Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 17-10-2016
Exécuté par Anaïs (25-10-2016 13:50:19)
Exécuté depuis C:\Users\Anaïs\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-21 13:27:41)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-496730697-2844734673-1435591839-500 - Administrator - Disabled)
Anaïs (S-1-5-21-496730697-2844734673-1435591839-1001 - Administrator - Enabled) => C:\Users\Anaïs
DefaultAccount (S-1-5-21-496730697-2844734673-1435591839-503 - Limited - Disabled)
Invité (S-1-5-21-496730697-2844734673-1435591839-501 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-496730697-2844734673-1435591839-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{D54EFEF9-E95A-3745-612D-DDE05CAB7627}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.2 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation)
Build-a-lot (x32 Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.6907 - CyberLink Corp.)
CyberLink PhotoDirector (Version: 5.0.6.6907 - Nom de votre société) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5708 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4508 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.5.4508 - Nom de votre société) Hidden
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4508 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Étude pour l'amélioration du produit HP Officejet 4630 series (HKLM\...\{3AAC8F9A-340C-4783-AC57-324C14CAFDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Evernote v. 5.8.13 (HKLM-x32\...\{A229420E-204B-11E5-B844-0050569584E9}) (Version: 5.8.13.8152 - Evernote Corp.)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{1504CF6F-8139-497F-86FC-46174B67CF7F}) (Version: 2.20.51 - Hewlett-Packard Company)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP Officejet 4630 series Aide (HKLM-x32\...\{ED0692F7-850B-4D42-A447-FB8411139C31}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.34.7 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{446AA6E0-104D-40FB-A18A-A3431AED2F14}) (Version: 12.5.32.37 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1A13FE59-6F7E-44DC-9AA7-2D7B9E08C2D4}) (Version: 1.4.6 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{DD21DBC9-2A74-44DA-A543-B1F4AF3ABFCA}) (Version: 1.1.8.1 - HP)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Logiciel de base du périphérique HP Officejet 4630 series (HKLM\...\{F117E4F6-F88D-44E6-AC71-8CF825DA742A}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Logiciel pour périphérique à chipset Intel® (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.7369.2038 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Nom de votre société)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.103 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7584 - Realtek Semiconductor Corp.)
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.37 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.59 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App pour HP (x32 Version: 4.0.11.16 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-496730697-2844734673-1435591839-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {097BBCE4-4396-4DA7-8EAA-78116217C58B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {16515EB6-977E-4143-B374-DBD7157787AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {17B5DF7E-0294-4520-A33F-C9DDB2B57378} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1EDA7449-3B7B-4FE8-95DC-7806493F507D} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-10-06] (AVAST Software)
Task: {3CD8766E-0FDD-4B9C-A3A9-EB8E6C8AF9F3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {475689CC-BE9A-40FE-817A-BFB053017D6F} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-10-07] (Microsoft Corporation)
Task: {47F6A7BB-6F1C-42B0-89ED-87468A4FCC23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-12] (HP Inc.)
Task: {4A067F46-C4DE-41C2-AF7D-B6453A76C9DF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-12] (HP Inc.)
Task: {5178B820-BFC1-43EB-9C5A-3926770ED8E8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {58665294-E3E4-4560-B296-325284A34A3E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-07-04] (HP Inc.)
Task: {679E00A6-0058-437A-9447-A6C3CB98AE14} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {68D14B43-1405-4461-898C-36CB00309069} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-19] ()
Task: {7152D2A0-51B6-4457-849F-8FA2AEAE6250} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-10-06] (AVAST Software)
Task: {85ED7DA9-E228-4CF3-8F3A-9D7BCB8553B8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-10-06] (AVAST Software)
Task: {8650CAFF-2479-4899-8D35-561DCA98495A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {8AE772AA-9DA2-47FE-9B38-886D19A6EC82} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2015-05-21] (Hewlett-Packard Development Company, L.P.)
Task: {8F65E738-F867-4243-AEBF-309FB984C762} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {8F6E3143-FD0F-493D-8C8B-D1589C4A58A3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {A90F7603-6F04-45E0-BE4A-2B33C63D8FB6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-10-24] (Microsoft Corporation)
Task: {C21C6EA1-0E53-40AC-A19F-922CE1A8BE77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07] (Google Inc.)
