Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Exécuté par Ilhan (01-02-2018 22:16:37)
Exécuté depuis F:\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2018-01-24 20:04:59)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2862122455-3878037029-2977138710-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2862122455-3878037029-2977138710-503 - Limited - Disabled)
Ilhan (S-1-5-21-2862122455-3878037029-2977138710-1001 - Administrator - Enabled) => C:\Users\Ilhan
Invité (S-1-5-21-2862122455-3878037029-2977138710-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2862122455-3878037029-2977138710-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.52.9015 - Electronic Arts)
Click Install if prompted (HKLM-x32\...\{40830C8E-936E-4E08-AE37-240FF3343927}) (Version: 1.0.6.0 - ExpressVpn) Hidden
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
Discord (HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
DriversCloud.com (64 bits) (HKLM\...\{29DC4128-CF89-49D9-A524-B4430F036F14}) (Version: 10.0.7.0 - Cybelsoft)
Epic Games Launcher (HKLM-x32\...\{ACF41228-28D2-497C-AD8F-19005413E49D}) (Version: 1.1.138.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\{36E2B2FE-7341-4361-B0C4-CB22B643C886}_is1) (Version: 1.30.1.19 - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.0.4.2.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.0.4.2.2 Alpha - ETS2MP Team)
ExpressVPN (HKLM-x32\...\{61E0B88F-BE05-4039-AE68-29678CE3EC92}) (Version: 6.5.0.3428 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{66a144b5-4ff8-4f8d-a31f-96249a4b5027}) (Version: 6.5.0.3428 - ExpressVPN)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.0.0.11" - Rockstar Games)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{A3135913-E080-45FD-9301-5995B1BAF1C5}) (Version: 4.1.0.24 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{699E6891-25C3-443A-9B8E-80C74F0172C8}) (Version: 2.1.03413 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.10.0.1016 - Intel Corporation)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech - Assistant pour jeux vidéo 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mises à jour NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
Mozilla Firefox 58.0 (x64 fr) (HKLM\...\Mozilla Firefox 58.0 (x64 fr)) (Version: 58.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Pilote graphique 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Panneau de configuration NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.24.1208.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
Split Tunneling Driver (HKLM-x32\...\{F078B0B5-2F41-42C2-9162-B8C628D5E6FE}) (Version: 1.0.0.0 - ExpressVpn) Hidden
Spotify (HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
The Witcher 3: GotY Edition (HKLM-x32\...\The Witcher 3: GotY Edition_is1) (Version: - )
Update for Skype for Business 2016 (KB4011563) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{2D441C76-7795-478E-86D0-4508242BC6AE}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4011563) 64-Bit Edition (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{2D441C76-7795-478E-86D0-4508242BC6AE}) (Version: - Microsoft)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0E89317C-B176-4678-9F9A-B57023C15095} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {148CFCA6-D146-4F11-BA36-51C7C3C58045} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {216E12F7-63B0-493D-83E0-2BFD6F6ABC6B} - System32\Tasks\Opera scheduled Autoupdate 1516808169 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
Task: {36283662-5B5D-4598-B92A-177C9F7D9D4C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {38697B8A-D3DB-48EC-882D-AD66BD5E96ED} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {52739222-C0F7-4DE0-B1A2-E4286F2E1B92} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {6117FA41-AE5F-488D-AF3D-2EF58CDF60EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-24] (Microsoft Corporation)
Task: {62514BA5-881E-4FD8-B862-7DC0357D4080} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {6A86CB7F-FAEC-4A43-9433-7EB9A392C595} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {9644A4F4-7D55-4C05-94EE-EF1729E710EC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe
Task: {9F471AA4-2F4C-4173-B67C-770AF1D6BA4E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {A4DBA6B3-6F6E-4EA3-9E8D-FB8F4C09502F} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {AAA8C8FC-8E94-4C20-9F8E-7B2A0F1F6F47} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {C897C479-9C3C-4AA3-AA67-848026EB6E41} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-24] (Microsoft Corporation)
Task: {EA077535-D268-471D-9588-EDF1B2E388EC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {EDBB564A-F967-4D22-A936-FA3C2F09B64C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {F07F2478-2C64-488E-87D4-935A5EC1552C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-24] (Microsoft Corporation)
