Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 03-10-2017 01
Exécuté par user (05-10-2017 00:13:41)
Exécuté depuis C:\Users\user\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-28 02:49:04)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-4084541754-4153835643-125723691-500 - Administrator - Disabled)
barre (S-1-5-21-4084541754-4153835643-125723691-1006 - Limited - Enabled) => C:\Users\barre
DefaultAccount (S-1-5-21-4084541754-4153835643-125723691-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4084541754-4153835643-125723691-1005 - Limited - Enabled)
Invité (S-1-5-21-4084541754-4153835643-125723691-501 - Limited - Enabled)
phb (S-1-5-21-4084541754-4153835643-125723691-1002 - Administrator - Enabled) => C:\Users\phb
user (S-1-5-21-4084541754-4153835643-125723691-1001 - Administrator - Enabled) => C:\Users\user
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Age of Empires II - The Conquerors - 1.0e Patch (HKLM-x32\...\Age of Empires II - The Conquerors - 1.0e Patch_is1) (Version: 1.0e - tOrMeNtIuM/m0d)
Age of Empires II - The Conquerors - 1.0e Patch FINAL (HKLM-x32\...\Age of Empires II - The Conquerors - 1.0e Patch FINAL_is1) (Version: 1.0e - tOrMeNtIuM/m0d)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
AxCrypt 1.7.3156.0 (HKLM\...\{8B49CDB9-824C-44D6-A5D3-D0235D3030B8}) (Version: 1.7.3156.0 - Axantum Software AB)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID CPU-Z MSI 1.76 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.76 - CPUID, Inc.)
CPUID PerfMonitor 2.04 (HKLM\...\CPUID PerfMonitor2_is1) (Version: 2.04 - CPUID, Inc.)
Curse Client (HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2014 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
EaseUS Partition Master 12.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Heroes of Might and Magic® III The Shadow of Death(TM) (HKLM-x32\...\Heroes III The Shadow of Death) (Version: - )
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{BF46D11E-638D-4254-A7BD-E9B355C4ECEA}) (Version: 5.0.10.2850 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{72D87E63-2F1C-47E6-86F5-E9C4BD7947C0}) (Version: 1.1.68.1766 - Rivet Networks) Hidden
Killer E220x Drivers (HKLM\...\{B5EAD6B3-7B25-4F8C-921E-0319990A0ADB}) (Version: 1.1.68.1766 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{4977C970-3BC3-4414-9CB0-CAAE58F50C09}) (Version: 1.1.68.1766 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E0C14D2B-0530-49B5-9FCE-CF07F69F2EDD}) (Version: 1.1.68.1766 - Rivet Networks)
K-Lite Codec Pack 13.0.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.0.0 - KLCP)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Logitech - Assistant pour jeux vidéo 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II : The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mathematics (64 bits) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mises à jour NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Mozilla Firefox 43.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 43.0.1 (x64 fr)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSI Afterburner 4.3.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 14 - MSI Co., LTD)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
Mumble 1.2.8 (HKLM-x32\...\{5D198290-6E7D-426C-9AF0-8DA34CC7E596}) (Version: 1.2.8 - Thorvald Natvig)
myCANAL (HKLM-x32\...\myCANAL) (Version: - UCAYA)
myCANAL (HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\3520730125.player.canalplus.fr) (Version: - player.canalplus.fr)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Pilote graphique 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Son virtuel Miracast 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.50 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{121727D5-FDF3-4723-BA57-EB383440ED72}) (Version: 4.11.9775 - Apache Software Foundation)
Panneau de configuration NVIDIA 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.41 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8059 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rise of the Tomb Raider (HKLM-x32\...\Rise of the Tomb Raider_is1) (Version: - )
RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.08 - Creative Technology Limited)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.4 - Xvid Team)
Yawcam 0.6.0 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: 0.6.0 - Yawcam)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{2c0b3b25-b9bb-4ebb-95df-35b81fbd1a88}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{71B1723C-1EC2-4b4d-868E-FA58C7F95CD9}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2014-01-16] (Axantum Software AB)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-16] (Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-16] (Cyberlink)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)
ContextMenuHandlers6: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2014-01-16] (Axantum Software AB)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02C9B04E-8282-42ED-85A2-8B863A30307F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {09981893-FC1B-42C8-8FD8-DCC1973F70F2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {1C4DF4A4-B925-4E86-8679-6E24F24AED4C} - \WPD\SqmUpload_S-1-5-21-4084541754-4153835643-125723691-1001 -> Pas de fichier <==== ATTENTION
Task: {23F4138E-CF2B-4A2D-9207-DD3C748FE8D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {25E19BED-AE23-4C6E-B4DF-B394BE45F9BE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3EB70081-6717-491C-A240-19B196CF0BD8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {4C688CEE-F1D8-4063-A480-79109D1178A6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {4EC7B985-B948-4E93-9E0F-47E886459B0E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {5312DDD0-88D4-44C1-A504-0624728FA68C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-12] (Microsoft Corporation)
Task: {725A2D75-A626-484D-801F-DAD7F8E01EDC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {79CE1FA4-D070-4395-9C8C-F38076FD0F1A} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {7B8AD1A6-AAA9-4F54-A3D7-9172918D9CC1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {920CF6C6-E67F-4375-BD05-63158A0C8F35} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {9C8B776E-CBED-4C8D-846D-0FBD1AFAA151} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {A97ED761-427F-4497-A157-AB2D0A710F4F} - \WPD\SqmUpload_S-1-5-21-4084541754-4153835643-125723691-1002 -> Pas de fichier <==== ATTENTION
Task: {AD614A38-8897-4B45-9662-D42588AEE15F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {B02FD350-B717-468A-8580-5A83967E2544} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
Task: {C60FB6AD-DD9E-4C66-BBCF-306A61BBAD28} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {CF34D213-4C39-4FA7-8C40-1897F86D161A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {D3CA0936-0A3E-4524-969E-AF87ED060EE1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {DB1207C9-2ACB-4508-B4FD-C6823B7DF656} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {DC48CA62-624C-49F1-85B1-DCC11EAD9811} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-04] (Google Inc.)
