Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Exécuté par Erwan (03-04-2017 04:08:37) Exécuté depuis C:\Users\Ryusa\Desktop Windows 10 Home Version 1607 (X64) (2017-02-13 15:13:35) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3575403572-133319268-855585454-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3575403572-133319268-855585454-503 - Limited - Disabled) Erwan (S-1-5-21-3575403572-133319268-855585454-1002 - Administrator - Enabled) => C:\Users\Ryusa Invité (S-1-5-21-3575403572-133319268-855585454-501 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-3575403572-133319268-855585454-1002\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.) Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-3575403572-133319268-855585454-1002\...\Akamai) (Version: - Akamai Technologies, Inc) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) Boost mode manager (HKLM-x32\...\{17154B8D-5829-4ED5-A120-2E03DC6FB0C6}) (Version: 1.0.0.1 - RSUPPORT) Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - ) Catalyst Control Center Next Localization BR (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) Dofus (HKU\S-1-5-21-3575403572-133319268-855585454-1002\...\2744A393-554C-4E35-A24F-DEF0392B4484-2) (Version: - Ankama) Dragomon Hunter (HKLM\...\Steam App 356330) (Version: - X-Legend) EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11196 - Realtek Semiconductor Corp.) Elsword 1.0 (HKLM-x32\...\Elsword_fr_is1) (Version: 1.0 - Gameforge4d) Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.26.2.4 - SCS Software) Fable - The Lost Chapters (HKLM-x32\...\InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}) (Version: 1.00.0000 - Microsoft Game Studios) Fable - The Lost Chapters (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Fiesta Online (HKLM\...\Steam App 280620) (Version: - Onson Soft) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) FreeStyle Football (HKLM\...\Steam App 568810) (Version: - Joycity) Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - ) GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Krosmaga (HKU\S-1-5-21-3575403572-133319268-855585454-1002\...\5FF85AF0-CE53-4D51-815F-52DA47E3FF9A-2) (Version: - Ankama) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.5222.01 - CyberLink Corp.) Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Lenovo PowerDVD12 (x32 Version: 12.0.5709.60 - CyberLink Corp.) Hidden Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo) Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo) Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.071.04 - Lenovo) LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden Les Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.) Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) Manuels d'utilisateur (x32 Version: 6.0.0.0 - Lenovo) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - ) Microsoft Age of Empires II : The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - ) Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.7870.2031 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3575403572-133319268-855585454-1002\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.21.5.2 - RSUPPORT) Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - ) No More Room in Hell (HKLM\...\Steam App 224260) (Version: - No More Room in Hell Team) Nostale(FR) (HKLM-x32\...\NosTale(FR)_is1) (Version: - Gameforge 4D GmbH) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.0 - OBS Project) OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Nom de votre société) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10243 - Qualcomm Atheros) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros) REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7738 - Realtek Semiconductor Corp.) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo) Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.) Sparkle 2 Evo (HKLM\...\Steam App 253650) (Version: - ) SpellForce 2 - Shadow Wars (HKLM-x32\...\{1A4E47DC-6701-4A85-AA16-C1F99A44598C}) (Version: 1.00.0000 - Nom de votre société) SpellForce 2 - Shadow Wars (HKLM-x32\...\{27223691-82E0-4C93-87D9-02C0B0D3D783}) (Version: 2.1.0001 - Nom de votre société) SpellForce 2 Update v1.02 (HKLM-x32\...\SpellForce 2 Update v1.02) (Version: - ) Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve) The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft) User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) VEGAS Pro 14.0 (64-bit) (HKLM\...\{99FD8D80-BE54-11E6-98F7-BE9B4130C4C9}) (Version: 14.0.211 - VEGAS) Wakfu (HKU\S-1-5-21-3575403572-133319268-855585454-1002\...