Task: {F66731CD-A994-4212-A97E-DDBFF381B445} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-24] (Microsoft Corporation)
Task: {FDA28E0E-9686-47B8-99FF-5477B7767F77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-01-26 19:54 - 2018-01-24 01:23 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-01-16 12:02 - 2018-01-16 12:02 - 000339168 _____ () C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
2018-02-01 21:08 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-02-01 21:08 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-26 19:54 - 2018-01-10 15:33 - 001268024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-16 12:04 - 2018-01-16 12:04 - 008477312 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
2017-12-14 02:39 - 2017-12-14 02:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:39 - 2017-12-14 02:39 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-31 13:11 - 2018-01-31 13:11 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-31 13:11 - 2018-01-31 13:11 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-31 13:11 - 2018-01-31 13:11 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-31 13:11 - 2018-01-31 13:11 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-31 13:11 - 2018-01-31 13:11 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-01-24 16:36 - 2018-01-22 07:02 - 096448600 _____ () C:\Program Files\Opera\50.0.2762.67\opera_browser.dll
2018-01-24 16:36 - 2018-01-22 07:02 - 004207704 _____ () C:\Program Files\Opera\50.0.2762.67\libglesv2.dll
2018-01-24 16:36 - 2018-01-22 07:02 - 000100440 _____ () C:\Program Files\Opera\50.0.2762.67\libegl.dll
2018-01-24 21:40 - 2018-01-24 21:40 - 004698840 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.16.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-24 21:39 - 2018-01-24 21:39 - 026507776 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-01-24 21:39 - 2018-01-24 21:39 - 008370176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-01-24 17:55 - 2018-01-24 17:55 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-01-24 21:42 - 2018-01-24 21:42 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-09-30 15:42 - 2017-09-30 15:42 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll
2018-01-24 21:38 - 2018-01-24 21:38 - 004307968 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-01-16 12:04 - 2018-01-16 12:04 - 006164864 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\libxvclient.dll
2018-01-16 12:05 - 2018-01-16 12:05 - 000080512 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.NetworkUtils.dll
2018-01-16 12:02 - 2018-01-16 12:02 - 000303104 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.SplitTunnel.dll
2018-01-16 12:05 - 2018-01-16 12:05 - 000441472 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.FilterManager.dll
2018-01-26 19:54 - 2018-01-10 15:33 - 001041208 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-24 16:38 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Ilhan\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-24 16:38 - 2018-01-24 16:38 - 001780216 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2018-01-24 16:38 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Ilhan\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-24 16:38 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Ilhan\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-24 18:24 - 2017-11-29 06:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-01-24 18:24 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-01-24 18:24 - 2017-12-15 20:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-01-24 18:24 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-01-24 18:24 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-01-24 18:24 - 2017-12-15 20:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-01-24 18:24 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-01-24 16:38 - 2018-01-26 11:51 - 009817080 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-24 16:38 - 2018-02-01 19:29 - 001508344 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-24 16:38 - 2018-01-24 16:38 - 000513016 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-24 16:38 - 2018-01-24 16:38 - 002662904 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-24 16:38 - 2018-02-01 19:29 - 001518072 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2018-01-24 18:25 - 2017-10-31 05:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2018-01-24 18:25 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-01-24 18:24 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2018-01-24 19:10 - 2018-02-01 21:28 - 068214160 _____ () C:\Users\Ilhan\AppData\Roaming\Spotify\libcef.dll