Task: {E2412533-62CD-4E15-A0F8-659E88DAD3EE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {E4D70003-3E66-4680-8779-0A7153C2469A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {F492BC21-C29A-47ED-902F-DFC73DD195F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {F7847E75-B9A5-4938-A9FB-ECD80CC87C4D} - System32\Tasks\{0A1D20F4-CE83-4AAA-9C98-30D5F17564CC} => C:\Windows\system32\pcalua.exe -a C:\Users\user\AppData\Local\Temp\Temp1_PageDefrag.zip\pagedfrg.exe <==== ATTENTION
Task: {F80F8837-DC64-4D23-AF9A-6BF4CB07772A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-04] (Google Inc.)
Task: {F8AE22B1-7626-4484-A262-3CB164E5A396} - System32\Tasks\{A42F4983-4474-4758-9416-D4056F85E8ED} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Microsoft Games\Age of Empires II\empires2.exe" -d "C:\Program Files (x86)\Microsoft Games\Age of Empires II"
Task: {FB7083DF-1FAB-45A6-BB2F-11A84D73BD90} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {FD1DA8ED-5C88-4B36-9AFA-E1181BC8D2F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-09-12 21:26 - 2017-09-07 08:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 16:12 - 2017-05-10 16:12 - 000294912 _____ () C:\ProgramData\myCANAL\nssm.exe
2016-09-11 11:50 - 2017-09-19 09:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-29 10:21 - 2017-05-29 10:21 - 005059864 _____ () C:\ProgramData\myCANAL\myCANAL.Service.exe
2016-09-28 05:40 - 2016-09-28 05:40 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 01:24 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 01:24 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 01:24 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 01:24 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-09-12 21:26 - 2017-09-07 06:53 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-09-12 21:27 - 2017-09-07 06:53 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-09-12 21:27 - 2017-09-07 06:59 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 000866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 001050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 000059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 000242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-01-29 17:05 - 2015-05-29 17:57 - 000089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2016-01-29 17:05 - 2015-05-29 17:56 - 000366080 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2017-09-29 01:43 - 2017-09-29 01:44 - 001226424 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8500.40955.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2015-07-11 00:37 - 2015-07-11 00:37 - 001243936 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-09-11 11:50 - 2017-09-19 09:23 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2013-08-22 15:25 - 2017-04-26 13:13 - 000001074 _____ C:\WINDOWS\system32\Drivers\etc\hosts
108.162.204.254 www.t411.io
108.162.204.254 t411.io
108.162.204.254 forum.t411.io
108.162.204.254 www.forum.t411.io
46.246.117.194 http://tracker.t411.io
46.246.117.194 tracker.t411.io
108.162.203.254 wiki.t411.io
108.162.204.254 api.t411.io
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-4084541754-4153835643-125723691-1001\Control Panel\Desktop\\Wallpaper -> D:\Video\Photos\photo laetitia\Maman\DSCF0613.JPG
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LWS"
HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"
HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{D9C9F559-A618-440D-8CB2-363C43B44447}C:\users\user\desktop\utilitaires\cms\cms.exe] => (Allow) C:\users\user\desktop\utilitaires\cms\cms.exe
FirewallRules: [TCP Query User{319C45BD-AE88-4380-99C0-0A2744634BF4}C:\users\user\desktop\utilitaires\cms\cms.exe] => (Allow) C:\users\user\desktop\utilitaires\cms\cms.exe
FirewallRules: [a24635ae-5edf-4664-a096-7a67441cf636] => (Allow) @p2psvc.dll,8006
FirewallRules: [a9861793-7418-434c-bebf-27504bb45cd5] => (Allow) @p2psvc.dll,8006
FirewallRules: [UDP Query User{315D63EF-4604-428C-A207-22A67D4E1FF5}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{81F0C51F-6123-4455-B225-CCABD4E07DEB}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{BE30FB40-205F-4023-B097-6A143C498970}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{8B6E7CEA-DD22-4570-BE4A-D017B0F4E349}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{FFD91853-B372-47A7-8001-8B5794C9A27D}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{3CC6AD96-8F81-449C-8A9A-F65F827B8BDF}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{A544B20A-11D5-4F34-888A-973032F64888}C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe
FirewallRules: [TCP Query User{E45ED703-EB6B-46CE-BE7A-476FFA54A683}C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe
FirewallRules: [UDP Query User{1D1A55F1-325D-46B0-97E1-B5E2A92F6ACF}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{2E70B93D-DB4D-4CC4-96F1-BA7DBBD1BAB9}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{B571ED94-21C1-4A86-99C5-95DE0BF4204C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4BE4E85E-1B2B-4993-81A3-94CA1C325DC5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E5BF55E7-933E-4F9C-A6AE-ECE7512D6082}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F4BDE428-71DF-41BA-83E9-9406E43BD926}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F4694667-1885-45D0-8A6C-1F303FD0AFA8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{33A0A780-D6AF-43C6-8D6B-F6E49D43BB72}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6CEEE6D8-BE7C-45F7-B9D8-F50D2DAAF4F2}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CD12D0F7-61F1-4039-A23D-B3AE9E987B0C}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{634D2D8D-6A38-4B73-9770-A6726FD50CCC}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F32A2278-EA85-4227-85A6-5D19291E6F3B}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{CFFFD88A-70D4-4FAA-9423-7A09DE7542D5}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{03DDC7A4-6E9D-42B3-8992-FE24CDB4F063}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{A7811BEC-2627-48FF-A82D-D86813D02F2B}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{DFB581A2-B6F3-4A9A-8B38-8C9040978F16}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{2E84CB49-5A8C-4049-8104-45F88C1A83B2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{4092112E-8F93-4F04-A680-8E7380A2C366}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{1C6CA264-5681-48BB-88D9-C053292326EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A69A1737-2C5F-46A0-BA61-F6D60176ED2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FBA243E8-97B4-4F26-A5D8-B1BD007F7544}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D5588923-2A83-4C01-A761-4C17EEF730FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{707E7D8A-70E8-4992-B97C-FC3BEE5DA258}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{9B7712C9-0B2D-4E36-9DF5-329771608DEF}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{A3CC8BF2-49BE-4FC5-A4D6-BBFC94BB0AC4}C:\program files (x86)\3do\heroes3\heroes3.exe] => (Block) C:\program files (x86)\3do\heroes3\heroes3.exe
FirewallRules: [UDP Query User{92F281E9-BFA1-4A6B-9373-5D5C6B2BB398}C:\program files (x86)\3do\heroes3\heroes3.exe] => (Block) C:\program files (x86)\3do\heroes3\heroes3.exe
FirewallRules: [{657946D1-75B3-4FE7-9996-7ABD0FF997E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{88BCEDA5-F83C-4CB3-8FE4-50BC6B4AB406}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F39C297B-285D-4DB3-ABA6-5DC1600F6600}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1EC0473B-F95F-4497-8160-46DB7607CB36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{5F1F4034-4666-4E2E-8268-5BDD74739863}C:\users\user\downloads\heroes of might and magic iii complete\heroes3.exe] => (Block) C:\users\user\downloads\heroes of might and magic iii complete\heroes3.exe
FirewallRules: [UDP Query User{6C4036C2-A6A4-43DB-BC39-D2223A5761C0}C:\users\user\downloads\heroes of might and magic iii complete\heroes3.exe] => (Block) C:\users\user\downloads\heroes of might and magic iii complete\heroes3.exe
FirewallRules: [{59EB0E77-4D2E-447F-8C76-89D451842086}] => (Allow) C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{EA19C630-55C3-41B2-AA75-A3B5C3E71655}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{096EBC04-29F0-4677-9634-D161517DA1A0}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{C1DE38AE-31AC-4773-82A6-FEBB422EE24A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A2F45A55-413B-4BCD-8DFB-AF558FBC0314}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CD8CF2E7-D152-4E28-8036-E32A61141B78}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{235820B2-ED85-438C-B300-FEC5B120B793}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5CA012C3-8D07-4A83-A28A-B3F9E9E97FD6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{159A664A-239D-4B5D-969E-F37822CB306B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{85D716E3-9260-4F5A-BEB3-F56AF0098864}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E5AF9447-12A2-4AC9-9B71-E20F2192FE36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C18C704E-7896-4A2C-84A9-C1937EB556C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2088DF20-D55A-43AA-A0A2-765A9F398C2E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9805B1FA-CF37-4BEF-A7E2-B142840DC138}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
20-09-2017 00:42:36 Windows Update
27-09-2017 05:56:54 Point de contrôle planifié
02-10-2017 02:59:10 Windows Defender Checkpoint
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (10/04/2017 11:13:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide
.