Task: {DB17A636-1CC6-4546-A712-FDC20ADF3D8D} - System32\Tasks\SafeZone scheduled Autoupdate 1475795388 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {E2720E6B-DAB7-4EF6-8399-BD97F44EFDD8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {FDCCDE3D-B011-40C9-ADB1-453BC3DF60B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07] (Google Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-21 15:46 - 2016-10-21 15:46 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-08 20:17 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-10-06 15:04 - 2016-10-06 15:06 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-10-21 15:46 - 2016-10-21 15:46 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-21 15:40 - 2016-10-21 15:40 - 01864384 _____ () C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-21 16:10 - 2016-10-21 16:20 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-10-21 16:10 - 2016-10-21 16:20 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-10-07 16:39 - 2016-09-25 08:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-07 16:39 - 2016-09-25 08:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-10-11 19:48 - 2016-10-11 19:48 - 31064768 _____ () C:\Users\Anaïs\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.185\pepflashplayer.dll
2016-10-06 15:34 - 2016-10-06 15:34 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-10-25 12:04 - 2016-10-25 12:04 - 03122008 _____ () C:\Program Files\AVAST Software\Avast\defs\16102500\algo.dll
2016-10-06 15:34 - 2016-10-06 15:34 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-10-23 05:51 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-10-23 05:51 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-10-23 05:51 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-10-23 05:51 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-10-23 05:51 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-10-21 15:37 - 2016-10-21 15:37 - 01383616 _____ () C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-10-21 15:38 - 2016-10-21 15:38 - 00118976 _____ () C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-10-06 15:34 - 2016-10-06 15:34 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-10-06 15:10 - 2016-10-06 15:10 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-496730697-2844734673-1435591839-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A00AFDC2-F2C1-473D-9F10-51599848F70E}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6A8C952A-DA46-4A4C-BF2E-FF8B57EC0573}] => (Allow) LPort=5357
FirewallRules: [{B5C17C93-9605-4347-8C76-7A31F312EDCA}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe
FirewallRules: [{D55BAB24-32B5-4707-8F6B-2E43F091E02A}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe
FirewallRules: [{63A27BA0-BC10-4E11-9887-A6F651B7217E}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe
FirewallRules: [{E474F808-A9C9-4668-A545-5FDF74A90FA5}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe
FirewallRules: [{FAE03230-EECF-4AF2-A529-1F2FF137FF10}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47F69F3D-8D22-44DD-9CF9-D8693D1DDAF8}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CD30CD86-EE4E-4CC8-84D2-48C4CC25AA7D}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{486E34F7-F9C7-40BA-8238-2F1CD81F3A08}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{601CDCCE-662A-4757-A9E5-DCEEEDBD5A52}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C7F53430-19E2-4A69-8228-B4547A6817DE}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C51DA5F-A384-45C7-8728-0AE276457806}] => (Allow) LPort=1900
FirewallRules: [{44D72B88-4ADE-4F46-995F-72548B585E87}] => (Allow) LPort=2869
FirewallRules: [{F9DD4D85-9A62-46E6-8C35-AF603ED0AFC6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{53CB66DD-FC3D-4A31-9691-AFF15E3D3285}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{79145FFA-DCEA-4ADB-85F9-BC26D24001D2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CADDD157-067A-4D4E-9EA2-5B91DDC52DE6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{4EBF3599-B4BC-4056-AE2E-8797A886F608}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{5357B25E-6223-41F6-9783-E404D3BDAC8B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{A18B817B-1583-41DC-96D4-68B92E0FF290}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{562C60D4-F594-4864-BDB7-7C8B79D55C46}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{873DF87C-FB7B-46FD-B4C7-DCDD2FCC3DAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9154C499-60A6-487E-AF77-E9A826E198A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E9608EF7-917E-4005-9B99-B83322D4A5C1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2684D9CF-1877-4A54-AD98-1105ED5754E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8F2BA881-0F74-466C-AD65-EBEB356B5698}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{3027E571-A8C0-4EAE-B8E2-8958F98DD78E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{ECE26CDB-89DF-4D59-9D7B-B95E95797780}C:\program files (x86)\hewlett-packard\hp support framework\resources\hppsdr\hpdiagnosticcoreui.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support framework\resources\hppsdr\hpdiagnosticcoreui.exe
FirewallRules: [UDP Query User{E0D27F81-9C2C-4CC9-88A4-7CB1C96EDDB0}C:\program files (x86)\hewlett-packard\hp support framework\resources\hppsdr\hpdiagnosticcoreui.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support framework\resources\hppsdr\hpdiagnosticcoreui.exe
FirewallRules: [{7F1F8CC4-B0F6-4AFF-A3DB-878AD40317D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Points de restauration =========================
21-10-2016 16:56:44 ASU_MSI_TRAN
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (10/25/2016 12:06:08 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.
