avast.com
127.0.0.1	l2932126.ivps9tiny.u.avast.com
127.0.0.1	l2932126.vpsnitro.u.avast.com
127.0.0.1	l2932126.vpsnitrotiny.u.avast.com
127.0.0.1	l2932126.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com
127.0.0.1	submit5.avast.com

Il y a 212 plus de lignes.


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-1726015121-2290051172-3778237215-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\amine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Le Pare-feu is disabled.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: icq.desktop => "C:\Users\amine\AppData\Roaming\ICQ\bin\icq.exe" /startup
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OMEWPRODUCT_ => "C:\Program Files\iTunes\O70MQI00GJ3DSE9XGW7HX\2Ycq17irvv.exe"
MSCONFIG\startupreg: S'muVOixfl.exe => C:\Program Files\iTunes\O70MQI00GJ3DSE9XGW7HX\S'muVOixfl.exe 
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{42B86C5A-50DB-4CB9-8562-94ECC2D7D161}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{187AC164-F4F3-49BB-9542-D9E776018FB2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{DAAEFE42-2EF1-4B44-91EC-4965D0661D0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1C1CA04B-8D23-4187-A309-190B148D88E2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{06397355-B0B9-4FB7-A037-FCC167A39839}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B9E1E51E-7F9B-4E9F-A51B-9D017BC650BD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{E9A0A13F-2A0D-43E4-AF56-66EED658C199}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{F47CF5F2-0A0A-4303-BE19-DC9A7FC87EA0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4CD00767-CA81-4E6D-9D21-65E937D43887}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{CF37B6F5-13E7-4637-A73A-D6C4D52C69EC}C:\users\abdennour\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\abdennour\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D062D8A0-0F61-4D1D-975A-98785E9D716D}C:\users\abdennour\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\abdennour\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{966109A6-0B9E-4C3E-8F9A-EFA320106EE4}C:\users\abdennour\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\abdennour\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{AFD82323-9D02-40A3-A252-C697BC045AF3}C:\users\abdennour\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\abdennour\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{AB1DD889-4FB0-4C37-BC3E-DFC454575A2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1FC15307-817C-4B80-852D-CB65D0738D6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A5A42C9E-10E8-4D59-820F-F1BA61AE1DBC}C:\users\amine\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\amine\appdata\roaming\vip72 socks client\vip72socks.exe
FirewallRules: [UDP Query User{12029F98-005D-444D-B595-73A479CFBDA4}C:\users\amine\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\amine\appdata\roaming\vip72 socks client\vip72socks.exe
FirewallRules: [{FA7173F7-2E25-402A-8844-3FFC9639B246}] => (Allow) C:\Users\amine\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{C46B2962-7D2E-47D4-9258-C38140E69496}] => (Allow) C:\Users\amine\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{122578FE-C7C7-4C2E-B22B-76889A8698B2}] => (Allow) C:\Program Files (x86)\Cracked Steam Nostalgia\Steam.exe
FirewallRules: [{B495C78E-D3B0-450D-A928-A77DEDDB5EB8}] => (Allow) C:\Program Files (x86)\Cracked Steam Nostalgia\Steam.exe
FirewallRules: [TCP Query User{9AC56D1E-D6DB-43A5-B136-682E7A6AE03E}C:\program files (x86)\cracked steam nostalgia\steamapps\common\half-life\hl.exe] => (Allow) C:\program files (x86)\cracked steam nostalgia\steamapps\common\half-life\hl.exe
FirewallRules: [UDP Query User{6CF56A2B-09BD-42C8-9945-4E0C57423F05}C:\program files (x86)\cracked steam nostalgia\steamapps\common\half-life\hl.exe] => (Allow) C:\program files (x86)\cracked steam nostalgia\steamapps\common\half-life\hl.exe
FirewallRules: [TCP Query User{5497471A-7D85-4D61-8E3A-25CC6E18B3FF}C:\program files (x86)\cracked steam nostalgia\steamapps\common\half-life\hl.exe] => (Block) C:\program files (x86)\cracked steam nostalgia\steamapps\common\half-life\hl.exe
FirewallRules: [UDP Query User{75208CBB-14BA-4017-BD84-0F9BFC4F5FF1}C:\program files (x86)\cracked steam nostalgia\steamapps\common\half-life\hl.exe] => (Block) C:\program files (x86)\cracked steam nostalgia\steamapps\common\half-life\hl.exe
