Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:07-09-2015 Exécuté par Oriane (2015-09-09 10:24:30) Exécuté depuis C:\Users\Oriane\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2015-04-09 09:01:12) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3905478184-3407929709-2893840352-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-3905478184-3407929709-2893840352-1002 - Limited - Enabled) Invité (S-1-5-21-3905478184-3407929709-2893840352-501 - Limited - Disabled) Oriane (S-1-5-21-3905478184-3407929709-2893840352-1000 - Administrator - Enabled) => C:\Users\Oriane ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden µTorrent (HKU\S-1-5-21-3905478184-3407929709-2893840352-1000\...\uTorrent) (Version: 3.4.3.39944 - BitTorrent Inc.) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.0 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated) Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR) AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Another World (HKLM-x32\...\Steam App 233550) (Version: - Eric Chahi) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform) Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft Montréal) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform) Désinstaller l'imprimante EPSON SX440 Series (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation) Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.) Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.) Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.23 - Samsung Electronics CO., LTD.) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.) f.lux (HKU\S-1-5-21-3905478184-3407929709-2893840352-1000\...\Flux) (Version: - ) FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GHOST(6980X) (HKLM-x32\...\{CE7DAF08-F073-4499-AA99-FC0143DF55BB}) (Version: 1.01.0000 - Nom de votre société) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36279 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation) LibreOffice 5.0.1.2 (HKLM-x32\...\{927AE35D-72BC-437D-BAC7-EE47D03DEE54}) (Version: 5.0.1.2 - The Document Foundation) Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Module linguistique Microsoft .NET Framework 4 Client Profile FRA (HKLM\...\Microsoft .NET Framework 4 Client Profile FRA Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Mozilla Firefox 41.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 en-US)) (Version: 41.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.0.5724 - Mozilla) Multimedia POP (HKLM-x32\...\{CE3007FF-3E77-4B5B-8F94-662C9582C8A5}) (Version: 1.2 - Samsung Electronics CO., LTD.) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) PC TWIN SHOCK (HKLM-x32\...\{BEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - GASIA) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Popcorn Time (HKU\S-1-5-21-3905478184-3407929709-2893840352-1000\...\Popcorn Time) (Version: - Popcorn Official) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39025 - Realtek Semiconductor Corp.) Remember Me (HKLM-x32\...\Steam App 228300) (Version: - DONTNOD Entertainment) S Agent (Version: 1.1.53 - Samsung Electronics CO., LTD.) Hidden Samsung Update (HKLM-x32\...\{00ABE05F-DB49-4421-AA35-833DD9A9A94D}) (Version: 2.2.12 - Samsung Electronics CO., LTD.) Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung Electronics CO., LTD.) SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.1.0 - Synaptics Incorporated) Tablette (HKLM-x32\...\Tablet Driver) (Version: - Wacom Technology Corp.) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft) User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.2 - Samsung Electronics CO., LTD.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VueScan x64 (HKLM\...\VueScan x64) (Version: - ) Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinRAR 5.30 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.3 - win.rar GmbH) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) Zotero Standalone 4.0.28 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.28 (x86 en-US)) (Version: 4.0.28 - Zotero) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Points de restauration ========================= 29-08-2015 21:54:57 Fin de désinfection 29-08-2015 22:08:18 Installed LibreOffice 5.0.1.2 29-08-2015 22:21:38 Installed Evernote v. 5.9 29-08-2015 22:32:15 Removed Skype™ 7.8 01-09-2015 12:17:27 Windows Update 04-09-2015 15:39:55 Installed Evernote v. 5.9.1 08-09-2015 14:49:36 Windows Update ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0F8A6CDE-6669-4B68-B2B1-2815EE29072A} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-03-27] (Samsung Electronics Co., Ltd.) Task: {1C9CC425-4DAC-4BBF-BC25-A466AD630CC3} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.) Task: {24004A24-3B66-49E3-BCB6-3C1C02763E75} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.) Task: {2B059FB2-162A-4FDC-984B-DDF82816997C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd) Task: {2F9E87A3-1315-4C27-BDB0-9A61620444AC} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-04-17] (Samsung Electronics Co., Ltd.) Task: {356FA9F2-EF3C-4DCA-B1A3-E2B2609E3B21} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated) Task: {43583B6E-C95B-4249-B8B9-5C6A581569A9} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-04-19] (Samsung Electronics CO., LTD.) Task: {5069881B-9033-450D-A9EE-C0660D83D7F2} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {5B5D692D-09CB-4B8E-A038-EAC370E5DBD9} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-01-31] (Samsung Electronics Co., Ltd.) Task: {698B7599-603B-4C78-9A5B-76A79E9497C1} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics) Task: {9A5063BB-056F-41FD-8228-A47CF89C3ED0} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {9A5118B2-201F-4827-9FF1-1D5DCD32FCD3} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2015-07-01] (Samsung Electronics CO., LTD.) Task: {9F283D76-C95A-4068-9903-ACA6A2C24F4B} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2015-03-11] (Piriform