Error: (10/25/2016 12:05:50 PM) (Source: HP Active Health) (EventID: 88) (User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
Error: (10/25/2016 12:05:49 PM) (Source: HP Active Health) (EventID: 88) (User: )
Description: -- SECURITY WARNING -- ActiveHealthState.ini has been tampered with, resetting it
Error: (10/25/2016 12:05:49 PM) (Source: HP Active Health) (EventID: 80) (User: )
Description: -- SECURITY WARNING -- Unable to deserialize super secret file hashes. Will assume evil is afoot - all Validate() calls will return DOESNT_MATCH
at HP.ActiveHealth.Commons.Security.HashStore.LoadHashesFromFile()
Error: (10/25/2016 12:02:36 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (10/25/2016 12:02:31 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10603.192) TYPE: ERROR
DPTF Build Version: 8.1.10603.192
DPTF Build Date: Aug 7 2015 10:44:44
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function: PolicyBase::takeControlOfOsc
Message: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10603.192
DPTF Build Date: Aug 7 2015 10:44:44
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Critical Policy [0]
Error: (10/25/2016 12:01:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-B9A6OIH)
Description: Échec de l’activation de l’application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (10/25/2016 07:39:05 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Application: winword.exe; IdentityType: Unknown; HasToken: 1; AutoLoadIdentity: 0; SessionLicensing: 0; LvuxSqm: 0; SppReady: 1; CurrentHr: 0x8000ffff; CorrelationId: {BB7460C3-5957-44A5-8925-63FAB0EE243B}; OlsErrorCode: 0x44; CurrentProductReleaseId: O365HomePremRetail; AllProductReleaseIds (from store): O365HomePremRetail
Error: (10/25/2016 07:39:01 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x44; CorrelationId: {58D3217E-2F2F-49C7-B5CB-9B5C36D9F19A}
Error: (10/25/2016 07:39:00 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x44; CorrelationId: {BB7460C3-5957-44A5-8925-63FAB0EE243B}
Erreurs système:
=============
Error: (10/25/2016 12:03:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service CDPUserSvc_520bc s’est arrêté avec l’erreur :
Erreur non spécifiée
Error: (10/25/2016 12:03:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service ClickToRunSvc n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (10/25/2016 12:03:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service ClickToRunSvc.
Error: (10/25/2016 12:02:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (10/25/2016 12:02:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (10/25/2016 12:01:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9A6OIH)
Description: Le serveur App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (10/25/2016 07:06:20 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANAS~1\AppData\Local\Temp\catchme.sys
Error: (10/25/2016 07:06:20 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANAS~1\AppData\Local\Temp\catchme.sys
Error: (10/25/2016 07:06:19 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANAS~1\AppData\Local\Temp\catchme.sys
Error: (10/25/2016 12:22:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service CDPUserSvc_50357 s’est arrêté avec l’erreur :
Erreur non spécifiée
CodeIntegrity:
===================================
Date: 2016-10-25 07:06:20.044
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Anaïs\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-25 07:06:20.039
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Anaïs\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-25 07:06:19.742
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Anaïs\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i3-5020U CPU @ 2.20GHz
Pourcentage de mémoire utilisée: 66%
Mémoire physique - RAM - totale: 4018.26 MB
Mémoire physique - RAM - disponible: 1340.22 MB
Mémoire virtuelle totale: 8626.26 MB
Mémoire virtuelle disponible: 5211.64 MB
==================== Lecteurs ================================
Drive c: (Windows) (Fixed) (Total:910.69 GB) (Free:797.94 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.62 GB) (Free:2.24 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 567C5A31)
Partition: GPT.
