Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Exécuté par tristan (26-08-2016 19:16:39)
Exécuté depuis C:\Users\mille\Desktop
Windows 10 Pro Version 1511 (X64) (2016-05-10 16:44:46)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3556592185-4208178659-2656337545-500 - Administrator - Disabled) => C:\Users\Administrateur.DESKTOP-Q1OEHUB
DefaultAccount (S-1-5-21-3556592185-4208178659-2656337545-503 - Limited - Disabled)
Invité (S-1-5-21-3556592185-4208178659-2656337545-501 - Limited - Disabled)
tristan (S-1-5-21-3556592185-4208178659-2656337545-1001 - Administrator - Enabled) => C:\Users\mille
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {D1196F3E-3487-585D-3681-0661BD157EC3}
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {6A788EDA-12BD-57D3-0C31-3D13C692347E}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Analyseur et SDK MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Ansel (Version: 372.54 - NVIDIA Corporation) Hidden
Apple Application Support (32 bits) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.18.354 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.10 - Emsisoft Ltd.)
Far Cry 4 (HKLM\...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\{224B61E6-7E54-3DBA-872B-CCE85072D44D}) (Version: 52.0.2743.116 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1_F535B2CF-C9BB-4162-B03A-02D6971F32CC) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mises à jour NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.54 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Pilote graphique 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 372.54 (Version: 372.54 - NVIDIA Corporation) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 2.0.2 (HKLM-x32\...\Sublime Text 2_is1) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1222 - SUPERAntiSpyware.com)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Watch_Dogs Bad Blood DLC (HKLM-x32\...\V2F0Y2hfRG9ncw==_is1) (Version: 1 - )
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3556592185-4208178659-2656337545-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\mille\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {019D3A87-7A11-4D5E-8696-D5F27A7DF1BC} - System32\Tasks\SUPERAntiSpyware Scheduled Task fd892092-2956-48ca-9b25-8390079e512e => J:\Program Files (x86)\SUPERAntiSpywWare\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {21C3A63E-C3C7-4E71-9626-C30A10B33AD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {480CEDBD-F55F-48FD-A0C3-580505FD0E93} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {4967F2AD-5F42-4FCC-8807-FEF8946DBC24} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {5F6D8A43-0AFF-43B3-9CE1-603E2CF852D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe
Task: {66A505FA-1D26-4BF7-A007-A5512BA74193} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {7A45473E-3760-4268-A5C4-E4C99297D741} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-04] (Microsoft Corporation)
Task: {91EEB4F2-37D4-462C-8571-CBFEB0859EC8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-04] (Microsoft Corporation)
Task: {988A5685-9350-4D5D-B44D-BBD0779B5DF7} - System32\Tasks\{3B605711-1136-426B-B3F3-B8A8F228E3ED} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{B98A34C0-A6A2-4087-B272-557C1C6D0A07}
Task: {A8876268-9DF3-473F-A005-80FA3FE9E684} - System32\Tasks\SUPERAntiSpyware Scheduled Task ba931fb9-aad7-48c5-a01c-dd25645e7b0a => J:\Program Files (x86)\SUPERAntiSpywWare\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C25067E3-E1A1-4EBE-A40F-A80F8E84BD90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe
Task: {EDE5DF7F-DE79-4AE2-91CD-F654C20B9FF2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {EE6C9BF7-D9DB-4A74-9A88-7DB9BF2A3EF0} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Administrateur.DESKTOP-Q1OEHUB\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task ba931fb9-aad7-48c5-a01c-dd25645e7b0a.job => J:\Program Files (x86)\SUPERAntiSpywWare\SASTask.exekJ:\Program Files (x86)\SUPERAntiSpywWare\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task fd892092-2956-48ca-9b25-8390079e512e.job => J:\Program Files (x86)\SUPERAntiSpywWare\SASTask.exekJ:\Program Files (x86)\SUPERAntiSpywWare\SUPERAntiSpyware.exe
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-05-10 18:52 - 2016-08-11 14:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-22 19:26 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-07-22 19:26 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-10 18:52 - 2016-05-10 18:52 - 00959176 _____ () C:\Users\mille\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-07-22 19:26 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-13 14:52 - 2016-02-13 14:52 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-22 19:27 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-22 19:26 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-22 19:26 - 2016-07-01 05:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-22 19:26 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-22 19:26 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-11 09:38 - 2016-05-11 09:38 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-25 20:57 - 2016-08-25 20:57 - 00022336 ____R () C:\Program Files\CCleaner\branding.dll
2016-08-05 18:52 - 2016-08-05 18:52 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-11 13:56 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-05-11 13:56 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-05-11 13:56 - 2016-08-23 21:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2016-05-11 13:56 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-05-11 13:56 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-05-11 13:56 - 2016-08-23 21:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-05-11 13:56 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-05-11 09:38 - 2016-05-11 09:38 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-11 09:38 - 2016-05-11 09:39 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-08-23 21:51 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-23 21:51 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-05-11 13:56 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-10-30 09:24 - 2010-12-23 21:08 - 00000780 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\Control Panel\Desktop\\Wallpaper -> c:\users\mille\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\hot.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Actuellement, il n'y a pas de correction automatique pour cette section.)