Ltd) Task: {A83DC0FF-0851-4BAB-87B3-71BF80073D50} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {C672EB59-E0C3-45A5-9F24-38FEF83BBCFE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-27] (AVAST Software) Task: {E8C2D216-D969-4976-BF10-099CDC66CCCC} - System32\Tasks\SUPatchForW10Up => %programdata%\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe Task: {F1B7ABDB-FC45-40D4-AF0A-4C0861C156C5} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe ==================== Modules chargés (Avec liste blanche) ============== 2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2012-06-14 04:36 - 2012-02-13 08:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe 2015-09-02 13:00 - 2015-09-02 13:00 - 10566352 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe 2015-08-24 20:28 - 2015-08-24 20:28 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2012-05-25 07:00 - 2012-04-18 12:49 - 00127320 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2015-08-27 23:11 - 2015-08-27 23:11 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-08-27 23:11 - 2015-08-27 23:11 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-09-08 14:42 - 2015-09-08 14:42 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15090800\algo.dll 2015-09-09 10:22 - 2015-09-09 10:22 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15090803\algo.dll 2012-06-14 04:36 - 2011-02-16 18:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll 2012-06-14 04:36 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll 2015-04-09 11:52 - 2015-04-09 11:52 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-04-11 17:36 - 2015-04-11 17:36 - 00172032 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll 2012-05-25 06:59 - 2011-11-29 13:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-05-25 07:00 - 2012-04-18 12:50 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== EXE Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-3905478184-3407929709-2893840352-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Oriane\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 89.2.0.10 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: EPLTarget => MSCONFIG\startupreg: FileHippo.com => "C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe" /background MSCONFIG\startupreg: ghost => C:\Users\Oriane\Documents\GIGABYTE\GHOST(6980X)\ghostopen.exe MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe MSCONFIG\startupreg: SteelSeries Engine => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Tilt => C:\Users\Oriane\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{6DEEC8E9-F093-4E60-9708-140365884781}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{64DE766D-7E0E-42CF-A27E-C5893333DEF0}] => (Allow) LPort=2869 FirewallRules: [{6D7AE5F3-AC54-4A50-A916-EEA654DF4CDE}] => (Allow) LPort=1900 FirewallRules: [{A4960703-5BE6-4085-ACDD-76E291199681}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{055458A8-9634-46DF-8B3E-7CB48599AD55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6B04A285-C14D-4A77-9F22-342B3DFB3DB9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{32A5AB92-556D-4EB8-B718-0EC5C9753EB3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{BDB5DA5F-4803-4188-BEFD-3EBF7203B24B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{76FB7400-20E1-4017-BBFB-D523554F1480}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{7E522102-5EAD-4E2D-9FEC-20590A932CA5}] => (Allow) C:\Users\Oriane\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{730D3681-AF10-4425-A02A-901C888FDD0A}] => (Allow) C:\Users\Oriane\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4DD854AE-426B-4C9B-9E2D-2F61F167A550}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe FirewallRules: [{FBD15522-84D9-4A5F-86B5-4E9ADBB12CAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe FirewallRules: [{09B14514-8B49-49F3-8FA5-951E57097C15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe FirewallRules: [{12B41464-17D3-4A60-AB01-C9729DC6C8A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe FirewallRules: [TCP Query User{A410FB37-91AA-4FA7-B804-9A4690E87395}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{B9067D00-DE8A-4959-8E37-4B3A5834DF23}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{05175A58-0E1B-4A9C-B60E-BA68E2035D1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Remember Me\Binaries\Win32\RememberMe.exe FirewallRules: [{BEB901C2-EBCF-4705-813C-B17CEF50F1C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Remember Me\Binaries\Win32\RememberMe.exe FirewallRules: [{DA38FBA3-1C10-4783-9BAD-B9229E9F0066}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{356522EB-3A9C-4AFC-B3D3-D6FF3E21E118}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{979D024F-E6DF-4632-AE91-BB9880AE0529}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{CEC43EE6-118D-40E1-843F-1C20F1935188}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [TCP Query User{F542E627-6007-49AD-BA15-D3BEDA29E144}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{30B44C17-5A00-4EC3-BB32-F596DBD5EAAF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{7ABC54E6-A4DA-4E38-A07D-0DAA58FE75F6}C:\program files\soulseekqt\soulseekqt.exe] => (Allow) C:\program files\soulseekqt\soulseekqt.exe FirewallRules: [UDP Query User{0D4D7175-9E21-4AE0-81A4-BB69D9AC79E0}C:\program files\soulseekqt\soulseekqt.exe] => (Allow) C:\program files\soulseekqt\soulseekqt.exe FirewallRules: [TCP Query User{4A22C20A-D1ED-4ED6-8585-87801F938250}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{0BBC878D-5D34-41F1-8C4E-DE97B851A8A4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{C9A9B442-B9EA-47BD-8364-0E8A0DC2C492}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe FirewallRules: [{8D5D8868-037A-48BC-BFC5-0C0DF5B1DC8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe FirewallRules: [TCP Query