Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:12-12-2015 Exécuté par romain (2015-12-12 16:11:57) Exécuté depuis C:\Users\romain\Downloads Windows 10 Home (X64) (2015-12-04 21:35:37) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2452922326-2711530018-4083877316-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2452922326-2711530018-4083877316-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2452922326-2711530018-4083877316-1003 - Limited - Enabled) Invité (S-1-5-21-2452922326-2711530018-4083877316-501 - Limited - Disabled) romain (S-1-5-21-2452922326-2711530018-4083877316-1001 - Administrator - Enabled) => C:\Users\romain ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AV: Protection antivirus et antispyware McAfee (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} AS: Protection antivirus et antispyware McAfee (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: Pare-feu McAfee (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform) Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3606 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3305 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory) Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Documentation (HKLM-x32\...\{CCE5C597-03EA-423E-BA80-6FCD280A8465}) (Version: 1.1.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{3EDAF5B5-0CA9-4967-B103-FBFF1162C336}) (Version: 1.2.10 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company) Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation) Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Labeljoy 5 (HKLM-x32\...\{50BC64A3-7051-4677-B49C-19D303F10350}) (Version: 5 - eDisplay) Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden MyFreeCodec (HKU\S-1-5-21-2452922326-2711530018-4083877316-1001\...\MyFreeCodec) (Version: - ) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Ralink Bluetooth Stack64 (HKLM\...\{8A69F02D-A72B-AEE6-1CD3-6B05B9F9DD83}) (Version: 11.0.742.0 - Mediatek) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek) Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29070 - Realtek Semiconductor Corp.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.10.4584 - Enigma Software Group, LLC) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden WahOO (HKLM-x32\...\{0271A4CB-D48C-4CDF-826F-62EE8D91663F}_is1) (Version: 0.9.16 - Kow Media) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2452922326-2711530018-4083877316-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\romain\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2452922326-2711530018-4083877316-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Points de restauration ========================= 07-12-2015 16:24:14 Windows Update 11-12-2015 18:44:51 Uniblue DriverScanner installation ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {13B6A820-3E2D-4083-9298-E09622D46A9D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {143EAF5C-CA86-4765-9E5C-EB9F01C32ABA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {16D00894-C28F-48B6-AFC1-41D54F352803} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {180F2737-54D7-460F-A5E9-A82B710683E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {1A107B3F-1985-4B2B-A812-19607080F219} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {2595DEDD-8167-47A3-8BE7-F5606296D089} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.) Task: {25F9383C-8B1D-45D7-89DA-CE4CC43F6E8E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {2EF8DD51-5630-46FE-8B2F-59D359781712} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd) Task: {2F3D1F9B-A6FD-48BE-909D-35CE8EC02B51} - System32\Tasks\HPCeeScheduleForromain => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {33E12A4C-6720-4B80-B2B3-0EA3B5B79288} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION Task: {39168056-F12B-42A8-B5AB-517C7A13CC04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {517CAE06-DBFB-4C6D-AA4A-C718DCCC1D6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-11-24] (HP Inc.) Task: {69BD5F45-AE09-4E51-8639-2FAABFABDF06} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {6DF16ED9-1EB6-4F0C-AF01-5BD485DB50F6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {7E60873E-95CB-454A-AF48-8D5C958D96D4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {84EC9CE0-4319-4DB5-9C9C-D67A71B08EF1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {927AE985-168C-4D33-8418-E444FFA47EF1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {A670DB80-C567-4133-A420-BD12A557D375} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-11-24] (HP Inc.) Task: {A9613574-7BD4-4A47-9E89-26B0062A5899} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {B4CB2EB7-956C-4CDF-91DA-5CF93E8624A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {BDEC53FE-128E-4529-91B3-F0B287CDF14E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {C96DE922-161B-45E3-BB12-78F9CCFAFA57} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {DCADDF61-322F-4CF4-89C7-7DC97F0DD4E5} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink) Task: {DECEF675-FCB6-46EF-AFE3-0304A2A35905} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-17] (Synaptics Incorporated) Task: {E013DCEB-9FE8-4538-AE8B-910C9E4FC623} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {E7FBBBE7-E0E8-4143-B2F1-2AE3A620091A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-02] (AVAST Software) Task: {E81359FB-72C2-466D-B059-51CED0318B8F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {F7AC56FD-B27F-4D56-8214-A95D93351F5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForromain.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2013-10-14 11:25 - 2013-10-14 11:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2013-10-14 11:22 - 2013-10-14 11:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2013-10-14 11:22 - 2013-10-14 11:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2013-10-14 11:22 - 2013-10-14 11:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2013-10-14 11:35 - 2013-10-14 11:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2013-10-14 11:35 - 2013-10-14 11:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2013-10-14 11:23 - 2013-10-14 11:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe 2013-10-14 11:24 - 2013-10-14 11:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll 2015-12-04 21:52 - 2015-12-04 21:52 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-04 21:52 - 2015-12-04 21:52 - 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll 2015-12-04 21:52 - 2015-12-04 21:52 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-05 08:32 - 2015-12-05 08:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-30 08:17 - 2015-10-30 08:17 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2013-10-14 11:30 - 2013-10-14 11:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2015-09-29 13:40 - 2015-12-01 13:03 - 05294832 _____ () C:\Program Files (x86)\KowMedia\WahOO\Wahoo.exe 2015-08-07 11:20 - 2015-08-07 11:20 - 00122536 _____ () C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe 2015-11-16 17:55 - 2015-11-16 17:55 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2015-12-04 21:52 - 2015-12-04 21:52 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-04 21:52 - 2015-12-04 21:52 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-04 21:52 - 2015-12-04 21:52 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-12-04 21:52 - 2015-12-04 21:52 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-10-02 14:27 - 2015-10-02 14:27 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-10-02 14:27 - 2015-10-02 14:27 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-12-11 18:25 - 2015-12-11 18:25 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15121102\algo.dll 2015-12-12 12:15 - 2015-12-12 12:15 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15121200\algo.dll 2015-12-05 08:32 - 2015-12-05 08:33 - 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-12-05 08:32 - 2015-12-05 08:33 - 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2014-03-07 18:38 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-09-29 13:40 - 2014-10-23 11:27 - 00119822 _____ () C:\Program Files (x86)\KowMedia\WahOO\libgcc_s_dw2-1.dll 2015-09-29 13:40 - 2014-10-23 11:27 - 01026574 _____ () C:\Program Files (x86)\KowMedia\WahOO\libstdc++-6.dll 2015-09-29 13:40 - 2014-10-16 11:34 - 03758809 _____ () C:\Program Files (x86)\KowMedia\WahOO\icuin53.dll 2015-09-29 13:40 - 2014-10-16 11:33 - 02093901 _____ () C:\Program Files (x86)\KowMedia\WahOO\icuuc53.dll 2015-09-29 13:40 - 2014-10-16 11:34 - 21565880 _____ () C:\Program Files (x86)\KowMedia\WahOO\icudt53.dll 2015-10-02 14:27 - 2015-10-02 14:27 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-03-07 18:19 - 2013-09-16 22:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Program Files\Bonjour:Win32App_1 AlternateDataStreams: C:\Program Files\CCleaner:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Adobe Download Assistant:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Hewlett-Packard:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\HPConnectedMusic:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Labeljoy 5:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\WildGames:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App_1 AlternateDataStreams: C:\WINDOWS\SysWOW64\Adobe:Win32App_1 AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1 ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== EXE Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2452922326-2711530018-4083877316-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg DNS Servers: 212.27.40.240 - 212.27.40.241 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKU\S-1-5-21-2452922326-2711530018-4083877316-1001\...\StartupApproved\Run: => "KiesPreload" HKU\S-1-5-21-2452922326-2711530018-4083877316-1001\...\StartupApproved\Run: => "KiesPDLR.exe" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{7D2EF48A-97F5-46A8-852B-04A52A21DA0C}] => (Allow) C:\Program Files (x86)\KowMedia\WahOO\WahOO.exe FirewallRules: [{DCCC5F14-149F-48F3-86B4-8E2D38A45988}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A19707E1-0C07-4904-BD7C-D8A87CBD38AE}] => (Allow) LPort=2869 FirewallRules: [{5B0A8184-9D4F-4AC2-A1FF-A875D31E30FA}] => (Allow) LPort=1900 FirewallRules: [{4B501766-87B3-46ED-91CC-CCBAE1A4C937}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{87B055B9-1BF2-4453-8422-E065708F87BD}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{4D64E5BD-BBA2-42FC-8635-C61AA34D60BD}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{EA4C8099-CC49-4EBF-A1C5-5CC1F19AB7AA}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{8F7388B8-2AE2-4B1E-BC67-0D7100919F9C}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{255C63CF-4C34-4AF7-8CF8-A44D1852FF7E}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{C6B48393-64DE-4547-AFF1-FA3540C8978B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4620DC02-3753-4044-BE29-11B75F1BEA84}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{8F954D0A-074D-4C20-802E-7C2604E2E62E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{17B7778F-5CFE-4C5F-87E1-A6C9610D9054}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{765CFD61-2A2F-4B83-A1E5-44D04D6A05C2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{A9835A66-2139-431C-849A-D01E74806B52}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{AF53469F-874C-490E-B6DF-F8CF593BD0E4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{0A52DCC2-8ED3-4CAF-BA3D-D8AB57CE94C6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{96C3B30D-8384-4EE7-A1C3-3D6CE6F300FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{87C70BAB-E495-4EF9-906D-487CBC231909}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{D8AC3AFC-3290-4C8C-93B6-2A07081900E7}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{18A83B9C-2B3F-4F4C-BAEA-273534B8C886}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{1749813D-B6B3-40CD-83CB-F7386E7F930B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{B9F274C6-01B6-48D1-8DAC-007044D6B756}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{A844150D-D7D1-4C64-82CA-0A6D8E66518F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe FirewallRules: [{D251EEC2-0BA3-450F-84FE-22908D471737}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{AC97BD05-2D4C-413E-AD48-54FDF5E41659}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{3313263E-25FB-4497-BBEB-ABA8523248C7}] => (Allow) C:\Program Files (x86)\KowMedia\WahOO\WahOO.