MSCONFIG\Services: ClickToRunSvc => 2
MSCONFIG\Services: RzWizardService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "RzWizard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "EsgInstallerResumeAction_ff00e6f2fa487fc76629666127044dea"
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\...\StartupApproved\Run: => " Maintance"
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\...\StartupApproved\Run: => "Romaco Timeout"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8C007A9A-79DF-46E7-BCEC-D44C316F775E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2273287-FFEE-4C21-810B-FB9B9FAA0AA1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9A444670-618F-44C1-88B8-D318EDE42C26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5EAE6367-B5B1-4C02-B9FE-5913E9500011}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{72A297B5-8F4F-4BDB-B487-35C408F64A01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B6D22BC7-8680-498E-9AD7-2DCE8CC89241}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{ADEE6731-B522-405B-8DFA-49D15F6AC740}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{43B1F303-BD45-4C4B-8DC6-57812B51B043}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{35357146-5E01-4E5A-9DF1-8C73679D630D}] => (Allow) LPort=1688
FirewallRules: [{6E52D269-17C5-43D0-9450-B370E4312214}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2E28631C-1865-41A5-B9B2-EB0EDF86A655}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FAE473D3-6897-4136-AD9A-24E69AF3F3A7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C4CA660A-6E45-4B83-85DB-DE496227CE43}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EE11BDBE-2C0A-4F90-AD24-063E3FA1D2BC}] => (Allow) J:\Programmes\steam games\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{9594FBD8-3244-4EC0-97FA-B466693B5C8A}] => (Allow) J:\Programmes\steam games\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{EE76DEC9-5338-42D8-B2DE-B8BFA16A31C1}] => (Allow) J:\Programmes\steam games\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{A7D5B002-D130-460B-AEE2-7FFE22D266C4}] => (Allow) J:\Programmes\steam games\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{E5894174-971A-49A8-918B-FCA3435B8B23}] => (Allow) J:\Programmes\steam games\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{86F92A7F-2676-46D4-B555-F68E324250C9}] => (Allow) J:\Programmes\steam games\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{DE10CA75-EDF0-41F3-906E-A9B32BA0BE5F}] => (Allow) J:\Programmes\steam games\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{7275A9C8-0677-49F8-810D-FE23D1C84182}] => (Allow) J:\Programmes\steam games\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [TCP Query User{D1D056C1-B82A-44D4-8D5C-80696345F770}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FBDD694C-9116-47C7-9954-4FFE2C03DF64}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{60B6DE4E-0B3C-475E-B843-7791BFB8C523}] => (Allow) J:\Programmes\steam games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{28608570-DA08-4E8C-888C-05475F36FA31}] => (Allow) J:\Programmes\steam games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{6DF75D8D-C12B-4294-894F-DD01B563042D}] => (Allow) J:\Programmes\steam games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{410CEBD5-549C-417D-9B16-CFCC3EEF8794}] => (Allow) J:\Programmes\steam games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{6FCC418B-71C2-4E25-9F5F-0AE2C8C31472}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [UDP Query User{93A0CD26-5601-488D-B609-F9D746C932C4}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [{DF4ED1ED-5418-4990-B82F-BD0C6639E195}] => (Allow) J:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0A281DDD-02E0-48CD-BC0F-3BBDD704AF77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
23-08-2016 21:21:24 ResetBrowser
25-08-2016 20:42:40 Removed 7-Zip 16.02 (x64 edition)
26-08-2016 17:43:50 JRT Pre-Junkware Removal
26-08-2016 18:00:54 JRT Pre-Junkware Removal
26-08-2016 18:01:45 JRT Pre-Junkware Removal
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (08/26/2016 06:01:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (08/26/2016 06:00:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (08/26/2016 05:43:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (08/26/2016 03:46:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TYPER)
Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147024865 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (08/26/2016 03:46:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TYPER)
Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (08/26/2016 03:46:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TYPER)
Description: Échec de l’activation de l’application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App avec l’erreur : -2147023564 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (08/26/2016 01:48:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (08/26/2016 12:16:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante explorer.exe, version : 10.0.10586.494, horodatage : 0x5775e575