User{B9E14EA6-756C-49BC-BE0B-667734F6F25A}C:\users\oriane\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\oriane\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{C07CF099-B845-4A59-B863-26F9BE154659}C:\users\oriane\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\oriane\appdata\local\popcorn time\nw.exe FirewallRules: [{ABC73B55-B0D2-444D-A025-0900455D3846}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{0C56400F-20C1-465B-9034-F1791CAD2D1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [TCP Query User{8CAAC172-3882-444A-A228-B010E21E0073}C:\users\oriane\appdata\local\popcorn time\nw.exe] => (Block) C:\users\oriane\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{9F126B81-4FE6-4163-85E9-CC07B169439D}C:\users\oriane\appdata\local\popcorn time\nw.exe] => (Block) C:\users\oriane\appdata\local\popcorn time\nw.exe FirewallRules: [{BB3D3DD4-0909-4246-AAA3-3F3D418EDCA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Another World\anowor.exe FirewallRules: [{0739DACC-116E-4D86-B6EB-64264F6AFB5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Another World\anowor.exe ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Atheros AR3012 Bluetooth 4.0 + HS Description: Atheros AR3012 Bluetooth 4.0 + HS Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Atheros Communications Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (09/09/2015 10:04:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/08/2015 03:53:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/08/2015 02:43:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/07/2015 04:11:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/07/2015 02:55:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante vlc.exe, version : 2.2.1.0, horodatage : 0x00000004 Nom du module défaillant : libqt4_plugin.dll, version : 2.2.1.0, horodatage : 0x00020002 Code d’exception : 0x40000015 Décalage d’erreur : 0x007ca10a ID du processus défaillant : 0x17ac Heure de début de l’application défaillante : 0xvlc.exe0 Chemin d’accès de l’application défaillante : vlc.exe1 Chemin d’accès du module défaillant: vlc.exe2 ID de rapport : vlc.exe3 Error: (09/07/2015 02:06:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/06/2015 04:40:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 05:52:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 01:03:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/04/2015 08:16:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Erreurs système: ============= Error: (09/09/2015 10:03:15 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 16:12:37 le ‎08/‎09/‎2015 n’était pas prévu. Error: (09/07/2015 04:56:39 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/07/2015 04:09:19 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 16:07:40 le ‎07/‎09/‎2015 n’était pas prévu. Error: (09/05/2015 02:28:17 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/05/2015 01:01:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Intel(R) Dynamic Application Loader Host Interface Service n’a pas pu démarrer en raison de l’erreur : %%1053 Error: (09/05/2015 01:01:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Intel(R) Dynamic Application Loader Host Interface Service. Error: (09/03/2015 05:46:22 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/03/2015 05:04:29 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Le maître explorateur a reçu une annonce de serveur de l’ordinateur MACBOOK-182DFE qui pense qu’il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{D508E646-3FDF-4700-A6E6-3A5D4477F55E}. Le maître explorateur s’arrête ou une élection est provoquée. Error: (09/03/2015 04:35:10 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Le maître explorateur a reçu une annonce de serveur de l’ordinateur PC-UTILISATEUR qui pense qu’il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{D508E646-3FDF-4700-A6E6-3A5D4477F55E}. Le maître explorateur s’arrête ou une élection est provoquée. Error: (09/03/2015 04:04:02 PM) (Source: DCOM) (EventID: 10016) (User: Oriane-PC) Description: par défaut de l’ordinateurLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Oriane-PCOrianeS-1-5-21-3905478184-3407929709-2893840352-1000LocalHost (utilisation de LRPC) Microsoft Office: ========================= Error: (09/09/2015 10:04:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/08/2015 03:53:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/08/2015 02:43:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/07/2015 04:11:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/07/2015 02:55:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: vlc.exe2.2.1.000000004libqt4_plugin.dll2.2.1.00002000240000015007ca10a17ac01d0e96c6f02e631C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dllb3de4ac7-555f-11e5-a675-b87fd5ff2504 Error: (09/07/2015 02:06:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/06/2015 04:40:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 05:52:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 01:03:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/04/2015 08:16:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity: =================================== Date: 2015-08-28 15:44:57.391 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\Oriane\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-08-28 15:44:57.359 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\Oriane\AppData\Local\Temp\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Pourcentage de mémoire utilisée: 44% Mémoire physique - RAM - totale: 3989.53 MB Mémoire physique - RAM - disponible: 2201.33 MB Mémoire virtuelle totale: 7977.26 MB Mémoire virtuelle disponible: 5652.47 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:907.59 GB) (Free:581.07 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: A44E69F2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=907.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=23.8 GB) - (Type=27) ==================== Fin de Addition.txt ============================