2018-01-24 19:10 - 2018-02-01 21:28 - 003112848 _____ () C:\Users\Ilhan\AppData\Roaming\Spotify\libglesv2.dll
2018-01-24 19:10 - 2018-02-01 21:28 - 000089488 _____ () C:\Users\Ilhan\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2
MSCONFIG\Services: Intel(R) SUR QC SAM => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2
MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\StartupFolder: => "Firemin.lnk"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "ExpressVPN4"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{8623FD4B-B127-45BD-ADAB-D38FBAC6BD9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A47F8950-39AD-4803-8B96-87F059F33C52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CCD5168-F726-42F5-99F3-E7B84D6309E1}] => (Allow) C:\Users\Ilhan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CBC014A4-3C48-4D09-8AE3-80B9AF801C01}] => (Allow) C:\Users\Ilhan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{97C93D47-2CE7-47DD-AE6D-6405E63E09D2}] => (Allow) D:\BF1\Battlefield 1\bf1.exe
FirewallRules: [{04529C37-4446-4949-B384-05C88BC95C47}] => (Allow) D:\BF1\Battlefield 1\bf1.exe
FirewallRules: [{F20FEB71-1AC7-4BC3-84FA-8D529E097E8C}] => (Allow) D:\BF1\Battlefield 1\bf1Trial.exe
FirewallRules: [{528A291B-04E2-4AC4-AE6A-800792E5FBA3}] => (Allow) D:\BF1\Battlefield 1\bf1Trial.exe
FirewallRules: [UDP Query User{849C38CE-2CC8-44F6-A68A-961C89953D85}C:\users\ilhan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ilhan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F25C34EF-A373-408E-9B93-1EB343CB7836}C:\users\ilhan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ilhan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5CAAAAFA-9C04-4DCE-83AC-1EFE69BA5690}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A7804F49-E45D-468B-9A61-6CBA20C37A78}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{48809980-F16C-4494-80EB-5EC8177A72A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FD2A34D1-9933-4C2B-BAA5-AF3792AA9340}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{056E86B7-82DF-4A41-964D-70DB1DE144FC}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{0A570112-A1C9-478A-B8D4-20210E57E2FE}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{F5BEDBE2-C569-41E1-B7AA-FB58AE450616}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{524CF24A-DE16-4945-A19A-9D264FDDD825}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [UDP Query User{61AB07FF-052A-48F4-B4A0-0CF2FCCCA6E3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{B5D7AE10-9449-443E-B8D6-A2A0BE9506A9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{F2F42E3D-10D7-49F5-9E6C-67203D448FCA}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{0CD311AB-E391-43C7-93EB-7293B9AB4FE4}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{5957153C-8523-4104-874E-8A810FC16D2B}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe
FirewallRules: [{6B9BC686-A78F-46EF-B861-782C9F7332AD}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [{64EC4296-31D2-488F-807F-E18C581B808E}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [TCP Query User{34D74D93-00A0-4055-9878-7B144A60C854}C:\users\ilhan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ilhan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C08AF1E9-BCF1-4AE0-A951-3A67328C25FD}C:\users\ilhan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ilhan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{79047EBA-B5A2-4A62-ABA7-674B3D085E2B}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe
FirewallRules: [UDP Query User{B600B083-C4EA-4B2E-BE68-9FD5C328237C}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe
FirewallRules: [{84BB1788-0154-49DE-9592-3888624B08DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{37B2FD20-7F11-4373-BA89-657AF283FD0D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5A11949B-B5B7-4A45-BAC9-A412D3413832}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0B94EA18-7F47-4491-B575-58D873F47765}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D218C6E5-538C-47D9-BDF6-BEC18D05A133}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0B051D9F-BF93-4E13-9F7A-FA7AA4C06EC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4D9A29D-DB1C-44B9-9F7D-44816E9028E1}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{E750BB55-C573-4B17-8007-D6E56FF16342}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{F98447B2-EB1F-4D7C-894A-F17D56146780}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{67D2A661-2541-4C67-B929-C99D6848446B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{69FD050D-03C0-4ECE-A7B1-D4939FC4AFA6}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{A0D0F1D9-DBB9-4AD3-8D65-68791AF038CA}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{66082DD4-98DB-458C-8237-58AEE747D2FA}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{687AA705-1206-4CF2-9689-E3DEB5767C88}