Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 02.08.2018 Exécuté par Florian (14-08-2018 18:45:31) Exécuté depuis C:\Users\Florian\Desktop Windows 10 Home Version 1803 17134.191 (X64) (2018-05-02 11:02:34) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2085979089-3203216450-1628126128-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2085979089-3203216450-1628126128-503 - Limited - Disabled) Florian (S-1-5-21-2085979089-3203216450-1628126128-1001 - Administrator - Enabled) => C:\Users\Florian Invité (S-1-5-21-2085979089-3203216450-1628126128-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2085979089-3203216450-1628126128-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) . . (HKLM\...\{569F29BA-2D46-439B-8B7C-01D999B9201D}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{9F460796-0348-4B11-BCA0-714C4B85E3D7}) (Version: 3.1.2.2 - Intel) Hidden 7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated) Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated) Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - ) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform) ElsaWin (HKLM-x32\...\ElsaWin) (Version: 6.00 - ) Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) GDR 4042 pour SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation) HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.) HP Display Control (HKLM\...\{FECCB014-8DF1-4039-9044-D6F622997D60}) (Version: 2.0.0.016 - Portrait Displays, Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.) HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.) HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{6A139049-EBB9-4076-8664-B468888E55A3}) (Version: 1.3.392.0 - HP Inc.) HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.6.18.11 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{9F79033A-84FC-4137-BCDC-C505246F78E1}) (Version: 12.9.24.3 - HP Inc.) HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.31 - HP Inc.) HP System Event Utility (HKLM-x32\...\{2FC69222-01B3-479E-80E6-0AFC593A312A}) (Version: 1.4.23 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Computing Improvement Program (HKLM\...\{F0385150-FF86-4A18-AA55-6ED9E5F87DA7}) (Version: 2.1.03638 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4664 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.8.1.1007 - Intel Corporation) Intel(R) Ready Mode Technology (HKLM\...\{4A0C87C3-77FE-44C1-B338-3FBDA17D6934}) (Version: 1.1.70.532 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{e7adbf16-34ad-490a-a4e8-feb60fb99973}) (Version: 3.1.2.2 - Intel) Logiciel de base du périphérique HP Photosmart 5510 series (HKLM\...\{37A7272C-D56E-4AC1-86EB-76CDF1C72FF9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.10325.20082 - Microsoft Corporation) Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation) Mozilla Firefox 61.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 61.0.2 (x86 fr)) (Version: 61.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla) Mp3tag v2.89a (HKLM-x32\...\Mp3tag) (Version: 2.89a - Florian Heidenreich) Music Manager (HKU\S-1-5-21-2085979089-3203216450-1628126128-1001\...\MusicManager) (Version: - Google, Inc.) Naviextras Toolbox (HKLM-x32\...\Naviextras Toolbox) (Version: 3.18.5.667499 - NNG Llc.) Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.71 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.162 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8192 - Realtek Semiconductor Corp.) Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.15063.20004 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.92 - REALTEK Semiconductor Corp.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation) SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{51E5BC99-A087-4CFF-8D93-462903EA7E12}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2085979089-3203216450-1628126128-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Florian\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2085979089-3203216450-1628126128-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Florian\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-05-31] (Florian Heidenreich) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-05-31] (Florian Heidenreich) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-05-31] (Florian Heidenreich) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki121838.inf_amd64_89b46187de08cbf7\igfxDTCM.dll [2017-05-09] (Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0290D7C1-3A53-4E18-9860-794EDCD8AF3B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-06-28] (HP Inc.) Task: {066C40AE-30F7-431E-833C-6CDE8F3E1E41} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2085979089-3203216450-1628126128-1001 Task: {06A35047-4FE9-4793-921C-82861AF1F8E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated) Task: {092F7BED-5827-43A9-85F2-76DDC1EBAFA7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2085979089-3203216450-1628126128-1001UA => C:\Users\Florian\AppData\Local\Google\Update\GoogleUpdate.exe [2018-07-06] (Google Inc.) Task: {0A761D68-84F0-47DE-9CD4-880C8F77F820} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-04-07] (HP Inc.) Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Florian\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {1E64F996-2AAD-488A-BF23-CF14DB81CFC1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-14] (Adobe Systems Incorporated) Task: {2AAE7F71-22CB-4007-8916-17AD07B783FC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation) Task: {2D46AEF0-0D09-424E-AC25-1C6581873497} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {303F0346-1ABF-4A6C-A275-17DA00B9ECF2} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-05-12] () Task: {46C2F4A4-E20F-4F0E-AB63-8A159608D2EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.) Task: {519517EE-326B-4115-B920-3B2418687803} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {547234A8-1EFA-47D8-8751-509C61CDC5BC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2085979089-3203216450-1628126128-1001Core => C:\Users\Florian\AppData\Local\Google\Update\GoogleUpdate.exe [2018-07-06] (Google Inc.) Task: {602D3F17-3B9F-48AD-BFEE-3BAE33E2276B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-29] (Microsoft Corporation) Task: {659A49B6-6C08-40C1-A9F0-E66911FD8137} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-29] (Microsoft Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6B1EF692-07E7-4EE9-AE8C-AB21A61C9E21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-06-28] (HP Inc.) Task: {7947CB1E-887D-4D41-B6EA-12C6CEA59032} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-10] (Piriform Ltd) Task: {7A370317-F7BC-4244-A3DA-6A4D157C0E63} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation) Task: {81CDF85E-9FCA-408B-BAF8-B4ACA5777335} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {82967702-2332-48C0-9E35-E0CC3C22C927} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-06-22] (Realtek Semiconductor) Task: {901A2C34-77D9-4993-BCAA-72B2F228F507} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-01] (Microsoft Corporation) Task: {9190D563-701D-42DB-879A-76F516FF03F9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.) Task: {9747BE01-A39D-4284-9014-CD64BE82CA3F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-06-27] (HP Inc.) Task: {99F5DCD6-6A7C-4C83-8683-FFF04ED6B842} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation) Task: {9B323100-B5F2-4890-A314-5538F9BD9629} - System32\Tasks\HPCeeScheduleForFlorian => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.) Task: {9C4313CB-00E6-476D-9216-1E68D7DCE46C} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.) Task: {A99CB1F2-9763-4E84-B94A-5A3A4FB40280} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2085979089-3203216450-1628126128-1001 => C:\Users\Florian\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited) Task: {AF5F88D6-67A3-4BE2-A0E7-07B5C2A278FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.) Task: {B0127B68-64CA-4CF7-AD92-00167535BFE0} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs] Task: {B157FD11-8701-4F14-B262-67C5D7A4A990} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation) Task: {B61BB539-F01B-4286-A8E6-5947469F9678} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-29] (Microsoft Corporation) Task: {B772AC90-8C08-48B2-B258-9E11891A1EC7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-29] (Microsoft Corporation) Task: {C3C184A5-F233-4456-9E1E-0451B9BDA6D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\PS5510_1315-1.exe <==== ATTENTION Task: {C6A4ABF0-60E4-4B3F-8300-26642AF6EA54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-01] (Microsoft Corporation) Task: {C6E68AED-3694-4087-A4E8-07F047B0F52B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-02-24] (Intel(R) Corporation) Task: {D5F0DF29-4B64-49B8-A9A1-D3511F88DA46} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {DF5BB57B-7826-486B-912D-9CBF33998DB6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-14] (Adobe Systems Incorporated) Task: {EA2E0A3F-4026-4EFA-8BB7-188274D532DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-01] (Microsoft Corporation) Task: {EDD30921-F19A-47FC-994F-F132825FE7B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-01] (Microsoft Corporation) Task: {FC5C97FB-16EE-47B9-AB93-C379994249C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-29] (Microsoft Corporation) Task: {FCAC28FB-56BE-4F6C-8EE3-5AEDFAC65527} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-10] (Piriform Ltd) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\HPCeeScheduleForFlorian.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2018-03-07 16:56 - 2018-03-07 16:56 - 000183568 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe 2018-07-06 09:31 - 2018-08-09 19:54 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-07-06 09:31 - 2018-08-09 19:54 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-05-12 12:19 - 2017-05-12 12:19 - 000459680 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-10-18 23:51 - 2017-10-18 23:51 - 000598528 _____ () C:\Users\Florian\AppData\Local\MEGAsync\ShellExtX64.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-06-29 09:40 - 2018-06-15 19:30 - 001308672 _____ () C:\WINDOWS\system32\FaceProcessor.dll 2018-06-29 09:40 - 2018-06-15 19:55 - 000542888 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 001348664 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll 2018-07-11 10:17 - 2018-07-06 08:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-06-08 01:18 - 2017-06-08 01:18 - 000282432 _____ () C:\Program Files\Portrait Displays\HP Display Control\CTHelper.exe 2014-04-14 21:41 - 2014-04-14 21:41 - 000039192 _____ () C:\Program Files\CCleaner\branding.dll 2018-05-10 20:14 - 2018-05-10 20:14 - 000096248 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2018-08-01 13:33 - 2018-08-01 13:33 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll 2018-08-01 13:33 - 2018-08-01 13:33 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-08-01 