Nom du module défaillant : SHELL32.dll, version : 10.0.10586.545, horodatage : 0x57a1b9ce
Code d’exception : 0xc000041d
Décalage d’erreur : 0x000000000008e2cf
ID du processus défaillant : 0x8fc
Heure de début de l’application défaillante : 0xexplorer.exe0
Chemin d’accès de l’application défaillante : explorer.exe1
Chemin d’accès du module défaillant: explorer.exe2
ID de rapport : explorer.exe3
Nom complet du package défaillant : explorer.exe4
ID de l’application relative au package défaillant : explorer.exe5
Error: (08/26/2016 12:16:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante explorer.exe, version : 10.0.10586.494, horodatage : 0x5775e575
Nom du module défaillant : SHELL32.dll, version : 10.0.10586.545, horodatage : 0x57a1b9ce
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000008e2cf
ID du processus défaillant : 0x8fc
Heure de début de l’application défaillante : 0xexplorer.exe0
Chemin d’accès de l’application défaillante : explorer.exe1
Chemin d’accès du module défaillant: explorer.exe2
ID de rapport : explorer.exe3
Nom complet du package défaillant : explorer.exe4
ID de l’application relative au package défaillant : explorer.exe5
Error: (08/26/2016 11:52:54 AM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (2260) testing: L’erreur -1032 (0xfffffbf8) s’est produite lors de l’ouverture d’un fichier journal C:\Users\mille\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Erreurs système:
=============
Error: (08/26/2016 07:11:24 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:11:24 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:06:54 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:06:54 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:06:54 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:06:54 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 06:52:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Service Partage réseau du Lecteur Windows Media s’est arrêté avec l’erreur :
%%1008 = Tentative de référence à un jeton qui n’existe pas.
Error: (08/26/2016 06:49:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service MBAMService n’a pas pu démarrer en raison de l’erreur :
%%1053 = Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (08/26/2016 06:49:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service MBAMService.
Error: (08/26/2016 06:49:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Avira.ServiceHost.
CodeIntegrity:
===================================
Date: 2016-08-26 13:44:34.452
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\mille\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-08-26 13:44:34.427
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\mille\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-08-26 13:44:34.131
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\mille\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-08-21 17:53:27.714
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-20 20:27:49.302
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-27 19:41:39.837
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-27 11:18:07.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-26 20:26:36.232
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-26 12:45:31.102
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-25 13:26:10.467
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Pourcentage de mémoire utilisée: 44%
Mémoire physique - RAM - totale: 8111.11 MB
Mémoire physique - RAM - disponible: 4511.38 MB
Mémoire virtuelle totale: 9391.11 MB
Mémoire virtuelle disponible: 5241.34 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:465.27 GB) (Free:409.94 GB) NTFS
Drive d: (Réservé au système) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive j: (données) (Fixed) (Total:465.76 GB) (Free:357.59 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C9E854D9)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: B0BB3A5D)
Partition 1: (Not Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================
Exécuté par tristan (26-08-2016 19:16:39)
Exécuté depuis C:\Users\mille\Desktop
Windows 10 Pro Version 1511 (X64) (2016-05-10 16:44:46)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3556592185-4208178659-2656337545-500 - Administrator - Disabled) => C:\Users\Administrateur.DESKTOP-Q1OEHUB
DefaultAccount (S-1-5-21-3556592185-4208178659-2656337545-503 - Limited - Disabled)
Invité (S-1-5-21-3556592185-4208178659-2656337545-501 - Limited - Disabled)
tristan (S-1-5-21-3556592185-4208178659-2656337545-1001 - Administrator - Enabled) => C:\Users\mille
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {D1196F3E-3487-585D-3681-0661BD157EC3}
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {6A788EDA-12BD-57D3-0C31-3D13C692347E}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Analyseur et SDK MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Ansel (Version: 372.54 - NVIDIA Corporation) Hidden
Apple Application Support (32 bits) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.18.354 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.10 - Emsisoft Ltd.)