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{23073574-B380-4270-9F2F-99A0F325D4CE}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{38BC8423-D057-4C10-84EC-C660FA4F9335}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{96B19DB7-E1A8-4939-9D9A-8E470B512144}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{BFB1E5F1-1E2E-4A07-906A-4FE1EE1091C8}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{005EA9B8-F284-48C4-ABBF-BE1E8BFC755B}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{96BFEA8F-197B-4312-ABD4-5554F3249017}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{E8176979-66B5-45B7-A067-970A36C53832}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{F3B22526-75A2-406A-B02C-207B559D0439}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{1F663B83-1347-471F-B343-D3A824E1FB75}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe
FirewallRules: [{49904C90-29A3-4940-B3AD-03EB0FDDD73F}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe
FirewallRules: [{5B1A8A87-8EB2-4F21-96FE-1EFBA344F58E}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CCAC3050-CC23-468E-8478-7C10AB7372B4}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{47D3E1C8-56BA-48E8-9845-56769CB6AA46}] => (Allow) D:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{69725628-E5CC-470C-97F1-898F52397DFB}] => (Allow) D:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{A516EDB3-53A6-47D4-A4A7-4130BFF8B7D5}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{27B74B7A-87CB-44AC-8C34-57FB5A54248F}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{038635CB-9A8F-466E-9438-9BFD4462E215}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{9E9790D2-CD2A-437A-8E46-AB5FC549C155}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{3FC15A2B-CA71-47FD-8B5D-8A345D72D363}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{897F8063-749D-4824-991E-65706D2F6C52}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
==================== Points de restauration =========================
26-01-2018 19:59:47 Fin de désinfection
27-01-2018 22:12:03 DirectX est installé
31-01-2018 15:05:13 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
31-01-2018 15:05:20 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212
01-02-2018 19:56:03 Installed Microsoft Office Professionnel Plus 2016
01-02-2018 19:56:09 PROPLUS
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (02/01/2018 09:47:49 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/01/2018 09:28:42 PM) (Source: Perflib) (EventID: 1018) (User: )
Description: La collecte des données des compteurs de performance a été désactivée pour cette session à partir du service « Outlook » car la bibliothèque de compteurs de performance pour ce service a généré une ou plusieurs erreurs. Les erreurs à l’origine de cette action ont été écrites dans le journal des événements des applications.
Error: (02/01/2018 09:28:42 PM) (Source: Perflib) (EventID: 1022) (User: )
Description: Windows ne peut pas ouvrir la DLL de compteur extensible 64 bits Outlook dans un environnement 32 bits. Contactez le fabricant du fichier pour obtenir une version 32 bits. Si vous exécutez un environnement 64 bits natif, vous pouvez également ouvrir la DLL de compteur extensible 64 bits en utilisant la version 64 bits de l’Analyseur de performances. Pour utiliser cet outil, ouvrez le dossier Windows, puis le dossier System32 et démarrez Perfmon.exe.
Error: (02/01/2018 09:23:49 PM) (Source: nssm) (EventID: 1018) (User: )
Description: Échec de l'ouverture de la valeur de registre AppDirectory:
L’opération a réussi.
Error: (02/01/2018 09:12:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (02/01/2018 09:08:19 PM) (Source: nssm) (EventID: 1018) (User: )
Description: Échec de l'ouverture de la valeur de registre AppDirectory:
L’opération a réussi.
Error: (02/01/2018 09:07:07 PM) (Source: nssm) (EventID: 1018) (User: )
Description: Échec de l'ouverture de la valeur de registre AppDirectory:
L’opération a réussi.
Error: (02/01/2018 08:45:38 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/01/2018 08:45:36 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (02/01/2018 08:45:36 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Erreurs système:
=============
Error: (02/01/2018 09:58:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:54:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:47:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:46:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:41:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:39:26 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:31:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:28:41 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:23:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 21:08:18 le 01/02/2018 n’était pas prévu.
