Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20-08-2017 Exécuté par ac (20-08-2017 17:08:20) Exécuté depuis C:\Users\ac\Desktop Windows 8.1 (Update) (X64) (2014-10-26 00:16:15) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= ac (S-1-5-21-1975831795-1492635413-771006052-1002 - Administrator - Enabled) => C:\Users\ac Administrateur (S-1-5-21-1975831795-1492635413-771006052-500 - Administrator - Disabled) Invité (S-1-5-21-1975831795-1492635413-771006052-501 - Limited - Disabled) UpdatusUser (S-1-5-21-1975831795-1492635413-771006052-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 372.54 - NVIDIA Corporation) Hidden Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CrystalDiskInfo 7.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World) Curse Client (HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd) Dungeon Siege 2 (HKLM-x32\...\DungeonSiege2) (Version: - Microsoft) Dungeon Siege 2 Broken World (HKLM-x32\...\{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}) (Version: 1.00.0000 - Gas Powered Games) Elys DS2 Succubus Manager (HKLM-x32\...\{CD3B6412-A633-4F1C-8CAE-4A3F87AA6C6F}) (Version: 30 - Elys) ESET NOD32 Antivirus (HKLM\...\{EFE0D2EA-DDC6-417B-A380-745BA2D9CC03}) (Version: 10.1.204.1 - ESET, spol. s r.o.) GD Defiler (HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\eb52a1e1a73b9708) (Version: 0.1.1.5 - Soul's Software) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Driver Update Utility 2.5 (HKLM-x32\...\{8EF465B2-1D08-4CA2-8ACC-1911B573725D}) (Version: 2.5.0.22 - Intel) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation) Intel(R) Product Improvement Program (HKLM-x32\...\{5859045D-9DED-4776-9930-C9461AB2FF12}) (Version: 2.1.27.3 - Intel) Hidden Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) K-Lite Codec Pack 10.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - ) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft SkyDrive (HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mises à jour NVIDIA 24.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 24.0.0.0 - NVIDIA Corporation) Hidden Mumble 1.2.7 (HKLM-x32\...\{1FC198EF-5C3F-4C2A-99AC-22DE9B3FBFDE}) (Version: 1.2.7 - Thorvald Natvig) Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: - ) NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Pilote graphique 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation) Oracle VM VirtualBox 5.0.20 (HKLM\...\{8209969B-9A31-4021-B0D8-E6F719F7F995}) (Version: 5.0.20 - Oracle Corporation) Panneau de configuration NVIDIA 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 372.54 - NVIDIA Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 6.8 - Power Software Ltd) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0360 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Titan Quest Anniversary Edition (HKLM-x32\...\Titan Quest Anniversary Edition_is1) (Version: - ) Visual Studio 2005 Tools pour Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1-2) (Version: 1.0.11.1 - LunarG, Inc.) Warcraft Logs Uploader (HKLM-x32\...\{9F498C97-EDFC-AB5C-BDBD-6CAE8711E5D0}) (Version: 4.30 - UNKNOWN) Hidden Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 4.30 - UNKNOWN) WinISO (HKLM-x32\...\WinISO) (Version: 6.4.1.6137 - WinISO Computing Inc.) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1975831795-1492635413-771006052-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1975831795-1492635413-771006052-1002_Classes\CLSID\{89ab12ca-4130-46b1-a5a9-dc4622c23214}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1975831795-1492635413-771006052-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\ac\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1975831795-1492635413-771006052-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\ac\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1975831795-1492635413-771006052-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\ac\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1975831795-1492635413-771006052-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\ac\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> Pas de fichier ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> Pas de fichier ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> Pas de fichier ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2013-01-25] (Qualcomm Atheros Commnucations) ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-07-20] (ESET) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd) ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxShlex.dll [2014-09-06] (Alcohol Soft Development Team) ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxShlEx64.dll [2014-09-06] (Alcohol Soft Development Team) ContextMenuHandlers2-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-07-20] (ESET) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-01-25] (Qualcomm Atheros Commnucations) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-10-03] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-11] (NVIDIA Corporation) ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-07-20] (ESET) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd) ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {02E3E749-3ABB-411E-B180-CE045549C82D} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {048EDF98-5395-4B4A-A4AE-0C01C2AD25C5} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2013-02-08] () Task: {0DB334BF-6987-4E2B-96BE-3EBC5CB50E24} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink) Task: {0E07DF05-BA35-498C-9D2B-A1970276BE0B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-28] (NVIDIA Corporation) Task: {104289F3-9F5D-4427-8391-8044150863E6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-03-28] (NVIDIA Corporation) Task: {11C89C7B-360A-4792-B76D-CDB0A2E0A68E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-28] (NVIDIA Corporation) Task: {189B4933-7750-4AF0-BE48-CDF630061C0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-09] (Adobe Systems Incorporated) Task: {2DF35798-A604-4294-AE40-6EA4C57BF1E1} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs" Task: {3869814D-0CE0-49EA-A237-5CAD05D75956} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {3F04E017-9889-4F56-932F-6D70479395FA} - System32\Tasks\{9A40116C-F11E-4DD0-A5B3-A10D896F0AE0} => C:\Windows\system32\pcalua.exe -a "C:\Users\ac\AppData\Roaming\1H1Q\Download Manager Packages\uninstaller.exe" -c /Uninstall /NM="Download Manager Packages" /AN="1H1Q" /MBN="Download Manager Packages" Task: {4365F39A-D3ED-45F7-AFA3-1D93B4927D99} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.) Task: {48B146FB-C4FD-46C3-8048-C6B3ED403889} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {4A607DCB-9D84-4C5A-9803-F054B4521DB5} - System32\Tasks\{3CD61724-4B27-4E42-BF19-933623F7BCC7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\McAfee\MSC\mcuihost.exe" -c /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall Task: {51D2F119-5D8D-4D65-B3B3-64E8361A757D} - System32\Tasks\avastBCLRestartS-1-5-21-1975831795-1492635413-771006052-1002 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Task: {6C52B097-F98C-4180-9517-62C58E1CBD81} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation) Task: {821453E6-0E72-4560-8BE6-D7FF27264BA9} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2013-02-08] () Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {972E839B-849C-4E34-9B06-255B9ACFA0DE} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-15] (Acer Incorporate) Task: {A86253F3-A12F-41A6-8E28-AA218B4BCCC4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation) Task: {B12F067A-588A-4A9A-AF6E-1BA2724B6802} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe Task: {B861C79E-04C5-4C98-B503-91E4313982FD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe Task: {BE934231-0371-44A7-B6EA-3D7DE73E8720} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation) Task: {DC5596F4-C4A3-491B-A988-91990990AF26} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.) Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] () Task: {E57F8F1E-E0F8-4AD7-B475-9EE029454801} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {F08A67E0-3602-4416-AA59-BEB6B9900F18} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.) Task: {F4D1FF7C-A67F-49E7-93EF-3120BEE6AEC1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated) Task: {F6AED8C8-FC54-4988-9DD4-1D7F30FBCE0F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation) Task: {F7CAFEC0-25A2-4A23-A881-54B136A5E7F1} - System32\Tasks\{9B136836-E4AF-49FF-B603-D2F0B8A457A8} => C:\Windows\system32\pcalua.exe -a C:\Users\ac\Downloads\SkypeSetupFull.exe -d C:\Users\ac\Downloads (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1975831795-1492635413-771006052-1002Core.job => C:\Users\ac\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\OWST.job => C:\Users\ac\AppData\Roaming\OWST.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\RJIIB.job => C:\Users\ac\AppData\Roaming\RJIIB.exe <==== ATTENTION ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\ac\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com ==================== Modules chargés (Avec liste blanche) ============== 2016-08-17 20:27 - 2016-08-11 13:49 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-09-29 05:07 - 2016-09-29 05:07 - 000031248 _____ () C:\WINDOWS\System32\us005lm.dll 2017-05-05 19:04 - 2017-03-28 05:33 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-03-09 20:43 - 2016-03-09 20:43 - 000118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe 2013-01-25 00:09 - 2013-01-25 00:09 - 000011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-01-25 00:05 - 2013-01-25 00:05 - 000084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll 2014-10-03 17:36 - 2014-10-03 17:36 - 000457616 _____ () C:\Windows\System32\igfxTray.exe 2013-01-25 00:12 - 2013-01-25 00:12 - 000012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2013-02-08 23:24 - 2013-02-08 23:24 - 000025672 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe 2013-02-08 23:24 - 2013-02-08 23:24 - 000044616 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe 2013-03-13 17:52 - 2013-03-13 17:52 - 004149832 _____ () C:\Program Files (x86)\Acer\Live Updater\updater.exe 2014-07-31 12:16 - 2014-07-31 12:16 - 000073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 001044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2017-07-19 23:14 - 2016-09-13 13:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2017-07-19 23:14 - 2016-09-13 13:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2017-07-19 23:14 - 2016-09-13 13:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2017-07-19 23:14 - 2017-05-12 10:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2017-05-05 19:04 - 2017-03-28 05:33 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2013-07-24 06:47 - 2013-01-23 09:57 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-05-05 19:04 - 2017-03-21 06:27 - 002442176 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-05-05 19:04 - 2017-03-21 06:27 - 000363576 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-05-05 19:04 - 2017-03-21 06:27 - 000254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-05-05 19:04 - 2017-03-21 06:27 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-05-05 19:04 - 2017-03-21 06:27 - 000469048 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-05-05 19:05 - 2017-03-21 06:27 - 000571840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\ma-config.com -> hxxp://ma-config.com IE trusted site: HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\ma-config.com -> hxxps://ma-config.com IE trusted site: HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\touslesdrivers.com -> hxxp://touslesdrivers.com ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-1975831795-1492635413-771006052-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\ac\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 208.67.222.222 - 208.67.220.220 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "Norton Online Backup" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "SDTray" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\StartupFolder: => "Curse.lnk" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "GarminExpressTrayApp" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "Facebook Update" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "BingSvc" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "AlcoholAutomount" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "EA Core" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1975831795-1492635413-771006052-1002\...\StartupApproved\Run: => "Spotify" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{323E50C6-98D8-4916-AAEB-F9440812A794}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{46F9D2ED-8DF7-4C2A-958B-70C4848C6093}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{85490E0E-D7C4-45DD-8CFB-2B4038EDC3B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4B7CEBC9-70C1-47A7-BBB9-ECDAEE25C252}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CC9E6494-5288-4458-AE20-0357DA577E92}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{73861393-95A3-42F1-ABBD-0582C0A37076}] => (Allow) C:\Users\ac\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{708D609C-684E-4371-8CDC-F49EDF8F9362}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{7858EDC0-000E-4C25-8B52-1848B3826379}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{40CAD801-1787-4E18-9F3E-4BDFFC799335}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{51A111BE-4FBD-40A4-89BB-20BC6D913873}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{675F4272-A0D4-4BAE-A996-64491BCC7914}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{4F8B7518-0623-4188-A24D-D4EB945077DC}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{4E145A91-E867-48AE-AC82-FBA9E28CF2A1}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{BC2536DA-94DB-460B-BE42-4BB96D725057}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{67617221-7B26-4E55-A0DA-8E4A5AFE46F6}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [UDP Query User{37F0D3B2-A504-4948-90A9-7E24C9DFE5F7}C:\program files (x86)\supertec\iconsole.exe] => (Allow) C:\program files (x86)\supertec\iconsole.exe FirewallRules: [TCP Query User{6E923DC4-5EFA-4678-A816-CA32525AB669}C:\program files (x86)\supertec\iconsole.exe] => (Allow) C:\program files (x86)\supertec\iconsole.exe FirewallRules: [UDP Query User{96769C63-3B15-4FE6-B191-BAE4E994A749}C:\program files (x86)\supertec\iscreen\iscreenmonitor.exe] => (Allow) C:\program files (x86)\supertec\iscreen\iscreenmonitor.exe FirewallRules: [TCP Query User{71C5D303-47AE-45E5-A00D-4B32B529A997}C:\program files (x86)\supertec\iscreen\iscreenmonitor.exe] => (Allow) C:\program files (x86)\supertec\iscreen\iscreenmonitor.exe FirewallRules: [{57A47F89-397D-4674-86D3-D7C7CE19DCEB}] => (Allow) LPort=5800 FirewallRules: [{4D23005B-2522-43A2-8857-C949FB79CA94}] => (Allow) LPort=5900 FirewallRules: [{7A643362-88CB-41C0-80A5-C29A659F8BDD}] => (Block) C:\Program Files (x86)\Supertec\iScreen\iScreenMonitor.exe FirewallRules: [{686A3762-6C85-488E-8C3F-97AE994AF900}] => (Block) C:\Program Files (x86)\Supertec\iScreen\iScreenMonitor.exe FirewallRules: [{2145F6BE-8845-4ACF-B559-CE7F9A124DC1}] => (Block) C:\Program Files (x86)\Supertec\iConsole.exe FirewallRules: [{133FD3C1-1234-4979-BA83-EF4F5CE6245E}] => (Block) C:\Program Files (x86)\Supertec\iConsole.exe FirewallRules: [{8ECD0BEF-C632-47FC-B253-44DA503383F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe FirewallRules: [{7A600FCC-3D1D-4963-8A3B-A3BA1E6FF92E}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe FirewallRules: [{F293A022-7724-4B74-8829-E0EF8A13BE55}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe FirewallRules: [{42860A8D-8EEA-4C40-8117-78B20EC49491}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe FirewallRules: [{E0E95B99-EBB4-4E41-8E51-228788E080EE}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{32FDF7FC-524A-4A39-A804-44773C3D7C6F}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{647D657F-1D4F-42AA-9B2F-137A633D623F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{B0150C81-A35D-4594-98EE-2FA16C719A22}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{F3A06305-0B63-467B-9540-95260D4524B0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{CD387455-0ED5-4475-8CC4-9A074DB7305A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{3BC9BC07-AEA0-4E77-8513-24BF84FFC307}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe FirewallRules: [{3D74E816-3FD0-4A1C-80E4-5247E76AEC79}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{1AD41EC7-A1E1-4FA4-8C3E-8AB25FBA0ECD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{9D373F91-E322-4AE4-992B-864A6387A1B4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{120EA526-261E-4576-B789-7EED3F27406E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{A1BB9B59-879B-4EEE-98CE-F9F8216228A2}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{7DA8A1D5-94A4-4BF0-9A11-07CFB414DB9A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{41781E49-E131-4F41-BA2F-E4A6BDD34560}] => (Allow) LPort=48113 FirewallRules: [{018F9CF5-2E25-42D8-B600-2073202E2F9B}] => (Allow) LPort=48114 FirewallRules: [{58908A68-2878-4B7E-B72B-33204952CA74}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{29B0273F-89A1-40B5-A01B-F13C18BE7700}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [TCP Query User{63F9CE9D-3489-419D-8839-7930812590C7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{EE0069E8-C7CE-4C3F-83FD-EFBA9CD67C8F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{1B08D421-2699-45FF-ADEA-898429E8F381}] => (Allow) C:\Program Files (x86)\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe FirewallRules: [{4B414D75-5F9C-4AA9-9238-37BCF5638848}] => (Allow) C:\Program Files (x86)\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe FirewallRules: [{629C48D7-DEF1-4BAE-BB73-A9FDC98C4E78}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{7C63D469-E778-4852-A49D-97065A330EA7}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [TCP Query User{531751E2-E090-41B0-B60A-9E4C50AE5F5B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{EE6D5065-8D02-416F-B7BD-D8C853C1C1A4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{9BC57DD7-67DF-4177-BED2-16A33C8F8689}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{48AD109D-DC4E-42D8-AF65-C893EE829DC1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{8B7354A2-21F4-497A-A7E3-5EA9E8256AFB}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe FirewallRules: [UDP Query User{360CD1C7-F208-4409-8DBA-0762CB5EDB6B}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe FirewallRules: [TCP Query User{8FAD96FE-C7D6-48E6-9DA6-FC7777C4AEC5}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe FirewallRules: [UDP Query User{2C66A7C5-2410-44E5-AAD2-3B1E8BB538A5}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe FirewallRules: [{1F3F534D-8A4D-45B1-BB51-B52E6BF0C18F}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{A585CA9B-4745-4290-AFCB-F9F2CE461A2F}C:\users\ac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ac\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{DB2568EF-377F-46E0-AAB5-A457572013C0}C:\users\ac\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ac\appdata\roaming\spotify\spotify.exe FirewallRules: [{84286149-C126-4F01-B05B-A3724D168A79}] => (Block) C:\users\ac\appdata\roaming\spotify\spotify.exe FirewallRules: [{1888E4EB-4EB5-43A7-B187-3B46C09CB251}] => (Block) C:\users\ac\appdata\roaming\spotify\spotify.exe FirewallRules: [{C0838B07-D00C-4178-B9D7-79916D60ED4A}] => (Allow) C:\Users\ac\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0A26710D-CF20-4C60-BC53-F9B2E5B2BC18}] => (Allow) C:\Users\ac\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{85DF38E4-E4FF-4932-AE8C-D3EE4A21B948}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{35E0D039-15C6-4B3E-B0E9-92A5EC249E61}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{9AE8F146-2CCA-4205-840F-62D79E674414}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{3266DA71-62F7-4520-B9AE-64933DFAD1D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{E20E022E-120A-4E52-97E1-9A353C0DEA37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{E0B9C231-2034-4827-96E4-12A32B1A408F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{1EEAA79D-DA5F-41E4-B871-2EC1D3DD70F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{E8287C7F-3787-4320-A23B-3B50F30C217A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4AF0E7AB-9701-4C2D-BBD7-284F98B558F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{76B547BB-4476-4226-84FE-A3ECDFF4C272}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Points de restauration ========================= 13-09-2016 10:09:13 Point de contrôle planifié 28-12-2016 16:08:36 Point de contrôle planifié 02-01-2017 15:11:56 Installé OpenOffice 4.1.1 16-04-2017 00:37:08 Installed Elys DS2 Succubus Manager 05-05-2017 19:01:07 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 05-05-2017 19:02:15 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 09-06-2017 16:46:51 Windows