Far Cry 4 (HKLM\...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\{224B61E6-7E54-3DBA-872B-CCE85072D44D}) (Version: 52.0.2743.116 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1_F535B2CF-C9BB-4162-B03A-02D6971F32CC) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mises à jour NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.54 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Pilote graphique 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 372.54 (Version: 372.54 - NVIDIA Corporation) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 2.0.2 (HKLM-x32\...\Sublime Text 2_is1) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1222 - SUPERAntiSpyware.com)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Watch_Dogs Bad Blood DLC (HKLM-x32\...\V2F0Y2hfRG9ncw==_is1) (Version: 1 - )
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3556592185-4208178659-2656337545-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\mille\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {019D3A87-7A11-4D5E-8696-D5F27A7DF1BC} - System32\Tasks\SUPERAntiSpyware Scheduled Task fd892092-2956-48ca-9b25-8390079e512e => J:\Program Files (x86)\SUPERAntiSpywWare\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {21C3A63E-C3C7-4E71-9626-C30A10B33AD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {480CEDBD-F55F-48FD-A0C3-580505FD0E93} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {4967F2AD-5F42-4FCC-8807-FEF8946DBC24} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {5F6D8A43-0AFF-43B3-9CE1-603E2CF852D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe
Task: {66A505FA-1D26-4BF7-A007-A5512BA74193} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {7A45473E-3760-4268-A5C4-E4C99297D741} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-04] (Microsoft Corporation)
Task: {91EEB4F2-37D4-462C-8571-CBFEB0859EC8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-04] (Microsoft Corporation)
Task: {988A5685-9350-4D5D-B44D-BBD0779B5DF7} - System32\Tasks\{3B605711-1136-426B-B3F3-B8A8F228E3ED} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{B98A34C0-A6A2-4087-B272-557C1C6D0A07}
Task: {A8876268-9DF3-473F-A005-80FA3FE9E684} - System32\Tasks\SUPERAntiSpyware Scheduled Task ba931fb9-aad7-48c5-a01c-dd25645e7b0a => J:\Program Files (x86)\SUPERAntiSpywWare\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C25067E3-E1A1-4EBE-A40F-A80F8E84BD90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe
Task: {EDE5DF7F-DE79-4AE2-91CD-F654C20B9FF2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {EE6C9BF7-D9DB-4A74-9A88-7DB9BF2A3EF0} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Administrateur.DESKTOP-Q1OEHUB\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task ba931fb9-aad7-48c5-a01c-dd25645e7b0a.job => J:\Program Files (x86)\SUPERAntiSpywWare\SASTask.exekJ:\Program Files (x86)\SUPERAntiSpywWare\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task fd892092-2956-48ca-9b25-8390079e512e.job => J:\Program Files (x86)\SUPERAntiSpywWare\SASTask.exekJ:\Program Files (x86)\SUPERAntiSpywWare\SUPERAntiSpyware.exe
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-05-10 18:52 - 2016-08-11 14:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-22 19:26 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-07-22 19:26 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-10 18:52 - 2016-05-10 18:52 - 00959176 _____ () C:\Users\mille\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-07-22 19:26 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-13 14:52 - 2016-02-13 14:52 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-22 19:27 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-22 19:26 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-22 19:26 - 2016-07-01 05:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-22 19:26 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-22 19:26 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-11 09:38 - 2016-05-11 09:38 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-25 20:57 - 2016-08-25 20:57 - 00022336 ____R () C:\Program Files\CCleaner\branding.dll
2016-08-05 18:52 - 2016-08-05 18:52 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2016-05-11 09:19 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-11 13:56 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-05-11 13:56 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-05-11 13:56 - 2016-08-23 21:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2016-05-11 13:56 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-05-11 13:56 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-05-11 13:56 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-05-11 13:56 - 2016-08-23 21:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-05-11 13:56 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-05-11 09:38 - 2016-05-11 09:38 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-11 09:38 - 2016-05-11 09:39 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-08-23 21:51 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-23 21:51 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-05-11 13:56 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-10-30 09:24 - 2010-12-23 21:08 - 00000780 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\Control Panel\Desktop\\Wallpaper -> c:\users\mille\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\hot.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Actuellement, il n'y a pas de correction automatique pour cette section.)