Error: (02/01/2018 09:08:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
CodeIntegrity:
===================================
Date: 2018-02-01 21:49:12.120
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:39:28.055
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:31:28.031
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:21:30.152
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:18:09.884
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:14:06.196
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:10:34.429
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:08:56.549
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:08:33.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 20:30:47.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Pourcentage de mémoire utilisée: 33%
Mémoire physique - RAM - totale: 16332.85 MB
Mémoire physique - RAM - disponible: 10935.29 MB
Mémoire virtuelle totale: 18764.85 MB
Mémoire virtuelle disponible: 13448.88 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:110.83 GB) (Free:56.28 GB) NTFS
Drive d: (SSD500GO) (Fixed) (Total:465.76 GB) (Free:131.73 GB) NTFS
Drive f: (Nouveau nom) (Fixed) (Total:931.51 GB) (Free:754.4 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 75668EED)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=483 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9F329E05)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BF326E98)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================
Exécuté par Ilhan (01-02-2018 22:16:37)
Exécuté depuis F:\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2018-01-24 20:04:59)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2862122455-3878037029-2977138710-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2862122455-3878037029-2977138710-503 - Limited - Disabled)
Ilhan (S-1-5-21-2862122455-3878037029-2977138710-1001 - Administrator - Enabled) => C:\Users\Ilhan
Invité (S-1-5-21-2862122455-3878037029-2977138710-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2862122455-3878037029-2977138710-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.52.9015 - Electronic Arts)
Click Install if prompted (HKLM-x32\...\{40830C8E-936E-4E08-AE37-240FF3343927}) (Version: 1.0.6.0 - ExpressVpn) Hidden
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
Discord (HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
DriversCloud.com (64 bits) (HKLM\...\{29DC4128-CF89-49D9-A524-B4430F036F14}) (Version: 10.0.7.0 - Cybelsoft)
Epic Games Launcher (HKLM-x32\...\{ACF41228-28D2-497C-AD8F-19005413E49D}) (Version: 1.1.138.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\{36E2B2FE-7341-4361-B0C4-CB22B643C886}_is1) (Version: 1.30.1.19 - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.0.4.2.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.0.4.2.2 Alpha - ETS2MP Team)
ExpressVPN (HKLM-x32\...\{61E0B88F-BE05-4039-AE68-29678CE3EC92}) (Version: 6.5.0.3428 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{66a144b5-4ff8-4f8d-a31f-96249a4b5027}) (Version: 6.5.0.3428 - ExpressVPN)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.0.0.11" - Rockstar Games)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{A3135913-E080-45FD-9301-5995B1BAF1C5}) (Version: 4.1.0.24 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{699E6891-25C3-443A-9B8E-80C74F0172C8}) (Version: 2.1.03413 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.10.0.1016 - Intel Corporation)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech - Assistant pour jeux vidéo 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mises à jour NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
Mozilla Firefox 58.0 (x64 fr) (HKLM\...\Mozilla Firefox 58.0 (x64 fr)) (Version: 58.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Pilote graphique 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Panneau de configuration NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.24.1208.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
Split Tunneling Driver (HKLM-x32\...\{F078B0B5-2F41-42C2-9162-B8C628D5E6FE}) (Version: 1.0.0.0 - ExpressVpn) Hidden
Spotify (HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
The Witcher 3: GotY Edition (HKLM-x32\...\The Witcher 3: GotY Edition_is1) (Version: - )
Update for Skype for Business 2016 (KB4011563) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{2D441C76-7795-478E-86D0-4508242BC6AE}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4011563) 64-Bit Edition (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{2D441C76-7795-478E-86D0-4508242BC6AE}) (Version: - Microsoft)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0E89317C-B176-4678-9F9A-B57023C15095} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {148CFCA6-D146-4F11-BA36-51C7C3C58045} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {216E12F7-63B0-493D-83E0-2BFD6F6ABC6B} - System32\Tasks\Opera scheduled Autoupdate 1516808169 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