\1F4715F1-86E7-4450-AA9A-13ADBF14BED1-2) (Version: - Ankama) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - ) XIII (HKLM-x32\...\GOGPACKXIII_is1) (Version: 2.0.0.11 - GOG.com) Zula Europe (HKLM\...\Steam App 513650) (Version: - Madbyte Games) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3575403572-133319268-855585454-1002_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe (Lenovo Group Limited) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {00BA4FB6-1F90-4874-8A32-A0BECDBDC41B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fa13b184-359c-4f9f-9e8d-2a94269de96c => powershell.exe -nologo -noninteractive "& {New-Item -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\fa13b184-359c-4f9f-9e8d-2a94269de96c -type directory -force;$conter=Get-Date;$conter=$conter.ToUniversalTime();Set-ItemProperty -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\f (l'élément de données a 73 caractères en plus). Task: {064591E5-7C9F-49AF-9369-32A52F2C6652} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ec19b814-e646-4297-acce-4c67d2460988 => powershell.exe -nologo -noninteractive "& {New-Item -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\ec19b814-e646-4297-acce-4c67d2460988 -type directory -force;$conter=Get-Date;$conter=$conter.ToUniversalTime();Set-ItemProperty -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\e (l'élément de données a 73 caractères en plus). Task: {154D42FB-8EA9-4F2B-955B-4C994CB9002C} - System32\Tasks\Erwan => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Erwan /t REG_SZ /d "explorer.exe hxxp://kb-ribaki.org" <==== ATTENTION Task: {1A8D1A30-649F-4562-9D1C-3CC37694714F} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {2076B72A-5F20-4450-8CDD-A68C08E3D765} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation) Task: {2761C662-ADC7-4B4B-9CE1-506B234D2226} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService Task: {4DC17B46-032A-488A-B2D1-047A79E02AA3} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2016-04-22] (CyberLink Corp.) Task: {5BBBB551-A9DA-4FBB-A77B-EC80488B1E98} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation) Task: {61B75C45-5DB7-480C-8980-E7EB238990F7} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] () Task: {6363ECE5-DFB7-4962-AD69-5D1E0D88CE09} - System32\Tasks\{4AC2D39D-4D74-4462-BDB5-2D8D448F81D4} => launchwinapp.exe hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.32.0.104&LastError=12002 Task: {6622F943-81BE-4927-9C36-CAC2A203B848} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo) Task: {6953D3BE-CB78-4035-B985-3826E8B8576B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15] (Adobe Systems Incorporated) Task: {6A36B8C7-28A1-4DA8-B7F7-5DBACAE39F0F} - System32\Tasks\{1F164D5D-E0DE-487A-99DD-E483A89956CA} => pcalua.exe -a E:\autorun.exe -d E:\ Task: {6CFFEE17-BF5A-4258-B5D0-675095D1FB33} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo) Task: {6EDB227F-0ECF-49B3-8C49-47B729DA4DD8} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-02-10] (Advanced Micro Devices, Inc.) Task: {9C1B8F13-E8B6-4D43-AC5F-83AF779C3EC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-12] (Google Inc.) Task: {AA677688-9B9B-4E16-97DB-4DE3D9AE855A} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo) Task: {C064CE95-6111-42A2-A133-CAFA39B3A943} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo) Task: {D81B22D9-695C-412B-BC0C-122F98889F13} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-03-15] (Adobe Systems Incorporated) Task: {E63F4280-DBA8-4053-9B7C-53122370BF67} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-09-11] (CyberLink Corp.) Task: {E7C0A18A-D888-482A-9088-CD76E3A97C08} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {EB7FE8DD-8E62-4B88-819F-F76DCC686131} - System32\Tasks\{E76EF684-3490-4D1F-B8DE-C353B8DABF1D} => launchwinapp.exe hxxps://ui.skype.com/ui/0/7.32.0.104/fr/abandoninstall?source=lightinstaller&page=tsInstall Task: {F32A9E68-F35E-41B0-9D0E-46F9766D4734} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo) Task: {F3E2F1DE-0830-48F3-98AB-BB683139D599} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-12] (Google Inc.) Task: {FA579B83-7DE6-4FD9-852A-54359CD01FA4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-26] (Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-03-15 15:43 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-03-31 23:03 - 2017-03-24 04:09 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-03-31 23:03 - 2017-03-24 04:10 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-03-15 15:43 