Opération :
Opération asynchrone en cours d’exécution
Contexte :
État actuel: DoSnapshotSet
Error: (10/04/2017 11:13:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (10/04/2017 12:04:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Nom du module défaillant : Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Code d’exception : 0xc0000005
Décalage d’erreur : 0x007a4020
ID du processus défaillant : 0x32e8
Heure de début de l’application défaillante : 0x01d33c91c09ab129
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
ID de rapport : c3ed6f71-b2f5-4be7-b8a2-d70f25ef83e7
Nom complet du package défaillant : GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj
ID de l’application relative au package défaillant : App
Error: (10/04/2017 12:04:51 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : Asphalt8_w8.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : code d'exception c0000005, adresse d'exception 00B64020
Pile :
Error: (10/03/2017 01:56:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Nom du module défaillant : Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Code d’exception : 0xc0000005
Décalage d’erreur : 0x007a4020
ID du processus défaillant : 0x33b8
Heure de début de l’application défaillante : 0x01d33bd92ce84740
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
ID de rapport : c9e162bb-51d4-4c05-aa6b-a7a569ab38ae
Nom complet du package défaillant : GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj
ID de l’application relative au package défaillant : App
Error: (10/03/2017 01:56:29 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : Asphalt8_w8.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : code d'exception c0000005, adresse d'exception 00B64020
Pile :
Error: (10/03/2017 01:49:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante GameBarPresenceWriter.exe, version : 10.0.14393.0, horodatage : 0x57899bd6
Nom du module défaillant : ntdll.dll, version : 10.0.14393.1715, horodatage : 0x59b0d03e
Code d’exception : 0xc0000374
Décalage d’erreur : 0x00000000000f8363
ID du processus défaillant : 0x2e1c
Heure de début de l’application défaillante : 0x01d33bd7e86a4a64
Chemin d’accès de l’application défaillante : C:\Windows\System32\GameBarPresenceWriter.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : de160d17-559e-4636-82c3-9d0524e7397f
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (10/03/2017 01:48:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Nom du module défaillant : Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Code d’exception : 0xc0000005
Décalage d’erreur : 0x007a4020
ID du processus défaillant : 0x3230
Heure de début de l’application défaillante : 0x01d33bd7e86a9226
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
ID de rapport : 1456cfc4-231c-4d07-85f9-960a4d43e9a4
Nom complet du package défaillant : GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj
ID de l’application relative au package défaillant : App
Error: (10/03/2017 01:48:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : Asphalt8_w8.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : code d'exception c0000005, adresse d'exception 00B64020
Pile :
Error: (10/02/2017 09:00:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Nom du module défaillant : Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Code d’exception : 0xc0000005
Décalage d’erreur : 0x007a4020
ID du processus défaillant : 0x11b4
Heure de début de l’application défaillante : 0x01d33b620b63a0e4
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
ID de rapport : 99e1ee36-029e-47ed-9a82-4efeaf548482
Nom complet du package défaillant : GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj
ID de l’application relative au package défaillant : App
Erreurs système:
=============
Error: (10/04/2017 01:31:36 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (10/04/2017 01:28:19 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: AUTORITE NT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12
Error: (10/04/2017 01:27:31 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Killer Service V2 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Intel(R) Dynamic Application Loader Host Interface Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Disc Soft Lite Bus Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service NVIDIA LocalSystem Container s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 6000 millisecondes : Redémarrer le service.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Adobe Acrobat Update Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service NVIDIA Display Container LS s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 1000 millisecondes : Redémarrer le service.
CodeIntegrity:
===================================
Date: 2017-09-21 01:41:04.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 01:30:38.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 01:30:15.451
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 01:30:15.451
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 00:37:41.874
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 00:37:41.872
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-19 03:37:40.616
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-18 19:41:07.412
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-18 19:41:07.402
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-18 19:41:07.382
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Pourcentage de mémoire utilisée: 37%
Mémoire physique - RAM - totale: 8140.62 MB
Mémoire physique - RAM - disponible: 5086.07 MB
Mémoire virtuelle totale: 9420.62 MB
Mémoire virtuelle disponible: 6161.06 MB
==================== Lecteurs ================================
Drive c: (Systeme) (Fixed) (Total:237.11 GB) (Free:60.39 GB) NTFS
Drive d: (Data) (Fixed) (Total:1862.89 GB) (Free:1186.62 GB) NTFS
Drive f: (ESD-USB) (Removable) (Total:28.95 GB) (Free:21.18 GB) FAT32
Drive g: (970411_1755) (CDROM) (Total:0.24 GB) (Free:0 GB) CDFS
Drive h: (H3_SHADOW) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
Drive i: (AGE2_X1) (CDROM) (Total:0.29 GB) (Free:0 GB) CDFS
Drive j: (WD) (Fixed) (Total:931.48 GB) (Free:111.36 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0C46088B)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0C46688B)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 29 GB) (Disk ID: 9B085072)
Partition 1: (Active) - (Size=29 GB) - (Type=0C)
========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: DFA1AA87)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================
Exécuté par user (05-10-2017 00:13:41)
Exécuté depuis C:\Users\user\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-28 02:49:04)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-4084541754-4153835643-125723691-500 - Administrator - Disabled)
barre (S-1-5-21-4084541754-4153835643-125723691-1006 - Limited - Enabled) => C:\Users\barre
DefaultAccount (S-1-5-21-4084541754-4153835643-125723691-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4084541754-4153835643-125723691-1005 - Limited - Enabled)
Invité (S-1-5-21-4084541754-4153835643-125723691-501 - Limited - Enabled)
phb (S-1-5-21-4084541754-4153835643-125723691-1002 - Administrator - Enabled) => C:\Users\phb
user (S-1-5-21-4084541754-4153835643-125723691-1001 - Administrator - Enabled) => C:\Users\user
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Age of Empires II - The Conquerors - 1.0e Patch (HKLM-x32\...\Age of Empires II - The Conquerors - 1.0e Patch_is1) (Version: 1.0e - tOrMeNtIuM/m0d)
Age of Empires II - The Conquerors - 1.0e Patch FINAL (HKLM-x32\...\Age of Empires II - The Conquerors - 1.0e Patch FINAL_is1) (Version: 1.0e - tOrMeNtIuM/m0d)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
AxCrypt 1.7.3156.0 (HKLM\...\{8B49CDB9-824C-44D6-A5D3-D0235D3030B8}) (Version: 1.7.3156.0 - Axantum Software AB)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID CPU-Z MSI 1.76 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.76 - CPUID, Inc.)