Task: {36283662-5B5D-4598-B92A-177C9F7D9D4C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {38697B8A-D3DB-48EC-882D-AD66BD5E96ED} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {52739222-C0F7-4DE0-B1A2-E4286F2E1B92} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {6117FA41-AE5F-488D-AF3D-2EF58CDF60EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-24] (Microsoft Corporation)
Task: {62514BA5-881E-4FD8-B862-7DC0357D4080} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {6A86CB7F-FAEC-4A43-9433-7EB9A392C595} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {9644A4F4-7D55-4C05-94EE-EF1729E710EC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe
Task: {9F471AA4-2F4C-4173-B67C-770AF1D6BA4E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {A4DBA6B3-6F6E-4EA3-9E8D-FB8F4C09502F} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {AAA8C8FC-8E94-4C20-9F8E-7B2A0F1F6F47} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {C897C479-9C3C-4AA3-AA67-848026EB6E41} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-24] (Microsoft Corporation)
Task: {EA077535-D268-471D-9588-EDF1B2E388EC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {EDBB564A-F967-4D22-A936-FA3C2F09B64C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {F07F2478-2C64-488E-87D4-935A5EC1552C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-24] (Microsoft Corporation)
Task: {F66731CD-A994-4212-A97E-DDBFF381B445} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-24] (Microsoft Corporation)
Task: {FDA28E0E-9686-47B8-99FF-5477B7767F77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-01-26 19:54 - 2018-01-24 01:23 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-01-16 12:02 - 2018-01-16 12:02 - 000339168 _____ () C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
2018-02-01 21:08 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-02-01 21:08 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-26 19:54 - 2018-01-10 15:33 - 001268024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-16 12:04 - 2018-01-16 12:04 - 008477312 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
2017-12-14 02:39 - 2017-12-14 02:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:39 - 2017-12-14 02:39 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-31 13:11 - 2018-01-31 13:11 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-31 13:11 - 2018-01-31 13:11 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-31 13:11 - 2018-01-31 13:11 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-31 13:11 - 2018-01-31 13:11 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-31 13:11 - 2018-01-31 13:11 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-01-24 16:36 - 2018-01-22 07:02 - 096448600 _____ () C:\Program Files\Opera\50.0.2762.67\opera_browser.dll
2018-01-24 16:36 - 2018-01-22 07:02 - 004207704 _____ () C:\Program Files\Opera\50.0.2762.67\libglesv2.dll
2018-01-24 16:36 - 2018-01-22 07:02 - 000100440 _____ () C:\Program Files\Opera\50.0.2762.67\libegl.dll
2018-01-24 21:40 - 2018-01-24 21:40 - 004698840 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.16.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-24 21:39 - 2018-01-24 21:39 - 026507776 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-01-24 21:39 - 2018-01-24 21:39 - 008370176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-01-24 17:55 - 2018-01-24 17:55 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-01-24 21:42 - 2018-01-24 21:42 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-09-30 15:42 - 2017-09-30 15:42 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-01-24 21:42 - 2018-01-24 21:42 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll
2018-01-24 21:38 - 2018-01-24 21:38 - 004307968 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-01-16 12:04 - 2018-01-16 12:04 - 006164864 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\libxvclient.dll
2018-01-16 12:05 - 2018-01-16 12:05 - 000080512 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.NetworkUtils.dll
2018-01-16 12:02 - 2018-01-16 12:02 - 000303104 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.SplitTunnel.dll
2018-01-16 12:05 - 2018-01-16 12:05 - 000441472 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.FilterManager.dll