==================== Fin de Addition.txt ============================
Exécuté par Anaïs (25-10-2016 13:50:19)
Exécuté depuis C:\Users\Anaïs\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-21 13:27:41)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-496730697-2844734673-1435591839-500 - Administrator - Disabled)
Anaïs (S-1-5-21-496730697-2844734673-1435591839-1001 - Administrator - Enabled) => C:\Users\Anaïs
DefaultAccount (S-1-5-21-496730697-2844734673-1435591839-503 - Limited - Disabled)
Invité (S-1-5-21-496730697-2844734673-1435591839-501 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-496730697-2844734673-1435591839-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{D54EFEF9-E95A-3745-612D-DDE05CAB7627}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.2 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation)
Build-a-lot (x32 Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.6907 - CyberLink Corp.)
CyberLink PhotoDirector (Version: 5.0.6.6907 - Nom de votre société) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5708 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4508 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.5.4508 - Nom de votre société) Hidden
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4508 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Étude pour l'amélioration du produit HP Officejet 4630 series (HKLM\...\{3AAC8F9A-340C-4783-AC57-324C14CAFDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Evernote v. 5.8.13 (HKLM-x32\...\{A229420E-204B-11E5-B844-0050569584E9}) (Version: 5.8.13.8152 - Evernote Corp.)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{1504CF6F-8139-497F-86FC-46174B67CF7F}) (Version: 2.20.51 - Hewlett-Packard Company)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP Officejet 4630 series Aide (HKLM-x32\...\{ED0692F7-850B-4D42-A447-FB8411139C31}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.34.7 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{446AA6E0-104D-40FB-A18A-A3431AED2F14}) (Version: 12.5.32.37 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1A13FE59-6F7E-44DC-9AA7-2D7B9E08C2D4}) (Version: 1.4.6 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{DD21DBC9-2A74-44DA-A543-B1F4AF3ABFCA}) (Version: 1.1.8.1 - HP)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Logiciel de base du périphérique HP Officejet 4630 series (HKLM\...\{F117E4F6-F88D-44E6-AC71-8CF825DA742A}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Logiciel pour périphérique à chipset Intel® (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.7369.2038 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Nom de votre société)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.103 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7584 - Realtek Semiconductor Corp.)
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.37 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.59 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App pour HP (x32 Version: 4.0.11.16 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-496730697-2844734673-1435591839-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {097BBCE4-4396-4DA7-8EAA-78116217C58B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {16515EB6-977E-4143-B374-DBD7157787AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {17B5DF7E-0294-4520-A33F-C9DDB2B57378} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1EDA7449-3B7B-4FE8-95DC-7806493F507D} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-10-06] (AVAST Software)
Task: {3CD8766E-0FDD-4B9C-A3A9-EB8E6C8AF9F3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {475689CC-BE9A-40FE-817A-BFB053017D6F} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-10-07] (Microsoft Corporation)
Task: {47F6A7BB-6F1C-42B0-89ED-87468A4FCC23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-12] (HP Inc.)
Task: {4A067F46-C4DE-41C2-AF7D-B6453A76C9DF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-12] (HP Inc.)
Task: {5178B820-BFC1-43EB-9C5A-3926770ED8E8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {58665294-E3E4-4560-B296-325284A34A3E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-07-04] (HP Inc.)
Task: {679E00A6-0058-437A-9447-A6C3CB98AE14} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {68D14B43-1405-4461-898C-36CB00309069} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-19] ()
Task: {7152D2A0-51B6-4457-849F-8FA2AEAE6250} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-10-06] (AVAST Software)
Task: {85ED7DA9-E228-4CF3-8F3A-9D7BCB8553B8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-10-06] (AVAST Software)
Task: {8650CAFF-2479-4899-8D35-561DCA98495A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {8AE772AA-9DA2-47FE-9B38-886D19A6EC82} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2015-05-21] (Hewlett-Packard Development Company, L.P.)
Task: {8F65E738-F867-4243-AEBF-309FB984C762} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {8F6E3143-FD0F-493D-8C8B-D1589C4A58A3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {A90F7603-6F04-45E0-BE4A-2B33C63D8FB6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-10-24] (Microsoft Corporation)
Task: {C21C6EA1-0E53-40AC-A19F-922CE1A8BE77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07] (Google Inc.)