CPUID PerfMonitor 2.04 (HKLM\...\CPUID PerfMonitor2_is1) (Version: 2.04 - CPUID, Inc.)
Curse Client (HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2014 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
EaseUS Partition Master 12.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Heroes of Might and Magic® III The Shadow of Death(TM) (HKLM-x32\...\Heroes III The Shadow of Death) (Version: - )
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{BF46D11E-638D-4254-A7BD-E9B355C4ECEA}) (Version: 5.0.10.2850 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{72D87E63-2F1C-47E6-86F5-E9C4BD7947C0}) (Version: 1.1.68.1766 - Rivet Networks) Hidden
Killer E220x Drivers (HKLM\...\{B5EAD6B3-7B25-4F8C-921E-0319990A0ADB}) (Version: 1.1.68.1766 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{4977C970-3BC3-4414-9CB0-CAAE58F50C09}) (Version: 1.1.68.1766 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E0C14D2B-0530-49B5-9FCE-CF07F69F2EDD}) (Version: 1.1.68.1766 - Rivet Networks)
K-Lite Codec Pack 13.0.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.0.0 - KLCP)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Logitech - Assistant pour jeux vidéo 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II : The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mathematics (64 bits) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mises à jour NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Mozilla Firefox 43.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 43.0.1 (x64 fr)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSI Afterburner 4.3.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 14 - MSI Co., LTD)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
Mumble 1.2.8 (HKLM-x32\...\{5D198290-6E7D-426C-9AF0-8DA34CC7E596}) (Version: 1.2.8 - Thorvald Natvig)
myCANAL (HKLM-x32\...\myCANAL) (Version: - UCAYA)
myCANAL (HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\3520730125.player.canalplus.fr) (Version: - player.canalplus.fr)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Pilote graphique 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Son virtuel Miracast 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.50 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{121727D5-FDF3-4723-BA57-EB383440ED72}) (Version: 4.11.9775 - Apache Software Foundation)
Panneau de configuration NVIDIA 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.41 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8059 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rise of the Tomb Raider (HKLM-x32\...\Rise of the Tomb Raider_is1) (Version: - )
RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.08 - Creative Technology Limited)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.4 - Xvid Team)
Yawcam 0.6.0 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: 0.6.0 - Yawcam)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{2c0b3b25-b9bb-4ebb-95df-35b81fbd1a88}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4084541754-4153835643-125723691-1001_Classes\CLSID\{71B1723C-1EC2-4b4d-868E-FA58C7F95CD9}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2014-01-16] (Axantum Software AB)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-16] (Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-16] (Cyberlink)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)
ContextMenuHandlers6: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2014-01-16] (Axantum Software AB)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02C9B04E-8282-42ED-85A2-8B863A30307F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {09981893-FC1B-42C8-8FD8-DCC1973F70F2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {1C4DF4A4-B925-4E86-8679-6E24F24AED4C} - \WPD\SqmUpload_S-1-5-21-4084541754-4153835643-125723691-1001 -> Pas de fichier <==== ATTENTION
Task: {23F4138E-CF2B-4A2D-9207-DD3C748FE8D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {25E19BED-AE23-4C6E-B4DF-B394BE45F9BE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3EB70081-6717-491C-A240-19B196CF0BD8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {4C688CEE-F1D8-4063-A480-79109D1178A6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {4EC7B985-B948-4E93-9E0F-47E886459B0E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {5312DDD0-88D4-44C1-A504-0624728FA68C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-12] (Microsoft Corporation)
Task: {725A2D75-A626-484D-801F-DAD7F8E01EDC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {79CE1FA4-D070-4395-9C8C-F38076FD0F1A} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {7B8AD1A6-AAA9-4F54-A3D7-9172918D9CC1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {920CF6C6-E67F-4375-BD05-63158A0C8F35} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {9C8B776E-CBED-4C8D-846D-0FBD1AFAA151} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {A97ED761-427F-4497-A157-AB2D0A710F4F} - \WPD\SqmUpload_S-1-5-21-4084541754-4153835643-125723691-1002 -> Pas de fichier <==== ATTENTION
Task: {AD614A38-8897-4B45-9662-D42588AEE15F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {B02FD350-B717-468A-8580-5A83967E2544} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
Task: {C60FB6AD-DD9E-4C66-BBCF-306A61BBAD28} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {CF34D213-4C39-4FA7-8C40-1897F86D161A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {D3CA0936-0A3E-4524-969E-AF87ED060EE1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {DB1207C9-2ACB-4508-B4FD-C6823B7DF656} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {DC48CA62-624C-49F1-85B1-DCC11EAD9811} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-04] (Google Inc.)