MSCONFIG\Services: ClickToRunSvc => 2
MSCONFIG\Services: RzWizardService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "RzWizard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "EsgInstallerResumeAction_ff00e6f2fa487fc76629666127044dea"
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\...\StartupApproved\Run: => " Maintance"
HKU\S-1-5-21-3556592185-4208178659-2656337545-1001\...\StartupApproved\Run: => "Romaco Timeout"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8C007A9A-79DF-46E7-BCEC-D44C316F775E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2273287-FFEE-4C21-810B-FB9B9FAA0AA1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9A444670-618F-44C1-88B8-D318EDE42C26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5EAE6367-B5B1-4C02-B9FE-5913E9500011}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{72A297B5-8F4F-4BDB-B487-35C408F64A01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B6D22BC7-8680-498E-9AD7-2DCE8CC89241}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{ADEE6731-B522-405B-8DFA-49D15F6AC740}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{43B1F303-BD45-4C4B-8DC6-57812B51B043}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{35357146-5E01-4E5A-9DF1-8C73679D630D}] => (Allow) LPort=1688
FirewallRules: [{6E52D269-17C5-43D0-9450-B370E4312214}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2E28631C-1865-41A5-B9B2-EB0EDF86A655}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FAE473D3-6897-4136-AD9A-24E69AF3F3A7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C4CA660A-6E45-4B83-85DB-DE496227CE43}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EE11BDBE-2C0A-4F90-AD24-063E3FA1D2BC}] => (Allow) J:\Programmes\steam games\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{9594FBD8-3244-4EC0-97FA-B466693B5C8A}] => (Allow) J:\Programmes\steam games\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{EE76DEC9-5338-42D8-B2DE-B8BFA16A31C1}] => (Allow) J:\Programmes\steam games\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{A7D5B002-D130-460B-AEE2-7FFE22D266C4}] => (Allow) J:\Programmes\steam games\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{E5894174-971A-49A8-918B-FCA3435B8B23}] => (Allow) J:\Programmes\steam games\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{86F92A7F-2676-46D4-B555-F68E324250C9}] => (Allow) J:\Programmes\steam games\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{DE10CA75-EDF0-41F3-906E-A9B32BA0BE5F}] => (Allow) J:\Programmes\steam games\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{7275A9C8-0677-49F8-810D-FE23D1C84182}] => (Allow) J:\Programmes\steam games\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [TCP Query User{D1D056C1-B82A-44D4-8D5C-80696345F770}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FBDD694C-9116-47C7-9954-4FFE2C03DF64}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{60B6DE4E-0B3C-475E-B843-7791BFB8C523}] => (Allow) J:\Programmes\steam games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{28608570-DA08-4E8C-888C-05475F36FA31}] => (Allow) J:\Programmes\steam games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{6DF75D8D-C12B-4294-894F-DD01B563042D}] => (Allow) J:\Programmes\steam games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{410CEBD5-549C-417D-9B16-CFCC3EEF8794}] => (Allow) J:\Programmes\steam games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{6FCC418B-71C2-4E25-9F5F-0AE2C8C31472}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [UDP Query User{93A0CD26-5601-488D-B609-F9D746C932C4}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [{DF4ED1ED-5418-4990-B82F-BD0C6639E195}] => (Allow) J:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0A281DDD-02E0-48CD-BC0F-3BBDD704AF77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
23-08-2016 21:21:24 ResetBrowser
25-08-2016 20:42:40 Removed 7-Zip 16.02 (x64 edition)
26-08-2016 17:43:50 JRT Pre-Junkware Removal
26-08-2016 18:00:54 JRT Pre-Junkware Removal
26-08-2016 18:01:45 JRT Pre-Junkware Removal
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (08/26/2016 06:01:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (08/26/2016 06:00:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (08/26/2016 05:43:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (08/26/2016 03:46:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TYPER)
Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147024865 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (08/26/2016 03:46:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TYPER)
Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (08/26/2016 03:46:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TYPER)