Update 06-07-2017 01:29:59 Windows Update 20-07-2017 00:17:51 Windows Update 13-08-2017 19:30:26 Windows Update ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Bluetooth Audio Device Description: Bluetooth Audio Device Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Communications Service: BTATH_A2DP Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Virtual Bluetooth Support (Include Audio) Description: Virtual Bluetooth Support (Include Audio) Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5} Manufacturer: Qualcomm Atheros Communications Service: AthBTPort Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Bluetooth LWFLT Device Description: Bluetooth LWFLT Device Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5} Manufacturer: Qualcomm Atheros Communications Service: BTATH_LWFLT Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (08/20/2017 05:08:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme wwahost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 26c Heure de début : 01d319c56f550d04 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\WINDOWS\syswow64\wwahost.exe ID de rapport : 64435db1-85b9-11e7-8174-0c84dcbafbd8 Nom complet du package défaillant : Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c ID de l’application relative au package défaillant : App Error: (08/20/2017 04:55:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORITE NT) Description: Le déchargement des chaînes de compteurs de performances pour le service WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code d’erreur. Error: (08/20/2017 04:55:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT) Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error: (08/20/2017 04:55:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT) Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error: (08/20/2017 02:35:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3671 Error: (08/20/2017 02:35:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3671 Error: (08/20/2017 02:35:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/20/2017 02:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2453 Error: (08/20/2017 02:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2453 Error: (08/20/2017 02:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Erreurs système: ============= Error: (08/20/2017 04:54:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Energy Server Service WILLAMETTE est en attente de démarrage. Error: (08/20/2017 04:50:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (08/20/2017 04:50:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Cache de police de Windows Presentation Foundation 3.0.0.0. Error: (08/20/2017 04:27:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Service Bonjour s’est terminé de façon inattendue pour la 1ème fois. Error: (08/20/2017 04:27:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service AtherosSvc s’est terminé de façon inattendue pour la 1ème fois. Error: (08/20/2017 04:26:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Spouleur d’impression s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service. Error: (08/19/2017 08:28:33 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {DCAB0989-1301-4319-BE5F-ADE89F88581C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (08/19/2017 08:26:33 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {DCAB0989-1301-4319-BE5F-ADE89F88581C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (08/19/2017 08:24:33 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {DCAB0989-1301-4319-BE5F-ADE89F88581C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (08/19/2017 08:10:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service CCDMonitorService s’est terminé de façon inattendue pour la 1ème fois. CodeIntegrity: =================================== Date: 2017-08-20 17:09:47.144 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-20 17:09:46.019 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-20 17:07:10.585 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-20 17:07:09.554 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-20 17:01:04.753 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-20 17:01:03.592 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-20 17:01:02.469 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-20 17:01:01.353 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-20 17:00:57.216 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-20 17:00:56.087 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz Pourcentage de mémoire utilisée: 43% Mémoire physique - RAM - totale: 3752.28 MB Mémoire physique - RAM - disponible: 2111.68 MB Mémoire virtuelle totale: 16752.28 MB Mémoire virtuelle disponible: 15109.91 MB ==================== Lecteurs ================================ Drive c: (Acer) (Fixed) (Total:680.39 GB) (Free:424.8 GB) NTFS Drive d: (Home TRAINING VERIFS) (CDROM) (Total:4.32 GB) (Free:0 GB) UDF Drive h: (KINGSTON) (Removable) (Total:115.47 GB) (Free:10.74 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 54B26FED) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 115.5 GB) (Disk ID: 6394BE52) Partition 1: (Active) - (Size=115.5 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt ============================