Task: {E2412533-62CD-4E15-A0F8-659E88DAD3EE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {E4D70003-3E66-4680-8779-0A7153C2469A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {F492BC21-C29A-47ED-902F-DFC73DD195F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {F7847E75-B9A5-4938-A9FB-ECD80CC87C4D} - System32\Tasks\{0A1D20F4-CE83-4AAA-9C98-30D5F17564CC} => C:\Windows\system32\pcalua.exe -a C:\Users\user\AppData\Local\Temp\Temp1_PageDefrag.zip\pagedfrg.exe <==== ATTENTION
Task: {F80F8837-DC64-4D23-AF9A-6BF4CB07772A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-04] (Google Inc.)
Task: {F8AE22B1-7626-4484-A262-3CB164E5A396} - System32\Tasks\{A42F4983-4474-4758-9416-D4056F85E8ED} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Microsoft Games\Age of Empires II\empires2.exe" -d "C:\Program Files (x86)\Microsoft Games\Age of Empires II"
Task: {FB7083DF-1FAB-45A6-BB2F-11A84D73BD90} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {FD1DA8ED-5C88-4B36-9AFA-E1181BC8D2F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-09-12 21:26 - 2017-09-07 08:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 16:12 - 2017-05-10 16:12 - 000294912 _____ () C:\ProgramData\myCANAL\nssm.exe
2016-09-11 11:50 - 2017-09-19 09:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-29 10:21 - 2017-05-29 10:21 - 005059864 _____ () C:\ProgramData\myCANAL\myCANAL.Service.exe
2016-09-28 05:40 - 2016-09-28 05:40 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 01:24 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 01:24 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 01:24 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 01:24 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-09-12 21:26 - 2017-09-07 06:53 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-09-12 21:27 - 2017-09-07 06:53 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-09-12 21:27 - 2017-09-07 06:59 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 000866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 001050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 000059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 000242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-01-29 17:05 - 2015-05-29 17:57 - 000089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2016-01-29 17:05 - 2015-05-29 17:56 - 000366080 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2017-09-29 01:43 - 2017-09-29 01:44 - 001226424 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8500.40955.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2015-07-11 00:37 - 2015-07-11 00:37 - 001243936 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-09-11 11:50 - 2017-09-19 09:23 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2013-08-22 15:25 - 2017-04-26 13:13 - 000001074 _____ C:\WINDOWS\system32\Drivers\etc\hosts
108.162.204.254 www.t411.io
108.162.204.254 t411.io
108.162.204.254 forum.t411.io
108.162.204.254 www.forum.t411.io
46.246.117.194 http://tracker.t411.io
46.246.117.194 tracker.t411.io
108.162.203.254 wiki.t411.io
108.162.204.254 api.t411.io
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-4084541754-4153835643-125723691-1001\Control Panel\Desktop\\Wallpaper -> D:\Video\Photos\photo laetitia\Maman\DSCF0613.JPG
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LWS"
HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"
HKU\S-1-5-21-4084541754-4153835643-125723691-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{D9C9F559-A618-440D-8CB2-363C43B44447}C:\users\user\desktop\utilitaires\cms\cms.exe] => (Allow) C:\users\user\desktop\utilitaires\cms\cms.exe
FirewallRules: [TCP Query User{319C45BD-AE88-4380-99C0-0A2744634BF4}C:\users\user\desktop\utilitaires\cms\cms.exe] => (Allow) C:\users\user\desktop\utilitaires\cms\cms.exe
FirewallRules: [a24635ae-5edf-4664-a096-7a67441cf636] => (Allow) @p2psvc.dll,8006
FirewallRules: [a9861793-7418-434c-bebf-27504bb45cd5] => (Allow) @p2psvc.dll,8006
FirewallRules: [UDP Query User{315D63EF-4604-428C-A207-22A67D4E1FF5}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{81F0C51F-6123-4455-B225-CCABD4E07DEB}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{BE30FB40-205F-4023-B097-6A143C498970}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{8B6E7CEA-DD22-4570-BE4A-D017B0F4E349}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{FFD91853-B372-47A7-8001-8B5794C9A27D}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{3CC6AD96-8F81-449C-8A9A-F65F827B8BDF}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{A544B20A-11D5-4F34-888A-973032F64888}C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe
FirewallRules: [TCP Query User{E45ED703-EB6B-46CE-BE7A-476FFA54A683}C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\updates\3.4.5_41712.exe
