Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 21-12-2016 Exécuté par Liliane (28-12-2016 11:20:28) Exécuté depuis C:\Users\Liliane\Desktop Windows 8.1 (Update) (X64) (2014-02-16 11:00:51) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-1917785224-2821803422-857046797-500 - Administrator - Disabled) Invité (S-1-5-21-1917785224-2821803422-857046797-501 - Limited - Disabled) Liliane (S-1-5-21-1917785224-2821803422-857046797-1001 - Administrator - Enabled) => C:\Users\Liliane ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.) Alcor Micro USB Card Reader Driver (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AMD Catalyst Install Manager (HKLM\...\{B38CC495-7657-3D5A-80C2-8D6E0ED8E638}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform) Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6805 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3103 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3215 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Étude pour l'amélioration du produit HP Deskjet 2540 series (HKLM\...\{B01F43B5-AD90-417C-BDF8-4E5A96530476}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-1917785224-2821803422-857046797-1001\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd) HP Deskjet 2540 series Aide (HKLM-x32\...\{2FAD0F16-4309-4D22-AE73-F4CCA737D013}) (Version: 30.0.0 - Hewlett Packard) HP Documentation (HKLM-x32\...\{06600E94-1C34-40E2-AB09-D30AECF78172}) (Version: 1.1.0.0 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.51 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.3.50.9 - HP Inc.) HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{93A048EC-70FB-4BB2-8335-00654AC8E4C1}) (Version: 12.5.32.203 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Inst5675 (Version: 8.00.51 - Softex Inc.) Hidden Inst5676 (Version: 8.00.51 - Softex Inc.) Hidden Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Logiciel de base du périphérique HP Deskjet 2540 series (HKLM\...\{3330B490-86DE-4E57-AE3A-14AECC0ACC52}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office Professionnel Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 50.1.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 fr)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros) Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30175 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7135 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.0.7001 - CyberLink Corp.) Hidden SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) SRWare Iron version SRWare Iron 40.2150.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 40.2150.0 - SRWare) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer) Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {01E7DB88-4EC4-47FF-85DB-48AC8D2DBBAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {034B3C37-111F-45C1-9FD4-7979002590D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {0E64285F-573E-464F-8521-07F92033B055} - System32\Tasks\HP AR Program Upload - 503dbc7d2d3644ad84e31b59fadbd5e9d966c9d1b26f4c8881f1a6dbe3482d68 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: ) Task: {234F9595-0995-44E2-AFB9-2DA888ABF26E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.) Task: {2AC337F0-E61B-4507-9DDA-C1CEB2CDDF79} - System32\Tasks\HP AR Program Upload - c3226a0f9c9740da93bcbeb28aef26b982bbff7c948242a8afa19a5b02dd315a => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: ) Task: {52552741-C808-40D6-A50E-6E92E1EEF30E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {562E730B-7AB1-4AF9-B965-67D69BE3D6CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-08-15] (HP Inc.) Task: {56F3D542-7022-44F1-8E5C-ED60B6AD81B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-12] (HP Inc.) Task: {6BF5C616-3F72-4068-9E1C-40C63C132A76} - System32\Tasks\HP AR Program Upload - 4649863d1e2f4b5ba3643bf992e0ef70ba3f68585d1043b39f9695f4d7bef8e5 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: ) Task: {719DC859-E03B-49CA-AAFF-C4CD653CC0C1} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {79B8A632-A31A-423A-923E-BE0889B5F3B2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-12-14] (Microsoft Corporation) Task: {7B219139-E6A7-4DD5-A35D-9DDA6BD1031D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {8262C787-C096-44C6-AD9A-C1018B7B640F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.) Task: {84DE15EB-154D-487B-AAF6-DB092929F898} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink) Task: {9FCC3A9D-B7AB-40E0-A127-55E6DA8778C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {A0FC9900-893A-40F9-8572-603A6B30FDD2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd) Task: {A10E07E3-4CF2-4F24-BFBE-9EBF1C809D6E} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1917785224-2821803422-857046797-1001 Task: {A57C85F9-EEFB-4746-807B-0E97C117158B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated) Task: {E2BF32B5-B5BA-4F93-9A9C-57B07FAB40DD} - System32\Tasks\HP AR Program Upload - 01d2e64480544b02b68b11f178940c1f848b25bbedc14f7f9d0832bf272eb986 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: ) Task: {E44E4447-C6A4-4296-8F58-A5FAD18A680E} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.) Task: {F0211404-A0A7-441C-AE7A-6B49C657FE43} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-12] (HP Inc.) Task: {F5436E93-E208-4F5E-A26F-135E47F3AFC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\HPCeeScheduleForLiliane.