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2017-03-02 13:10 - 2015-02-27 15:38 - 00721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll 2017-03-15 15:42 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-15 15:42 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-15 15:42 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-03-15 15:42 - 2017-03-04 08:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-03-15 15:42 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-03-15 15:42 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-11-21 08:01 - 2016-11-21 08:01 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 15:45 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-09 22:53 - 2017-03-09 22:54 - 10650112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2017-03-09 22:53 - 2017-03-09 22:54 - 02653184 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2017-03-09 22:53 - 2017-03-09 22:54 - 00761344 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll 2017-03-28 17:19 - 2017-03-28 17:20 - 01668976 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-04-02 22:53 - 2017-04-03 03:53 - 01352192 _____ () C:\Users\Ryusa\Downloads\EJmiB6N87eh_SFTGC.exe 2017-02-12 09:50 - 2017-02-01 11:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-12 09:50 - 2017-02-01 11:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-3575403572-133319268-855585454-1002\...\com -> hxxp://*.Wondershare.com ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-3575403572-133319268-855585454-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ryusa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{b8eeb28f-f113-41bf-b350-6098e7e794e9}.jpg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{AB99A4F6-FA3A-4AD5-9A88-CDB067C70455}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B6B543E6-D57D-4ADD-B325-8A0469D89D70}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{91FED0A5-2F56-43AD-A413-124D7553C76F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F5B26769-0643-4D03-8F30-8FE8596B6FA3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FFC32A3D-B570-4EC3-ADA5-15149F033998}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{0DA00DA1-1277-4BEC-A04A-EEC6393B9B04}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{9B586768-9973-44EC-8A46-50BFDBE1665C}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe FirewallRules: [{B149C2FC-4EC6-483C-A5BA-E280FAC37EED}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe FirewallRules: [{DE7D9B34-845B-497B-B0D3-D2D33CFC1CA9}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{0706ED7D-4745-4ECE-8242-691A0343237E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{C09FADE2-DD94-407B-8B3D-AAED9A1C1BB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{24593514-619F-4359-A5D3-A459F9D84CD9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{4896A53B-7AFF-4E6C-80FD-769AFFA9B319}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{AB80B6E7-9237-4B46-9D14-2D42005F5F8C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{7E90826F-0255-4810-A841-392F53B723F1}C:\users\ryusa\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ryusa\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{ADEFCDA3-E8B8-4AAB-BA94-7F013412457A}C:\users\ryusa\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ryusa\appdata\local\akamai\netsession_win.exe FirewallRules: [{33E99731-DE44-4DC6-BE68-91795B98B2F7}] => (Block) C:\users\ryusa\appdata\local\akamai\netsession_win.exe FirewallRules: [{1DBA24EE-02CB-475B-9865-60B31224C229}] => (Block) C:\users\ryusa\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{1E5ACDEE-8D89-44D9-8F7F-89EB64CDFA71}C:\users\ryusa\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ryusa\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{7F4544B2-84DD-4E80-9937-48D81A86BF82}C:\users\ryusa\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ryusa\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{576DAA7E-1EBB-4152-BF62-D9879EFC9639}] => (Block) C:\users\ryusa\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{2A759908-5C0D-46B1-B485-9B579291BDDE}] => (Block) C:\users\ryusa\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{E2DD239F-D689-48CA-935D-30E967660822}C:\aeriagames\wolfteam-fr\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-fr\wolfteam.bin FirewallRules: [UDP Query User{3A169AE8-7372-4CCA-8B63-B6DBB79CBEF4}C:\aeriagames\wolfteam-fr\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-fr\wolfteam.bin FirewallRules: [{572ECD32-C830-4EC0-B69F-8B50052CA585}] => (Block) C:\aeriagames\wolfteam-fr\wolfteam.bin