FirewallRules: [UDP Query User{1D1A55F1-325D-46B0-97E1-B5E2A92F6ACF}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{2E70B93D-DB4D-4CC4-96F1-BA7DBBD1BAB9}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{B571ED94-21C1-4A86-99C5-95DE0BF4204C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4BE4E85E-1B2B-4993-81A3-94CA1C325DC5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E5BF55E7-933E-4F9C-A6AE-ECE7512D6082}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F4BDE428-71DF-41BA-83E9-9406E43BD926}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F4694667-1885-45D0-8A6C-1F303FD0AFA8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{33A0A780-D6AF-43C6-8D6B-F6E49D43BB72}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6CEEE6D8-BE7C-45F7-B9D8-F50D2DAAF4F2}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CD12D0F7-61F1-4039-A23D-B3AE9E987B0C}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{634D2D8D-6A38-4B73-9770-A6726FD50CCC}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F32A2278-EA85-4227-85A6-5D19291E6F3B}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{CFFFD88A-70D4-4FAA-9423-7A09DE7542D5}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{03DDC7A4-6E9D-42B3-8992-FE24CDB4F063}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{A7811BEC-2627-48FF-A82D-D86813D02F2B}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{DFB581A2-B6F3-4A9A-8B38-8C9040978F16}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{2E84CB49-5A8C-4049-8104-45F88C1A83B2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{4092112E-8F93-4F04-A680-8E7380A2C366}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{1C6CA264-5681-48BB-88D9-C053292326EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A69A1737-2C5F-46A0-BA61-F6D60176ED2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FBA243E8-97B4-4F26-A5D8-B1BD007F7544}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D5588923-2A83-4C01-A761-4C17EEF730FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{707E7D8A-70E8-4992-B97C-FC3BEE5DA258}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{9B7712C9-0B2D-4E36-9DF5-329771608DEF}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{A3CC8BF2-49BE-4FC5-A4D6-BBFC94BB0AC4}C:\program files (x86)\3do\heroes3\heroes3.exe] => (Block) C:\program files (x86)\3do\heroes3\heroes3.exe
FirewallRules: [UDP Query User{92F281E9-BFA1-4A6B-9373-5D5C6B2BB398}C:\program files (x86)\3do\heroes3\heroes3.exe] => (Block) C:\program files (x86)\3do\heroes3\heroes3.exe
FirewallRules: [{657946D1-75B3-4FE7-9996-7ABD0FF997E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{88BCEDA5-F83C-4CB3-8FE4-50BC6B4AB406}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F39C297B-285D-4DB3-ABA6-5DC1600F6600}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1EC0473B-F95F-4497-8160-46DB7607CB36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{5F1F4034-4666-4E2E-8268-5BDD74739863}C:\users\user\downloads\heroes of might and magic iii complete\heroes3.exe] => (Block) C:\users\user\downloads\heroes of might and magic iii complete\heroes3.exe
FirewallRules: [UDP Query User{6C4036C2-A6A4-43DB-BC39-D2223A5761C0}C:\users\user\downloads\heroes of might and magic iii complete\heroes3.exe] => (Block) C:\users\user\downloads\heroes of might and magic iii complete\heroes3.exe
FirewallRules: [{59EB0E77-4D2E-447F-8C76-89D451842086}] => (Allow) C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{EA19C630-55C3-41B2-AA75-A3B5C3E71655}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{096EBC04-29F0-4677-9634-D161517DA1A0}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{C1DE38AE-31AC-4773-82A6-FEBB422EE24A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A2F45A55-413B-4BCD-8DFB-AF558FBC0314}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CD8CF2E7-D152-4E28-8036-E32A61141B78}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{235820B2-ED85-438C-B300-FEC5B120B793}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5CA012C3-8D07-4A83-A28A-B3F9E9E97FD6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{159A664A-239D-4B5D-969E-F37822CB306B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{85D716E3-9260-4F5A-BEB3-F56AF0098864}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E5AF9447-12A2-4AC9-9B71-E20F2192FE36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C18C704E-7896-4A2C-84A9-C1937EB556C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2088DF20-D55A-43AA-A0A2-765A9F398C2E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9805B1FA-CF37-4BEF-A7E2-B142840DC138}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
20-09-2017 00:42:36 Windows Update
27-09-2017 05:56:54 Point de contrôle planifié
02-10-2017 02:59:10 Windows Defender Checkpoint
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (10/04/2017 11:13:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide
.