FirewallRules: [TCP Query User{105EE1EC-B9CC-42E9-98CE-12A932A2A3A5}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [UDP Query User{68641A98-6681-4F92-B272-F4D988B3EB85}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{6131D5FE-F44C-4D62-81F3-C6CEADDF67B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ABAD988E-F62C-4F23-8004-099CA598F1CD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{93D8CDE6-9AB6-4707-B775-4CEBB3C6E09C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{09A4A553-85CA-4862-A05D-14D572F50A82}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A2FFDDAE-47BC-409E-941A-657192C25CB3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ADD4919E-35C1-4877-A090-C79ECCD16810}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4D799CCB-A630-4CEC-9D24-5C8332331987}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B3957470-FBD6-479F-8534-6502BEACAF03}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{18493D76-2D86-4431-8C6A-A8409A100F5F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E3DE223-F0C9-41CF-8897-4916E28B6074}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{B53F7D0B-F06D-48EF-9B7D-00A6777D5D95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{1C749D93-6547-41ED-9DA7-A4B3519C296E}] => (Allow) D:\Nouveau dossier\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9DF5E557-11F7-45DE-8D80-554DA1BB4D0E}] => (Allow) D:\Nouveau dossier\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DC38EF39-7382-4AD8-819D-252402122D45}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{7C718076-4934-45B9-B6C4-6AC730BA08C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9077A349-6018-488B-AFAD-B2E232768B82}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C8400658-ED87-445C-B1FD-05B34106B9F1}] => (Allow) C:\Users\amine\Downloads\AnyDesk.exe
FirewallRules: [{0EF94BD8-23D9-496F-B3C8-F8D4F42FA785}] => (Allow) C:\Users\amine\Downloads\AnyDesk.exe
FirewallRules: [{251EBDF1-B8EE-454A-9195-D6038DC84402}] => (Allow) C:\Users\amine\Downloads\AnyDesk.exe
FirewallRules: [{04362A63-A2ED-4531-A666-515C9FA587B7}] => (Allow) C:\Users\amine\Downloads\AnyDesk.exe
FirewallRules: [{A63E91D6-1F1B-4612-89C3-A0FC08ECD080}] => (Allow) C:\Users\amine\Downloads\AnyDesk.exe
FirewallRules: [{CA333D75-3198-46C2-A645-5875A2D0D2A9}] => (Allow) C:\Users\amine\Downloads\AnyDesk.exe
FirewallRules: [{04B6694F-35DB-4153-9D9D-0AD067871896}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{4302F5C1-4206-4066-BAEB-662E9448488E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{7A490DF4-53EB-406F-8E05-1C52BE8B2817}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{407107DC-DDB3-42DE-BC9E-103363B1DBD2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{05F59AFC-1B0F-4297-9E10-39A5D5C93B59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FF7C1B7D-F643-4798-AC36-9E98FE083997}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7C61689C-481E-4FFD-B0FD-D2484A92837C}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
FirewallRules: [{2D95DC04-03F9-4875-8E28-73934F95BD0F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E027781D-84AC-4643-BD64-DD0039FD5D3D}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{387391B2-3DA3-4A60-8273-A71B24CEEE6B}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{82363507-7A59-462C-9E1E-431FF7A37755}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{C11C5044-4779-4E29-984E-372110EE8093}] => (Allow) C:\Users\amine\Downloads\AnyDesk (2).exe
FirewallRules: [{43CCB5D1-D2E6-4B59-8D55-572962192032}] => (Allow) C:\Users\amine\Downloads\AnyDesk (2).exe
FirewallRules: [{5CF58C8E-E92B-4BE1-9D79-D875684E9ECA}] => (Allow) C:\Users\amine\Downloads\AnyDesk (2).exe
FirewallRules: [{2A024B8A-86CD-436D-9052-5B7C17731E91}] => (Allow) C:\Users\amine\Downloads\AnyDesk (2).exe
FirewallRules: [{A4AC0B93-E80F-4CF6-A88A-CF59E47F58E3}] => (Allow) C:\Users\amine\Downloads\AnyDesk (2).exe
FirewallRules: [{A395317A-BCC1-4301-8865-4563A042BE1C}] => (Allow) C:\Users\amine\Downloads\AnyDesk (2).exe
FirewallRules: [{54A01A90-1B13-49D9-93D9-31E533416BF4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EC6DCF94-BB2A-4F20-BE5A-C0A3D092441F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CE262FE2-0B91-4B7D-87A9-D42D201C2F52}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.99\opera.exe
FirewallRules: [{84051803-EFA3-4BA0-937E-80E1F1C03698}] => (Allow) C:\Program Files\Systema Natives\MServices X\runcore64.exe
FirewallRules: [{E4CF5048-7ECD-4419-A6DE-698992821DAD}] => (Allow) C:\Program Files\Systema Natives\MServices X\update64.exe
FirewallRules: [{69320F2E-DE1E-4EA6-9F92-ABD6D1DF0AB5}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{0EDBB4CA-7AC8-4058-9648-83B29AA7DE93}] => (Allow) C:\Windows\System32\rundll32.exe