FirewallRules: [{B0E26485-B80A-4598-A67D-784A83BB019B}] => (Block) C:\aeriagames\wolfteam-fr\wolfteam.bin FirewallRules: [{CC0DD46C-CD91-490C-B566-0FEC641447A3}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [{DAD9EBA7-1679-421B-B13C-EC12F9C7F11D}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\FRA_fra\Elsword\data\x2.exe FirewallRules: [{4BBE8ED1-5DAB-4036-9BD2-8EDA1B0EA506}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\FRA_fra\Elsword\data\x2.exe FirewallRules: [{D085B50E-05CA-453C-A2B9-1381523C1D7B}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{1024165C-1EFB-4CF7-A64E-CFC8CF40B732}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{34B489C0-ACF2-474F-890E-73A3B3E5D441}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{5C9684F2-B050-49C6-8AEC-5955A44B4D6B}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{39EFA092-A973-4C5C-8931-4D3E7A1F6DBD}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{BCEBB806-F419-4B42-B949-F78DED0AAA07}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{0B392F0B-2AB9-48AB-BCB7-0819FA9227BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zula EU\zula_launcher.exe FirewallRules: [{93556973-8E3D-40D0-92C0-7DD5AAA5A67A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zula EU\zula_launcher.exe FirewallRules: [{7B319DB5-7B50-46F9-8F76-931E47F52BB6}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe FirewallRules: [{7D5F3247-B54C-4500-A776-893415A6F08A}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe FirewallRules: [{240D35F4-2373-49CA-9E51-02D274F75D4A}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe FirewallRules: [{506BFE94-2377-4620-9FBC-F5E05B899352}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe FirewallRules: [TCP Query User{DE84FB0B-1CE6-4071-8528-4A4CDE92C762}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe FirewallRules: [UDP Query User{6760BBDE-D4EF-409A-B6DE-23FAC5968F73}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe FirewallRules: [{B0C2582C-EEA0-439E-86BD-FDA8A50C6DFC}] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe FirewallRules: [{6BC6EC0F-0DF6-4913-99C7-564821DEBC09}] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe FirewallRules: [{C77B1894-86B7-4852-B6AE-0D6FE9EC8817}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{DFCC9A6B-59BC-4100-A1F2-037F3DD2FECD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparkle2\sparkle2evo.exe FirewallRules: [{8F1EBCCD-F1B2-4F72-AD02-5D7A07F63942}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sparkle2\sparkle2evo.exe FirewallRules: [{FAE13DC8-BF2D-4459-A952-A17D8B5D28CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe FirewallRules: [{0A860594-A827-4B2D-83AB-85009E77AADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe FirewallRules: [TCP Query User{841CB420-EB29-4AA5-8271-D49A4BE5631C}C:\users\ryusa\desktop\human\binaries\win64\human.exe] => (Allow) C:\users\ryusa\desktop\human\binaries\win64\human.exe FirewallRules: [UDP Query User{8A93A0AC-621B-4107-8018-E68B7C0B660A}C:\users\ryusa\desktop\human\binaries\win64\human.exe] => (Allow) C:\users\ryusa\desktop\human\binaries\win64\human.exe FirewallRules: [{0FCC4894-7BD1-4721-A903-792D8C449793}] => (Block) C:\users\ryusa\desktop\human\binaries\win64\human.exe FirewallRules: [{B2F041A1-F787-40EF-B31E-8B526355F353}] => (Block) C:\users\ryusa\desktop\human\binaries\win64\human.exe FirewallRules: [{0AEA5ACE-1070-47D2-AC73-0DC8AAD5429B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe FirewallRules: [{57EC2BCC-9749-4E2A-9259-C35C7961CA67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe FirewallRules: [{011C23DD-43A4-41A3-95C5-4D804F3AC243}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe FirewallRules: [{C88A1A0D-8116-4B04-ABAF-AF6FA8BEE1B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gotham City Impostors F2P\Engine.exe FirewallRules: [{A833A23D-B778-4920-882D-6CD053498129}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe FirewallRules: [{2E4731BA-1DCB-4F19-89C1-C2634ECADAA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe FirewallRules: [TCP Query User{F612D655-5F7E-48EC-83EB-DF6167B6295A}C:\program files (x86)\euro truck simulator 2\bin\win_x86\online_updater.updated] => (Allow) C:\program files (x86)\euro truck simulator 2\bin\win_x86\online_updater.updated FirewallRules: [UDP Query User{C703C7CE-8AC4-4C83-8A78-44F1EBB4B00C}C:\program files (x86)\euro truck simulator 2\bin\win_x86\online_updater.updated] => (Allow) C:\program files (x86)\euro truck simulator 2\bin\win_x86\online_updater.updated FirewallRules: [{4C36A600-CCCE-4892-A2D3-51FD52BD8666}] => (Block) C:\program files (x86)\euro truck simulator 2\bin\win_x86\online_updater.updated FirewallRules: [{98C01270-FAFD-404F-A1E6-DBC0B87C2434}] => (Block) C:\program files (x86)\euro truck simulator 2\bin\win_x86\online_updater.updated FirewallRules: [TCP Query User{C3614852-6B78-40A9-B2B5-BA7CFA16D5FF}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex FirewallRules: [UDP Query User{53AEB000-3F01-4DFC-8E45-E6006CAA4498}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex FirewallRules: [{8653724B-2E64-4DD5-B810-CEE2195ECC8C}] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex FirewallRules: [{A2AEF575-3C92-41CA-BE58-AD7BD5AA9F15}] => (Block) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex FirewallRules: [TCP Query User{E609F678-A604-45A1-9725-E3610B229BA7}C:\program files (x86)\car mechanic simulator 2015\cms2015.exe] => (Block) C:\program files (x86)\car mechanic simulator 2015\cms2015.exe FirewallRules: [UDP Query User{F9DE9F9B-9EA4-4188-A7FA-771E1BC0C480}C:\program files (x86)\car mechanic simulator 2015\cms2015.exe] => (Block) C:\program files (x86)\car mechanic simulator 2015\cms2015.exe FirewallRules: [{1A382B28-8ADB-4466-B100-AE4A17542507}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{9A9E1272-30E3-4B9B-AD98-5B66A862D5EC}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{234CF499-67D0-461F-97EB-2D23D68F618D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A310BE88-F57D-43A0-9054-D21A1B5A4A21}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{7480ADEA-68C6-4EEF-A943-B2394F178FD1}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{51ACC650-427E-42BE-8081-D3F9F1877F49}C:\gog games\xiii\system\xiii.exe] => (Allow) C:\gog games\xiii\system\xiii.exe FirewallRules: [UDP Query User{0A0136DB-FDE7-4EBF-ABF9-9F7595B0175A}C:\gog games\xiii\system\xiii.exe] => (Allow) C:\gog games\xiii\system\xiii.exe FirewallRules: [{EB1F0D39-621E-4FBC-8632-D22B8B02019B}] => (Block) C:\gog games\xiii\system\xiii.exe FirewallRules: [{59A2E416-7B66-4D75-81B3-8727CD516783}] => (Block) C:\gog games\xiii\system\xiii.exe FirewallRules: [{EAC2E52B-5412-4E5D-A022-95D1DEDB5062}] => (Allow) C:\Users\Ryusa\AppData\Local\Temp\QQVipDownloader\mhfc_1484641638_94813\MiniQQDL.exe FirewallRules: [{BC9B00B3-96C0-48E5-93C7-C34831F42412}] => (Allow) C:\Users\Ryusa\AppData\Local\Temp\QQVipDownloader\mhfc_1484641638_94813\MiniQQDL.exe FirewallRules: [TCP Query User{513EB128-2372-458A-938C-D278410E9965}C:\users\ryusa\appdata\local\temp\qqvipdownloader\mhfc_1484641638_94813\teniodl.exe] => (Allow) C:\users\ryusa\appdata\local\temp\qqvipdownloader\mhfc_1484641638_94813\teniodl.exe FirewallRules: [UDP Query User{19D6C5D6-D97F-40DA-8F7F-91F756054800}C:\users\ryusa\appdata\local\temp\qqvipdownloader\mhfc_1484641638_94813\teniodl.exe] => (Allow) C:\users\ryusa\appdata\local\temp\qqvipdownloader\mhfc_1484641638_94813\teniodl.exe FirewallRules: [{62EA2271-AEA5-4F47-AFDC-E2F3F129189E}] => (Block) C:\users\ryusa\appdata\local\temp\qqvipdownloader\mhfc_1484641638_94813\teniodl.exe FirewallRules: [{099A67C0-6FA9-4916-B7F1-D605BBDE12A8}] => (Block) C:\users\ryusa\appdata\local\temp\qqvipdownloader\mhfc_1484641638_94813\teniodl.exe FirewallRules: [{D2E8C011-DE19-4C04-B815-877612920070}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{E6D63CCA-7ABE-4E7E-A03D-A4068727FC52}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{DC7E2931-0EBD-4AEC-B298-4D2E97872A65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{20934BB0-C0F7-4523-ACFC-2A9E91FF4CA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{3FDB96BF-1FDA-42C3-B246-41CECFC16778}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FreeStyleFootball\Launcher\Launcher.exe FirewallRules: [{B8DA8A81-FB04-4416-91F7-79B950C6DDD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FreeStyleFootball\Launcher\Launcher.exe FirewallRules: [{32D0A805-33BD-4424-BEBC-7247BE8FD73A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragomon Hunter\Launcher.exe FirewallRules: [{6454EB4C-E312-44C1-A086-3280B15C86FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragomon Hunter\Launcher.exe FirewallRules: [{DEC2C215-062F-4171-AD39-5E9BA0515D93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fiesta Online\FiestaOnline.exe FirewallRules: [{A957BF2F-3046-44C0-97C2-BF3891FC71D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fiesta Online\FiestaOnline.exe FirewallRules: [{EE10230A-EC47-4822-9E50-96DD3DC265B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragomon Hunter\Game.bin FirewallRules: [{1BD54267-41FF-4B0C-ADA6-FD33254BB654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragomon Hunter\Game.bin FirewallRules: [TCP Query User{9DE92D06-0A59-461F-8CAF-57FE28020668}C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe FirewallRules: [UDP Query User{47772366-DA71-48E8-A440-98FF2DDD7A9C}C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe FirewallRules: [{87722DBB-27F1-4BB7-B2EF-2A277F8D80FC}] => (Block) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe FirewallRules: [{442B9139-8B32-4887-962F-DA52A3B48803}] => (Block) C:\program files (x86)\steam\steamapps\common\freestylefootball\fsefootball.exe FirewallRules: [TCP Query User{832B5BBC-AE1E-4B81-8E71-E184B401B654}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe FirewallRules: [UDP Query User{33DBE291-7D4A-4140-A301-9612A8024AA6}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe FirewallRules: [{6A6A5BED-7C2E-4896-A6C6-6929805CF8A2}] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe FirewallRules: [{446204BF-150F-4695-AA31-047A588D10AC}] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (04/03/2017 03:56:22 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files\amd\cim\bin64\SetACL64.exe ». Assembly dépendant Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (04/02/2017 11:20:10 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (04/02/2017 11:19:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Error: (04/02/2017 11:18:49 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme FRST64.exe version 15.3.2017.0 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 1314 Heure de début : 01d2abf40adaebc3 Heure de fin : 4294967295 Chemin d'accès de l'application : C:\Users\Ryusa\Desktop\FRST64.exe ID de rapport : f5f99714-17e9-11e7-af33-c85b7651eb1f Nom complet du package défaillant : ID de l'application relative au package défaillant : Error: (04/02/2017 11:00:57 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (04/02/2017 11:00:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Error: (04/02/2017 10:59:54 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {8d9cd367-ba2c-4c62-8c34-a9882362970c} Error: (04/02/2017 10:58:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Error: (04/02/2017 10:57:59 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {8d9cd367-ba2c-4c62-8c34-a9882362970c} Error: (04/02/2017 10:43:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP-JDR99EGI) Description: Le package Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge a été interrompu, car sa suspension a été trop longue. Erreurs système: ============= Error: (04/02/2017 11:19:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service System Interface Foundataion Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 20 millisecondes : Redémarrer le service. Error: (04/02/2017 11:19:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 3 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (04/02/2017 11:19:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de façon inattendue pour la 3ème fois. Error: (04/02/2017 11:19:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Spouleur d’impression s’est terminé de façon inattendue pour la 3ème fois. Error: (04/02/2017 10:59:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service System Interface Foundataion Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 20 millisecondes : Redémarrer le service. Error: (04/02/2017 10:59:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (04/02/2017 10:59:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (04/02/2017 10:59:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Spouleur d’impression s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service. Error: (04/02/2017 10:57:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service CCSDK s’est terminé de façon inattendue pour la 1ème fois. Error: (04/02/2017 10:57:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service GDCAgent s’est terminé de façon inattendue pour la 1ème fois. ==================== Infos Mémoire =========================== Processeur: AMD E2-7110 APU with AMD Radeon R2 Graphics Pourcentage de mémoire utilisée: 64% Mémoire physique - RAM - totale: 3490.6 MB Mémoire physique - RAM - disponible: 1238.47 MB Mémoire virtuelle totale: 5474.6 MB Mémoire virtuelle disponible: 2907.2 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:421.04 GB) (Free:172.48 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.94 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 74D67917) Partition: GPT. ==================== Fin de Addition.txt ============================