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Labeljoy 5\LotoUpdate.exe] => Enabled:LotoUpdate ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (12/12/2015 03:54:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname pc-portable.local already in use; will try pc-portable-2.local instead Error: (12/12/2015 03:54:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 pc-portable.local. Addr 192.168.0.10 Error: (12/12/2015 03:54:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353 16 pc-portable.local. AAAA 2A01:0E34:EF43:CE50:407A:F85E:E50B:39AB Error: (12/12/2015 03:54:48 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 368922 Error: (12/12/2015 03:54:48 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 368922 Error: (12/12/2015 03:54:48 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/12/2015 10:03:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante microsoftedgecp.exe, version : 11.0.10586.20, horodatage : 0x56540c35 Nom du module défaillant : edgehtml.dll, version : 11.0.10586.20, horodatage : 0x56541351 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000043846c ID du processus défaillant : 0xd4 Heure de début de l’application défaillante : 0xmicrosoftedgecp.exe0 Chemin d’accès de l’application défaillante : microsoftedgecp.exe1 Chemin d’accès du module défaillant: microsoftedgecp.exe2 ID de rapport : microsoftedgecp.exe3 Nom complet du package défaillant : microsoftedgecp.exe4 ID de l’application relative au package défaillant : microsoftedgecp.exe5 Error: (12/11/2015 10:44:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3875 Error: (12/11/2015 10:44:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3875 Error: (12/11/2015 10:44:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Erreurs système: ============= Error: (12/12/2015 03:56:47 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Le service McAfee Anti-Spam Service dépend du service suivant : Mfevtp. Ce dernier n’est peut-être pas installé. Error: (12/12/2015 03:56:34 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (12/12/2015 03:56:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORITE NT) Description: Le service de configuration automatique de réseau WLAN a détecté une connectivité limitée en exécutant Reset/Recover.adapter. Code : 8 0x0 0x0 Error: (12/12/2015 03:56:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORITE NT) Description: Le service de configuration automatique de réseau WLAN a détecté une connectivité limitée en exécutant Reset/Recover.adapter. Code : 2 0xdeaddeed 0xeeec Error: (12/12/2015 03:56:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORITE NT) Description: Le service de configuration automatique de réseau WLAN a détecté une connectivité limitée en exécutant Reset/Recover.adapter. Code : 1 0xc 0x4 Error: (12/12/2015 03:48:30 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible Error: (12/12/2015 03:48:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service CyberLink PowerDVD 12 Media Server Service s’est terminé de façon inattendue pour la 1ème fois. Error: (12/12/2015 11:43:33 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (12/12/2015 11:37:55 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (12/12/2015 11:02:51 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} CodeIntegrity: =================================== Date: 2015-12-12 12:16:20.168 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-12 08:07:41.293 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 20:55:33.979 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 18:46:58.252 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\WNEn\WNEnlibs\fspvus.dll that did not meet the Store signing level requirements. Date: 2015-12-11 18:46:58.149 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\ProgramData\cAcQddM\dat\ESrxmk.dll that did not meet the Store signing level requirements. Date: 2015-12-11 18:38:30.603 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\WNEn\WNEnlibs\fspvus.dll that did not meet the Store signing level requirements. Date: 2015-12-11 18:38:30.598 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\WNEn\WNEnlibs\fspvus.dll that did not meet the Store signing level requirements. Date: 2015-12-11 18:38:30.580 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\WNEn\WNEnlibs\fspvus.dll that did not meet the Store signing level requirements. Date: 2015-12-11 18:38:30.573 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\WNEn\WNEnlibs\fspvus.dll that did not meet the Store signing level requirements. Date: 2015-12-11 18:38:30.535 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\WNEn\WNEnlibs\fspvus.dll that did not meet the Store signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Pourcentage de mémoire utilisée: 76% Mémoire physique - RAM - totale: 3988.27 MB Mémoire physique - RAM - disponible: 938.3 MB Mémoire virtuelle totale: 5396.27 MB Mémoire virtuelle disponible: 1253.09 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:447.72 GB) (Free:348.16 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:16.42 GB) (Free:1.64 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] ==================== MBR & Table des partitions ================== ==================== Fin de Addition.txt ============================