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2013-09-05 12:22 - 2013-09-05 12:22 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe 2013-09-05 12:24 - 2013-09-05 12:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll 2013-09-05 12:24 - 2013-09-05 12:24 - 02540544 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2013-09-05 12:21 - 2013-09-05 12:21 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2013-09-05 12:21 - 2013-09-05 12:21 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2013-09-05 12:21 - 2013-09-05 12:21 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2013-09-05 12:36 - 2013-09-05 12:36 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2013-09-05 12:36 - 2013-09-05 12:36 - 01298832 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2013-09-05 12:31 - 2013-09-05 12:31 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2014-01-23 01:30 - 2013-08-05 08:49 - 00627672 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-08-06 00:48 - 2013-08-06 00:48 - 00016856 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\S-1-5-21-1917785224-2821803422-857046797-1001\...\skype.com -> hxxps://apps.skype.com ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-1917785224-2821803422-857046797-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{EA538CF7-72F0-4E43-9678-39C391F6ED54}] => c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{53F5D2A3-CA68-498C-BA2F-D73778D03CE1}] => c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{4FCCC9F7-0DBB-4510-B1D2-5487BF3D15A5}] => c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{DD2D4CBF-10F4-46CB-88D7-E07C582CA51D}] => c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{BB375446-B1D0-4C8F-BCA1-3716C5F1493E}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CC9B004C-4EAA-4EF6-AE45-081EEFE8B3E6}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{205AFE3B-CC43-4FE6-B0D2-9BC91F9446A4}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8E029C7A-9719-45D2-9311-5045CBB30B5D}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4756707E-BCC5-4A9C-822F-FA503AB5549E}] => C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{938A3614-6CBF-40E6-86CB-710008F529F6}] => C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{47CE93D0-D7A3-4E90-97A7-60A926D95E4A}] => %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{A9CBBE57-9AAC-40C1-A1A7-89231325F11C}] => %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{262D134F-24D9-4D5A-95C8-10112DE8F497}] => %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{5724233E-D3FA-41DD-B567-A3F7B27F9AE5}] => %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{53CE72EA-2916-4F8A-8666-FC769868F454}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{87CCF5B0-169B-4055-ADE7-B146683F5F6B}] => LPort=2869 FirewallRules: [{3A705CBA-5C2F-40B0-B223-0A4B21966E50}] => LPort=1900 FirewallRules: [{9B195A67-D21E-4AE3-A6C9-FEEAC4E6C27A}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{73AD2A7D-6F09-40D0-9880-39C58DA1D69F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{5151BA1C-0409-4788-889C-B1EBEB9DD2D4}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{A3AE98A2-7538-43B1-82DB-6CC2221241E0}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{FE7FE284-D04B-4F20-A17E-5436D57E4BA1}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{48520A33-CE31-4129-B6D9-267C010F6BB2}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{D4FD53F1-AD9D-467A-A2DE-E7A9BD7FC5B1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E427E05F-3ECB-47D1-992F-EDFB7649B2DB}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1C83B805-0007-43D1-849A-6AD73912DB3A}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{56406774-08D0-4F81-A233-A5F588EDD61F}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{EF9703BB-2BAA-4024-A3D0-3C33D740B97B}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{1A8CD79A-3259-427B-A7F5-8D2CF6F0D520}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C3261A47-63BC-4C93-9D73-BE60F1FFBA31}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{9F8B58F4-C921-4971-A87E-3B86B58B1843}] => LPort=5357 FirewallRules: [{8543FBAA-7105-45D6-9E78-875844976B22}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{984D9777-3BC4-4560-9C71-806A8BED4C62}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{2AD0F1BD-B58E-448D-875A-3E8A13890864}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{0180AD9E-8F47-41D3-840E-47F3C5B00F94}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{01678A0C-3AFB-4491-847F-7EB6EB2D716A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Points de restauration ========================= 14-12-2016 12:27:53 Windows Update 23-12-2016 12:26:28 Point de contrôle planifié 26-12-2016 18:49:46 zoek.exe restore point ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (12/27/2016 02:29:50 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1704 Error: (12/27/2016 02:29:50 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1704 Error: (12/27/2016 02:29:50 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/27/2016 12:57:12 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Échec de la procédure d’ouverture pour le service « .NETFramework » dans la DLL « C:\windows\system32\mscoree.