Description: Échec de l’activation de l’application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App avec l’erreur : -2147023564 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (08/26/2016 01:48:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (08/26/2016 12:16:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante explorer.exe, version : 10.0.10586.494, horodatage : 0x5775e575
Nom du module défaillant : SHELL32.dll, version : 10.0.10586.545, horodatage : 0x57a1b9ce
Code d’exception : 0xc000041d
Décalage d’erreur : 0x000000000008e2cf
ID du processus défaillant : 0x8fc
Heure de début de l’application défaillante : 0xexplorer.exe0
Chemin d’accès de l’application défaillante : explorer.exe1
Chemin d’accès du module défaillant: explorer.exe2
ID de rapport : explorer.exe3
Nom complet du package défaillant : explorer.exe4
ID de l’application relative au package défaillant : explorer.exe5
Error: (08/26/2016 12:16:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante explorer.exe, version : 10.0.10586.494, horodatage : 0x5775e575
Nom du module défaillant : SHELL32.dll, version : 10.0.10586.545, horodatage : 0x57a1b9ce
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000008e2cf
ID du processus défaillant : 0x8fc
Heure de début de l’application défaillante : 0xexplorer.exe0
Chemin d’accès de l’application défaillante : explorer.exe1
Chemin d’accès du module défaillant: explorer.exe2
ID de rapport : explorer.exe3
Nom complet du package défaillant : explorer.exe4
ID de l’application relative au package défaillant : explorer.exe5
Error: (08/26/2016 11:52:54 AM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (2260) testing: L’erreur -1032 (0xfffffbf8) s’est produite lors de l’ouverture d’un fichier journal C:\Users\mille\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Erreurs système:
=============
Error: (08/26/2016 07:11:24 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:11:24 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:06:54 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:06:54 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:06:54 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 07:06:54 PM) (Source: DCOM) (EventID: 10016) (User: TYPER)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}TYPERtristanS-1-5-21-3556592185-4208178659-2656337545-1001LocalHost (avec LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/26/2016 06:52:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Service Partage réseau du Lecteur Windows Media s’est arrêté avec l’erreur :
%%1008 = Tentative de référence à un jeton qui n’existe pas.
Error: (08/26/2016 06:49:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service MBAMService n’a pas pu démarrer en raison de l’erreur :
%%1053 = Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (08/26/2016 06:49:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service MBAMService.
Error: (08/26/2016 06:49:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Avira.ServiceHost.
CodeIntegrity:
===================================
Date: 2016-08-26 13:44:34.452
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\mille\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-08-26 13:44:34.427
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\mille\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-08-26 13:44:34.131
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\mille\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-08-21 17:53:27.714
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-20 20:27:49.302
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-27 19:41:39.837
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-27 11:18:07.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-26 20:26:36.232
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-26 12:45:31.102
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-25 13:26:10.467
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Pourcentage de mémoire utilisée: 44%
Mémoire physique - RAM - totale: 8111.11 MB
Mémoire physique - RAM - disponible: 4511.38 MB
Mémoire virtuelle totale: 9391.11 MB
Mémoire virtuelle disponible: 5241.34 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:465.27 GB) (Free:409.94 GB) NTFS
Drive d: (Réservé au système) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive j: (données) (Fixed) (Total:465.76 GB) (Free:357.59 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C9E854D9)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: B0BB3A5D)
Partition 1: (Not Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================