13:33 - 2018-08-01 13:33 - 007814144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2018-08-12 16:37 - 2018-08-12 16:37 - 035124224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-08-12 16:37 - 2018-08-12 16:37 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-08-12 16:37 - 2018-08-12 16:37 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll 2018-04-12 18:25 - 2018-04-12 18:25 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-08-12 16:37 - 2018-08-12 16:37 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll 2018-07-28 12:10 - 2018-07-28 12:11 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-07-28 12:10 - 2018-07-28 12:11 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2018-01-14 01:52 - 2018-01-14 01:55 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-07-11 13:21 - 2018-07-11 13:23 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-07-11 13:21 - 2018-07-11 13:22 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-05-06 18:29 - 2018-05-06 18:30 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll 2018-07-11 13:21 - 2018-07-11 13:23 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-04-03 19:22 - 2018-04-03 19:23 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-07-28 12:10 - 2018-07-28 12:11 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-07-11 13:21 - 2018-07-11 13:22 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-07-28 12:10 - 2018-07-28 12:10 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-05-30 20:11 - 2018-05-30 20:12 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-07-11 13:21 - 2018-07-11 13:23 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2018-07-28 12:10 - 2018-07-28 12:11 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-07-28 12:10 - 2018-07-28 12:11 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\SKU.dll 2018-07-30 16:32 - 2018-07-30 16:32 - 000156672 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\840cbe2b6654236b5320678ccaff8e6c\BRIDGECommon.ni.dll 2018-07-30 16:34 - 2018-07-30 16:34 - 000329728 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\f42c9f25301713dc4cf918e0a6905a1d\CleanStartController.ni.dll 2018-07-30 16:34 - 2018-07-30 16:34 - 000116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\5c7a378bddb795ecc5d518d0a938f6b9\BridgeExtension.ni.dll 2018-07-30 16:34 - 2018-07-30 16:34 - 000070656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\ca289cbf2552514a774f5b70de453856\NativeInterop.ni.dll 2018-01-30 03:55 - 2018-01-30 03:55 - 000090112 _____ () C:\Users\Florian\AppData\Local\Programs\Google\MusicManager\libaacdec.dll 2018-01-30 03:55 - 2018-01-30 03:55 - 000217600 _____ () C:\Users\Florian\AppData\Local\Programs\Google\MusicManager\libid3tag.dll 2018-01-30 03:55 - 2018-01-30 03:55 - 000273920 _____ () C:\Users\Florian\AppData\Local\Programs\Google\MusicManager\libaudioenc.DLL 2018-01-30 03:55 - 2018-01-30 03:55 - 000172032 _____ () C:\Users\Florian\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-2085979089-3203216450-1628126128-1001\...\localhost -> localhost ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-03-18 23:03 - 2018-07-06 09:25 - 000000878 _____ C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 serius.mwbsys.com 0.0.0.0 keystone.mwbsys.com ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2085979089-3203216450-1628126128-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Florian\Desktop\Screenshot_20180406-173812_Snapchat.jpg DNS Servers: 89.2.0.1 - 89.2.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{DAA661EC-5154-45F4-BBA4-00531F49279B}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{A11961F2-98E6-4A80-811C-5D7DA6FB768B}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{022AFDFF-9EC8-44C0-8145-420E801A7389}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{6F55886E-3930-4C82-9374-910C0F605114}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [UDP Query User{CA9851A0-F119-441B-916E-A389C1E54920}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{5789B233-9C20-4F5E-AEA6-222F7F11D64B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{3B6FA6AE-76AD-4889-AB26-E5A26C6250B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1115869E-82E6-4D34-A0F7-8BBFF330B426}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D152FEF1-E078-4FB9-84A7-E8DD071502D0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{7722C71C-6E4E-41B4-A706-66AADEACA326}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{60628008-13B2-49BB-8CBA-32A94E4B6AEF}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{69376C2A-E386-46D3-A9AA-5BE7F6910552}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe FirewallRules: [{88CBBBC3-547E-4D23-9622-7D7CAC281CF3}] => (Allow) D:\ElsaWin\bin\ElsaWin.exe FirewallRules: [{E75DC21C-A736-4FA4-A0E0-1427103A3188}] => (Allow) D:\ElsaWin\bin\ElsaWin.exe FirewallRules: [{049F52F0-853A-43BA-ACEE-B160E529D1F5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{1595DA7C-17DC-49EF-A36C-399B273196C0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{8AE082B9-CB4B-4753-9AB2-45A2D2A67BB6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{574AEDC2-2BB2-45E7-BE0D-7479770D99F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe ==================== Points de restauration ========================= ATTENTION: La Restauration système est désactivée ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (08/14/2018 04:54:42 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (08/14/2018 03:18:27 PM) (Source: Intel( R ) RMT) (EventID: 2000) (User: ) Description: IRMT - CPowerPolicyManager::SetPasswordRequiredValue PowerWriteDCValueIndex for GUID_LOCK_CONSOLE_ON_WAKE failed with error 0 Error: (08/14/2018 03:18:27 PM) (Source: Intel( R ) RMT) (EventID: 2000) (User: ) Description: IRMT - CPowerPolicyManager::GetPasswordRequiredValue PowerReadDCValueIndex for GUID_LOCK_CONSOLE_ON_WAKE failed with error 0 Error: (08/14/2018 03:18:27 PM) (Source: Intel( R ) RMT) (EventID: 2000) (User: ) Description: IRMT - CPowerPolicyManager::SetDisplayBrightnessValue PowerWriteACValueIndex for GUID_DEVICE_POWER_POLICY_VIDEO_BRIGHTNESS failed with error 0 Error: (08/14/2018 03:18:27 PM) (Source: Intel( R ) RMT) (EventID: 2000) (User: ) Description: IRMT - CPowerPolicyManager::GetDisplayBrightnessValue PowerReadDCValueIndex for GUID_DEVICE_POWER_POLICY_VIDEO_BRIGHTNESS failed with error 0 Error: (08/14/2018 03:18:27 PM) (Source: Intel( R ) RMT) (EventID: 2000) (User: ) Description: IRMT - CPowerPolicyManager::GetDisplayBrightnessValue PowerReadACValueIndex for GUID_DEVICE_POWER_POLICY_VIDEO_BRIGHTNESS failed with error 0 Error: (08/14/2018 03:18:27 PM) (Source: Intel( R ) RMT) (EventID: 2000) (User: ) Description: IRMT - CPowerPolicyManager::SetActivePowerScheme PowerSetActiveScheme failed with error 0 Error: (08/13/2018 04:54:24 PM) (Source: Intel( R ) RMT) (EventID: 2000) (User: ) Description: IRMT - CPowerPolicyManager::SetPasswordRequiredValue PowerWriteDCValueIndex for GUID_LOCK_CONSOLE_ON_WAKE failed with error 0 Erreurs système: ============= Error: (08/14/2018 05:19:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Energy Server Service queencreek s’est arrêté avec l’erreur : La résolution de la temporisation n’était pas fixée antérieurement par le processus en cours. Error: (08/14/2018 04:48:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Energy Server Service queencreek s’est arrêté avec l’erreur : La résolution de la temporisation n’était pas fixée antérieurement par le processus en cours. Error: (08/14/2018 04:20:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (08/14/2018 04:18:41 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (08/14/2018 04:18:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Energy Server Service queencreek s’est arrêté avec l’erreur : La résolution de la temporisation n’était pas fixée antérieurement par le processus en cours. Error: (08/14/2018 03:47:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Energy Server Service queencreek s’est arrêté avec l’erreur : La résolution de la temporisation n’était pas fixée antérieurement par le processus en cours. Error: (08/14/2018 03:40:48 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (08/14/2018 03:17:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Energy Server Service queencreek s’est arrêté avec l’erreur : La résolution de la temporisation n’était pas fixée antérieurement par le processus en cours. Windows Defender: =================================== Date: 2018-08-09 10:36:13.657 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {6ECF9D6B-9E7B-40F5-A55F-990202B46992} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2018-08-08 21:48:18.175 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {06662BC3-BF93-402F-A119-6484D96F287C} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2018-08-08 18:09:57.689 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {E343BF9C-29C2-4B48-9BFB-676CD8D922D2} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2018-08-08 18:04:34.939 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {01FE326B-AFAC-4FFA-947D-CC461596DB7E} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2018-08-05 18:44:29.805 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {4C89967C-E70C-4806-BDD1-A86564184DF6} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2018-07-28 12:12:51.012 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.273.434.0 Source de mise à jour : Serveur Microsoft Update Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.15100.1 Code d’erreur : 0x80240016 Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. CodeIntegrity: =================================== Date: 2018-05-27 11:47:52.030 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-27 11:47:52.005 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-02 13:06:28.052 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-02 13:06:27.513 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-02 13:06:19.281 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-05-02 13:06:19.281 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-7400T CPU @ 2.40GHz Pourcentage de mémoire utilisée: 32% Mémoire physique - RAM - totale: 8050.16 MB Mémoire physique - RAM - disponible: 5415.69 MB Mémoire virtuelle totale: 9330.16 MB Mémoire virtuelle disponible: 5821.32 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:77.39 GB) NTFS Drive d: (DATA) (Fixed) (Total:916.05 GB) (Free:747.13 GB) NTFS Drive e: (RECOVERY) (Fixed) (Total:15.46 GB) (Free:1.84 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] \\?\Volume{1b79355f-411f-47be-ae4a-f2e1492219e3}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.53 GB) NTFS \\?\Volume{94849e01-1984-4acc-af9b-b1a0f539f3d7}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32 ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 108919A4) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 723ABB34) Partition: GPT. ==================== Fin de Addition.txt ============================