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. Error: (12/27/2016 12:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 F.5.A.3.E.6.8.1.E.3.8.2.2.1.D.D.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Liliane.local. Error: (12/27/2016 12:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.10:5353 17 F.5.A.3.E.6.8.1.E.3.8.2.2.1.D.D.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Liliane-2.local. Error: (12/27/2016 12:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 10.1.168.192.in-addr.arpa. PTR Liliane.local. Error: (12/27/2016 12:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.10:5353 17 10.1.168.192.in-addr.arpa. PTR Liliane-2.local. Error: (12/27/2016 12:45:35 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Impossible d’obtenir les informations de registre des compteurs de performances pour WSearchIdxPi pour l’instance en raison de l’erreur suivante : L’opération a réussi. 0x0. Error: (12/27/2016 12:45:35 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Impossible d’initialiser le contrôle des performances pour l’objet rassembleur. Les compteurs ne sont pas chargés ou l’objet mémoire partagée ne peut pas être ouvert. Cela affecte seulement la disponibilité des compteurs. Redémarrez l’ordinateur. Contexte : Application , Catalogue SystemIndex Erreurs système: ============= Error: (12/27/2016 09:52:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service CyberLink PowerDVD 12 Media Server Service s’est terminé de façon inattendue pour la 6ème fois. Error: (12/27/2016 05:48:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service CyberLink PowerDVD 12 Media Server Service s’est terminé de façon inattendue pour la 5ème fois. Error: (12/27/2016 04:01:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service CyberLink PowerDVD 12 Media Server Service s’est terminé de façon inattendue pour la 4ème fois. Error: (12/27/2016 03:26:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service CyberLink PowerDVD 12 Media Server Service s’est terminé de façon inattendue pour la 3ème fois. Error: (12/27/2016 02:29:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service CyberLink PowerDVD 12 Media Server Service s’est terminé de façon inattendue pour la 2ème fois. Error: (12/27/2016 01:39:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service CyberLink PowerDVD 12 Media Server Service s’est terminé de façon inattendue pour la 1ème fois. Error: (12/27/2016 12:42:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Superfetch s’est arrêté avec l’erreur : Le service n’a pas été démarré. Error: (12/27/2016 11:50:42 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Le service PEVSystemStart est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement. Error: (12/27/2016 11:50:41 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Le service PEVSystemStart est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement. Error: (12/27/2016 11:50:41 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Le service PEVSystemStart est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement. CodeIntegrity: =================================== Date: 2016-12-27 15:07:53.546 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-27 15:07:50.843 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-27 15:07:48.124 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-27 15:07:27.046 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-27 15:07:24.234 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-27 15:07:21.312 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-27 15:07:18.515 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-27 15:07:15.578 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-27 15:07:12.781 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-27 15:07:09.874 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: AMD E1-2500 APU with Radeon(TM) HD Graphics Pourcentage de mémoire utilisée: 51% Mémoire physique - RAM - totale: 3532.98 MB Mémoire physique - RAM - disponible: 1707.71 MB Mémoire virtuelle totale: 4364.98 MB Mémoire virtuelle disponible: 1980.32 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:459.18 GB) (Free:401.1 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive d: (Recovery Image) (Fixed) (Total:12.77 GB) (Free:1.52 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive f: (Mes documents) (Fixed) (Total:458.08 GB) (Free:406.24 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: B3712F50) Partition: GPT. ==================== Fin de Addition.txt ============================