Task: {DB17A636-1CC6-4546-A712-FDC20ADF3D8D} - System32\Tasks\SafeZone scheduled Autoupdate 1475795388 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {E2720E6B-DAB7-4EF6-8399-BD97F44EFDD8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {FDCCDE3D-B011-40C9-ADB1-453BC3DF60B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07] (Google Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-21 15:46 - 2016-10-21 15:46 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-08 20:17 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-10-06 15:04 - 2016-10-06 15:06 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-10-21 15:46 - 2016-10-21 15:46 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-21 15:40 - 2016-10-21 15:40 - 01864384 _____ () C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-21 15:47 - 2016-10-21 15:47 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-21 16:10 - 2016-10-21 16:20 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-10-21 16:10 - 2016-10-21 16:20 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-10-07 16:39 - 2016-09-25 08:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-07 16:39 - 2016-09-25 08:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-10-11 19:48 - 2016-10-11 19:48 - 31064768 _____ () C:\Users\Anaïs\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.185\pepflashplayer.dll
2016-10-06 15:34 - 2016-10-06 15:34 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-10-25 12:04 - 2016-10-25 12:04 - 03122008 _____ () C:\Program Files\AVAST Software\Avast\defs\16102500\algo.dll
2016-10-06 15:34 - 2016-10-06 15:34 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-10-23 05:51 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-10-23 05:51 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-10-23 05:51 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-10-23 05:51 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-10-23 05:51 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-10-21 15:37 - 2016-10-21 15:37 - 01383616 _____ () C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-10-21 15:38 - 2016-10-21 15:38 - 00118976 _____ () C:\Users\Anaïs\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-10-06 15:34 - 2016-10-06 15:34 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-10-06 15:10 - 2016-10-06 15:10 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-496730697-2844734673-1435591839-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A00AFDC2-F2C1-473D-9F10-51599848F70E}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6A8C952A-DA46-4A4C-BF2E-FF8B57EC0573}] => (Allow) LPort=5357
FirewallRules: [{B5C17C93-9605-4347-8C76-7A31F312EDCA}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe
FirewallRules: [{D55BAB24-32B5-4707-8F6B-2E43F091E02A}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe
FirewallRules: [{63A27BA0-BC10-4E11-9887-A6F651B7217E}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe
FirewallRules: [{E474F808-A9C9-4668-A545-5FDF74A90FA5}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe
FirewallRules: [{FAE03230-EECF-4AF2-A529-1F2FF137FF10}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47F69F3D-8D22-44DD-9CF9-D8693D1DDAF8}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CD30CD86-EE4E-4CC8-84D2-48C4CC25AA7D}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{486E34F7-F9C7-40BA-8238-2F1CD81F3A08}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{601CDCCE-662A-4757-A9E5-DCEEEDBD5A52}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C7F53430-19E2-4A69-8228-B4547A6817DE}] => (Allow) C:\Users\Anaïs\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C51DA5F-A384-45C7-8728-0AE276457806}] => (Allow) LPort=1900
FirewallRules: [{44D72B88-4ADE-4F46-995F-72548B585E87}] => (Allow) LPort=2869
FirewallRules: [{F9DD4D85-9A62-46E6-8C35-AF603ED0AFC6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{53CB66DD-FC3D-4A31-9691-AFF15E3D3285}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{79145FFA-DCEA-4ADB-85F9-BC26D24001D2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CADDD157-067A-4D4E-9EA2-5B91DDC52DE6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{4EBF3599-B4BC-4056-AE2E-8797A886F608}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{5357B25E-6223-41F6-9783-E404D3BDAC8B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{A18B817B-1583-41DC-96D4-68B92E0FF290}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{562C60D4-F594-4864-BDB7-7C8B79D55C46}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{873DF87C-FB7B-46FD-B4C7-DCDD2FCC3DAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9154C499-60A6-487E-AF77-E9A826E198A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E9608EF7-917E-4005-9B99-B83322D4A5C1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2684D9CF-1877-4A54-AD98-1105ED5754E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8F2BA881-0F74-466C-AD65-EBEB356B5698}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{3027E571-A8C0-4EAE-B8E2-8958F98DD78E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{ECE26CDB-89DF-4D59-9D7B-B95E95797780}C:\program files (x86)\hewlett-packard\hp support framework\resources\hppsdr\hpdiagnosticcoreui.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support framework\resources\hppsdr\hpdiagnosticcoreui.exe
FirewallRules: [UDP Query User{E0D27F81-9C2C-4CC9-88A4-7CB1C96EDDB0}C:\program files (x86)\hewlett-packard\hp support framework\resources\hppsdr\hpdiagnosticcoreui.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support framework\resources\hppsdr\hpdiagnosticcoreui.exe
FirewallRules: [{7F1F8CC4-B0F6-4AFF-A3DB-878AD40317D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Points de restauration =========================
21-10-2016 16:56:44 ASU_MSI_TRAN
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (10/25/2016 12:06:08 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.