==================== Points de restauration =========================

22-03-2018 17:13:47 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
31-03-2018 15:57:04 Removed Bonjour

==================== Éléments en erreur du Gestionnaire de périphériques =============

Name: Périphérique Bluetooth
Description: Périphérique Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (05/20/2018 08:47:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante g60D5.tmp.exe, version : 0.0.0.0, horodatage : 0x5b00c9ba
Nom du module défaillant : g60D5.tmp.exe, version : 0.0.0.0, horodatage : 0x5b00c9ba
Code d’exception : 0xc0000409
Décalage d’erreur : 0x00000000000135c3
ID du processus défaillant : 0x1450
Heure de début de l’application défaillante : 0x01d3f0add7f64d06
Chemin d’accès de l’application défaillante : C:\Windows\TEMP\g60D5.tmp.exe
Chemin d’accès du module défaillant: C:\Windows\TEMP\g60D5.tmp.exe
ID de rapport : 4d3abfb1-5ca1-11e8-98ac-342387e161f2

Error: (05/20/2018 08:45:12 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Le traitement du changement de session à échoué. System.ArgumentException: Data Source cannot be empty.  Use :memory: to open an in-memory database
   à System.Data.SQLite.SQLiteConnection.Open()
   à McAfee.YAP.Service.Data.McBioSQLite.GetConnection()
   à McAfee.YAP.Service.Data.McBioSQLite.StoreInServiceInfo(String key, String value)
   à McAfee.YAP.Service.Common.McBioBCAService.DisableSpoofingMode()
   à McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   à System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (05/20/2018 08:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante java.exe, version : 0.0.0.0, horodatage : 0x58ce50ea
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000
ID du processus défaillant : 0xc5c
Heure de début de l’application défaillante : 0x01d3f0adaeb67f95
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\AppPatch\java.exe
Chemin d’accès du module défaillant: unknown
ID de rapport : f6b2e085-5ca0-11e8-98ac-342387e161f2

Error: (05/20/2018 08:45:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante java.exe, version : 0.0.0.0, horodatage : 0x58ce50ea
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000
ID du processus défaillant : 0xa40
Heure de début de l’application défaillante : 0x01d3f0adad4328ea
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\AppPatch\java.exe
Chemin d’accès du module défaillant: unknown
ID de rapport : f55e7bbe-5ca0-11e8-98ac-342387e161f2