Opération :
Opération asynchrone en cours d’exécution
Contexte :
État actuel: DoSnapshotSet
Error: (10/04/2017 11:13:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (10/04/2017 12:04:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Nom du module défaillant : Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Code d’exception : 0xc0000005
Décalage d’erreur : 0x007a4020
ID du processus défaillant : 0x32e8
Heure de début de l’application défaillante : 0x01d33c91c09ab129
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
ID de rapport : c3ed6f71-b2f5-4be7-b8a2-d70f25ef83e7
Nom complet du package défaillant : GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj
ID de l’application relative au package défaillant : App
Error: (10/04/2017 12:04:51 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : Asphalt8_w8.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : code d'exception c0000005, adresse d'exception 00B64020
Pile :
Error: (10/03/2017 01:56:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Nom du module défaillant : Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Code d’exception : 0xc0000005
Décalage d’erreur : 0x007a4020
ID du processus défaillant : 0x33b8
Heure de début de l’application défaillante : 0x01d33bd92ce84740
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
ID de rapport : c9e162bb-51d4-4c05-aa6b-a7a569ab38ae
Nom complet du package défaillant : GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj
ID de l’application relative au package défaillant : App
Error: (10/03/2017 01:56:29 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : Asphalt8_w8.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : code d'exception c0000005, adresse d'exception 00B64020
Pile :
Error: (10/03/2017 01:49:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante GameBarPresenceWriter.exe, version : 10.0.14393.0, horodatage : 0x57899bd6
Nom du module défaillant : ntdll.dll, version : 10.0.14393.1715, horodatage : 0x59b0d03e
Code d’exception : 0xc0000374
Décalage d’erreur : 0x00000000000f8363
ID du processus défaillant : 0x2e1c
Heure de début de l’application défaillante : 0x01d33bd7e86a4a64
Chemin d’accès de l’application défaillante : C:\Windows\System32\GameBarPresenceWriter.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : de160d17-559e-4636-82c3-9d0524e7397f
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (10/03/2017 01:48:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Nom du module défaillant : Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Code d’exception : 0xc0000005
Décalage d’erreur : 0x007a4020
ID du processus défaillant : 0x3230
Heure de début de l’application défaillante : 0x01d33bd7e86a9226
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
ID de rapport : 1456cfc4-231c-4d07-85f9-960a4d43e9a4
Nom complet du package défaillant : GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj
ID de l’application relative au package défaillant : App
Error: (10/03/2017 01:48:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : Asphalt8_w8.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : code d'exception c0000005, adresse d'exception 00B64020
Pile :
Error: (10/02/2017 09:00:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Nom du module défaillant : Asphalt8_w8.exe, version : 0.0.0.0, horodatage : 0x59a792cd
Code d’exception : 0xc0000005
Décalage d’erreur : 0x007a4020
ID du processus défaillant : 0x11b4
Heure de début de l’application défaillante : 0x01d33b620b63a0e4
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj\Asphalt8_w8.exe
ID de rapport : 99e1ee36-029e-47ed-9a82-4efeaf548482
Nom complet du package défaillant : GAMELOFTSA.Asphalt8Airborne_3.2.1.0_x86__0pp20fcewvvtj
ID de l’application relative au package défaillant : App
Erreurs système:
=============
Error: (10/04/2017 01:31:36 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {784E29F4-5EBE-4279-9948-1E8FE941646D} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (10/04/2017 01:28:19 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: AUTORITE NT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12
Error: (10/04/2017 01:27:31 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Killer Service V2 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Intel(R) Dynamic Application Loader Host Interface Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Disc Soft Lite Bus Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service NVIDIA LocalSystem Container s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 6000 millisecondes : Redémarrer le service.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Adobe Acrobat Update Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (10/04/2017 01:27:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service NVIDIA Display Container LS s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 1000 millisecondes : Redémarrer le service.
CodeIntegrity:
===================================
Date: 2017-09-21 01:41:04.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 01:30:38.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 01:30:15.451
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 01:30:15.451
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 00:37:41.874
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-20 00:37:41.872
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-19 03:37:40.616
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-09-18 19:41:07.412
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-18 19:41:07.402
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-18 19:41:07.382
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Pourcentage de mémoire utilisée: 37%
Mémoire physique - RAM - totale: 8140.62 MB
Mémoire physique - RAM - disponible: 5086.07 MB
Mémoire virtuelle totale: 9420.62 MB
Mémoire virtuelle disponible: 6161.06 MB
==================== Lecteurs ================================
Drive c: (Systeme) (Fixed) (Total:237.11 GB) (Free:60.39 GB) NTFS
Drive d: (Data) (Fixed) (Total:1862.89 GB) (Free:1186.62 GB) NTFS
Drive f: (ESD-USB) (Removable) (Total:28.95 GB) (Free:21.18 GB) FAT32
Drive g: (970411_1755) (CDROM) (Total:0.24 GB) (Free:0 GB) CDFS
Drive h: (H3_SHADOW) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
Drive i: (AGE2_X1) (CDROM) (Total:0.29 GB) (Free:0 GB) CDFS
Drive j: (WD) (Fixed) (Total:931.48 GB) (Free:111.36 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0C46088B)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0C46688B)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 29 GB) (Disk ID: 9B085072)
Partition 1: (Active) - (Size=29 GB) - (Type=0C)
========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: DFA1AA87)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================