Error: (10/25/2016 12:05:50 PM) (Source: HP Active Health) (EventID: 88) (User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
Error: (10/25/2016 12:05:49 PM) (Source: HP Active Health) (EventID: 88) (User: )
Description: -- SECURITY WARNING -- ActiveHealthState.ini has been tampered with, resetting it
Error: (10/25/2016 12:05:49 PM) (Source: HP Active Health) (EventID: 80) (User: )
Description: -- SECURITY WARNING -- Unable to deserialize super secret file hashes. Will assume evil is afoot - all Validate() calls will return DOESNT_MATCH
at HP.ActiveHealth.Commons.Security.HashStore.LoadHashesFromFile()
Error: (10/25/2016 12:02:36 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (10/25/2016 12:02:31 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10603.192) TYPE: ERROR
DPTF Build Version: 8.1.10603.192
DPTF Build Date: Aug 7 2015 10:44:44
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function: PolicyBase::takeControlOfOsc
Message: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10603.192
DPTF Build Date: Aug 7 2015 10:44:44
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Critical Policy [0]
Error: (10/25/2016 12:01:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-B9A6OIH)
Description: Échec de l’activation de l’application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (10/25/2016 07:39:05 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Application: winword.exe; IdentityType: Unknown; HasToken: 1; AutoLoadIdentity: 0; SessionLicensing: 0; LvuxSqm: 0; SppReady: 1; CurrentHr: 0x8000ffff; CorrelationId: {BB7460C3-5957-44A5-8925-63FAB0EE243B}; OlsErrorCode: 0x44; CurrentProductReleaseId: O365HomePremRetail; AllProductReleaseIds (from store): O365HomePremRetail
Error: (10/25/2016 07:39:01 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x44; CorrelationId: {58D3217E-2F2F-49C7-B5CB-9B5C36D9F19A}
Error: (10/25/2016 07:39:00 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x44; CorrelationId: {BB7460C3-5957-44A5-8925-63FAB0EE243B}
Erreurs système:
=============
Error: (10/25/2016 12:03:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service CDPUserSvc_520bc s’est arrêté avec l’erreur :
Erreur non spécifiée
Error: (10/25/2016 12:03:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service ClickToRunSvc n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (10/25/2016 12:03:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service ClickToRunSvc.
Error: (10/25/2016 12:02:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (10/25/2016 12:02:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (10/25/2016 12:01:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9A6OIH)
Description: Le serveur App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (10/25/2016 07:06:20 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANAS~1\AppData\Local\Temp\catchme.sys
Error: (10/25/2016 07:06:20 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANAS~1\AppData\Local\Temp\catchme.sys
Error: (10/25/2016 07:06:19 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANAS~1\AppData\Local\Temp\catchme.sys
Error: (10/25/2016 12:22:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service CDPUserSvc_50357 s’est arrêté avec l’erreur :
Erreur non spécifiée
CodeIntegrity:
===================================
Date: 2016-10-25 07:06:20.044
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Anaïs\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-25 07:06:20.039
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Anaïs\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-25 07:06:19.742
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Anaïs\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i3-5020U CPU @ 2.20GHz
Pourcentage de mémoire utilisée: 66%
Mémoire physique - RAM - totale: 4018.26 MB
Mémoire physique - RAM - disponible: 1340.22 MB
Mémoire virtuelle totale: 8626.26 MB
Mémoire virtuelle disponible: 5211.64 MB
==================== Lecteurs ================================
Drive c: (Windows) (Fixed) (Total:910.69 GB) (Free:797.94 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.62 GB) (Free:2.24 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 567C5A31)
Partition: GPT.
==================== Fin de Addition.txt ============================