Error: (05/20/2018 07:21:43 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Le traitement du changement de session à échoué. System.ArgumentException: Data Source cannot be empty.  Use :memory: to open an in-memory database
   à System.Data.SQLite.SQLiteConnection.Open()
   à McAfee.YAP.Service.Data.McBioSQLite.GetConnection()
   à McAfee.YAP.Service.Data.McBioSQLite.StoreInServiceInfo(String key, String value)
   à McAfee.YAP.Service.Common.McBioBCAService.DisableSpoofingMode()
   à McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   à System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (05/20/2018 11:53:07 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Le traitement du changement de session à échoué. System.ArgumentException: Data Source cannot be empty.  Use :memory: to open an in-memory database
   à System.Data.SQLite.SQLiteConnection.Open()
   à McAfee.YAP.Service.Data.McBioSQLite.GetConnection()
   à McAfee.YAP.Service.Data.McBioSQLite.StoreInServiceInfo(String key, String value)
   à McAfee.YAP.Service.Common.McBioBCAService.DisableSpoofingMode()
   à McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   à System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (05/20/2018 08:55:01 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Le traitement du changement de session à échoué. System.ArgumentException: Data Source cannot be empty.  Use :memory: to open an in-memory database
   à System.Data.SQLite.SQLiteConnection.Open()
   à McAfee.YAP.Service.Data.McBioSQLite.GetConnection()
   à McAfee.YAP.Service.Data.McBioSQLite.StoreInServiceInfo(String key, String value)
   à McAfee.YAP.Service.Common.McBioBCAService.DisableSpoofingMode()
   à McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   à System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (05/19/2018 07:15:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante gAA8A.tmp.exe, version : 0.0.0.0, horodatage : 0x5b00c9ba
Nom du module défaillant : gAA8A.tmp.exe, version : 0.0.0.0, horodatage : 0x5b00c9ba
Code d’exception : 0xc0000409
Décalage d’erreur : 0x00000000000135c3
ID du processus défaillant : 0x290e4
Heure de début de l’application défaillante : 0x01d3efd7d433d4f0
Chemin d’accès de l’application défaillante : C:\Windows\TEMP\gAA8A.tmp.exe
Chemin d’accès du module défaillant: C:\Windows\TEMP\gAA8A.tmp.exe
ID de rapport : 5060a611-5bcb-11e8-943c-342387e161f2


Erreurs système:
=============
Error: (05/20/2018 09:13:33 PM) (Source: Schannel) (EventID: 4119) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été reçue : 70.

Error: (05/20/2018 09:13:32 PM) (Source: Schannel) (EventID: 4119) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été reçue : 70.

Error: (05/20/2018 08:59:21 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Le système a détecté un conflit d’adresses pour l’adresse IP 192.168.1.5 avec le système 
d’adresse physique réseau C8-38-70-AD-72-E4. En conséquence les opérations réseau sur se système
peuvent être interrompues.

Error: (05/20/2018 08:47:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur : 
Le fichier spécifié est introuvable.

Error: (05/20/2018 08:46:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 n’a pas pu démarrer en raison de l’erreur : 
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.

Error: (05/20/2018 08:46:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Cache de police de Windows Presentation Foundation 3.0.0.0.

Error: (05/20/2018 08:45:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 n’a pas pu démarrer en raison de l’erreur : 
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.

Error: (05/20/2018 08:45:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Cache de police de Windows Presentation Foundation 3.0.0.0.


Windows Defender:
===================================
Date: 2015-09-26 01:45:25.640
Description: 
L’analyse Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {85A97417-9920-4A9A-B128-4EB20A214556}
Type de l’analyse : Logiciel anti-espion
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\SERVICE RESEAU

Date: 2014-11-26 05:08:37.766
Description: 
Windows Defender a rencontré une erreur lors de la tentative de chargement des signatures et va essayer de revenir à un jeu de signatures correct.
Signatures essayées : Actuelle
Code d’erreur : 0x80070003
Description de l’erreur : Le chemin d’accès spécifié est introuvable. 
Version des signatures : 0.0.0.0
Version du moteur : 0.0.0.0

==================== Infos Mémoire =========================== 

Processeur: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Pourcentage de mémoire utilisée: 54%
Mémoire physique - RAM - totale: 6032.36 MB
Mémoire physique - RAM - disponible: 2740.46 MB
Mémoire virtuelle totale: 12062.93 MB
Mémoire virtuelle disponible: 8411.66 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:469.26 GB) (Free:359.41 GB) NTFS
Drive d: () (Fixed) (Total:462.15 GB) (Free:451.4 GB) NTFS

\\?\Volume{64cebc39-682e-11e4-b7ac-806e6f6e6963}\ (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D75217E7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=469.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=462.1 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================