2018-01-26 19:54 - 2018-01-10 15:33 - 001041208 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-24 16:38 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Ilhan\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-24 16:38 - 2018-01-24 16:38 - 001780216 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2018-01-24 16:38 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Ilhan\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-24 16:38 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Ilhan\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-24 18:24 - 2017-11-29 06:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-01-24 18:24 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-01-24 18:24 - 2017-12-15 20:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-01-24 18:24 - 2017-11-04 02:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-01-24 18:24 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-01-24 18:24 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-01-24 18:24 - 2017-12-15 20:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-01-24 18:24 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-01-24 16:38 - 2018-01-26 11:51 - 009817080 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-24 16:38 - 2018-02-01 19:29 - 001508344 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-24 16:38 - 2018-01-24 16:38 - 000513016 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-24 16:38 - 2018-01-24 16:38 - 002662904 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-24 16:38 - 2018-02-01 19:29 - 001518072 _____ () \\?\C:\Users\Ilhan\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2018-01-24 18:25 - 2017-10-31 05:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2018-01-24 18:25 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-01-24 18:24 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2018-01-24 19:10 - 2018-02-01 21:28 - 068214160 _____ () C:\Users\Ilhan\AppData\Roaming\Spotify\libcef.dll
2018-01-24 19:10 - 2018-02-01 21:28 - 003112848 _____ () C:\Users\Ilhan\AppData\Roaming\Spotify\libglesv2.dll
2018-01-24 19:10 - 2018-02-01 21:28 - 000089488 _____ () C:\Users\Ilhan\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2
MSCONFIG\Services: Intel(R) SUR QC SAM => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2
MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\StartupFolder: => "Firemin.lnk"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "ExpressVPN4"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2862122455-3878037029-2977138710-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{8623FD4B-B127-45BD-ADAB-D38FBAC6BD9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A47F8950-39AD-4803-8B96-87F059F33C52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CCD5168-F726-42F5-99F3-E7B84D6309E1}] => (Allow) C:\Users\Ilhan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CBC014A4-3C48-4D09-8AE3-80B9AF801C01}] => (Allow) C:\Users\Ilhan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{97C93D47-2CE7-47DD-AE6D-6405E63E09D2}] => (Allow) D:\BF1\Battlefield 1\bf1.exe
FirewallRules: [{04529C37-4446-4949-B384-05C88BC95C47}] => (Allow) D:\BF1\Battlefield 1\bf1.exe
FirewallRules: [{F20FEB71-1AC7-4BC3-84FA-8D529E097E8C}] => (Allow) D:\BF1\Battlefield 1\bf1Trial.exe
FirewallRules: [{528A291B-04E2-4AC4-AE6A-800792E5FBA3}] => (Allow) D:\BF1\Battlefield 1\bf1Trial.exe
FirewallRules: [UDP Query User{849C38CE-2CC8-44F6-A68A-961C89953D85}C:\users\ilhan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ilhan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F25C34EF-A373-408E-9B93-1EB343CB7836}C:\users\ilhan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ilhan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5CAAAAFA-9C04-4DCE-83AC-1EFE69BA5690}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A7804F49-E45D-468B-9A61-6CBA20C37A78}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{48809980-F16C-4494-80EB-5EC8177A72A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FD2A34D1-9933-4C2B-BAA5-AF3792AA9340}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{056E86B7-82DF-4A41-964D-70DB1DE144FC}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{0A570112-A1C9-478A-B8D4-20210E57E2FE}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{F5BEDBE2-C569-41E1-B7AA-FB58AE450616}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{524CF24A-DE16-4945-A19A-9D264FDDD825}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [UDP Query User{61AB07FF-052A-48F4-B4A0-0CF2FCCCA6E3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{B5D7AE10-9449-443E-B8D6-A2A0BE9506A9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{F2F42E3D-10D7-49F5-9E6C-67203D448FCA}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{0CD311AB-E391-43C7-93EB-7293B9AB4FE4}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{5957153C-8523-4104-874E-8A810FC16D2B}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe
FirewallRules: [{6B9BC686-A78F-46EF-B861-782C9F7332AD}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [{64EC4296-31D2-488F-807F-E18C581B808E}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [TCP Query User{34D74D93-00A0-4055-9878-7B144A60C854}C:\users\ilhan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ilhan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C08AF1E9-BCF1-4AE0-A951-3A67328C25FD}C:\users\ilhan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ilhan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{79047EBA-B5A2-4A62-ABA7-674B3D085E2B}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe
FirewallRules: [UDP Query User{B600B083-C4EA-4B2E-BE68-9FD5C328237C}D:\overwatch\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch\overwatch.exe
FirewallRules: [{84BB1788-0154-49DE-9592-3888624B08DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{37B2FD20-7F11-4373-BA89-657AF283FD0D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5A11949B-B5B7-4A45-BAC9-A412D3413832}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0B94EA18-7F47-4491-B575-58D873F47765}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D218C6E5-538C-47D9-BDF6-BEC18D05A133}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0B051D9F-BF93-4E13-9F7A-FA7AA4C06EC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4D9A29D-DB1C-44B9-9F7D-44816E9028E1}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{E750BB55-C573-4B17-8007-D6E56FF16342}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{F98447B2-EB1F-4D7C-894A-F17D56146780}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{67D2A661-2541-4C67-B929-C99D6848446B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{69FD050D-03C0-4ECE-A7B1-D4939FC4AFA6}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{A0D0F1D9-DBB9-4AD3-8D65-68791AF038CA}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{66082DD4-98DB-458C-8237-58AEE747D2FA}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{687AA705-1206-4CF2-9689-E3DEB5767C88}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{23073574-B380-4270-9F2F-99A0F325D4CE}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{38BC8423-D057-4C10-84EC-C660FA4F9335}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{96B19DB7-E1A8-4939-9D9A-8E470B512144}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{BFB1E5F1-1E2E-4A07-906A-4FE1EE1091C8}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{005EA9B8-F284-48C4-ABBF-BE1E8BFC755B}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{96BFEA8F-197B-4312-ABD4-5554F3249017}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{E8176979-66B5-45B7-A067-970A36C53832}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{F3B22526-75A2-406A-B02C-207B559D0439}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{1F663B83-1347-471F-B343-D3A824E1FB75}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe
FirewallRules: [{49904C90-29A3-4940-B3AD-03EB0FDDD73F}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe
FirewallRules: [{5B1A8A87-8EB2-4F21-96FE-1EFBA344F58E}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CCAC3050-CC23-468E-8478-7C10AB7372B4}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{47D3E1C8-56BA-48E8-9845-56769CB6AA46}] => (Allow) D:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{69725628-E5CC-470C-97F1-898F52397DFB}] => (Allow) D:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{A516EDB3-53A6-47D4-A4A7-4130BFF8B7D5}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{27B74B7A-87CB-44AC-8C34-57FB5A54248F}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{038635CB-9A8F-466E-9438-9BFD4462E215}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{9E9790D2-CD2A-437A-8E46-AB5FC549C155}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{3FC15A2B-CA71-47FD-8B5D-8A345D72D363}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{897F8063-749D-4824-991E-65706D2F6C52}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
==================== Points de restauration =========================
26-01-2018 19:59:47 Fin de désinfection
27-01-2018 22:12:03 DirectX est installé
31-01-2018 15:05:13 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
31-01-2018 15:05:20 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212
01-02-2018 19:56:03 Installed Microsoft Office Professionnel Plus 2016
01-02-2018 19:56:09 PROPLUS
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (02/01/2018 09:47:49 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/01/2018 09:28:42 PM) (Source: Perflib) (EventID: 1018) (User: )
Description: La collecte des données des compteurs de performance a été désactivée pour cette session à partir du service « Outlook » car la bibliothèque de compteurs de performance pour ce service a généré une ou plusieurs erreurs. Les erreurs à l’origine de cette action ont été écrites dans le journal des événements des applications.
Error: (02/01/2018 09:28:42 PM) (Source: Perflib) (EventID: 1022) (User: )
Description: Windows ne peut pas ouvrir la DLL de compteur extensible 64 bits Outlook dans un environnement 32 bits. Contactez le fabricant du fichier pour obtenir une version 32 bits. Si vous exécutez un environnement 64 bits natif, vous pouvez également ouvrir la DLL de compteur extensible 64 bits en utilisant la version 64 bits de l’Analyseur de performances. Pour utiliser cet outil, ouvrez le dossier Windows, puis le dossier System32 et démarrez Perfmon.exe.
Error: (02/01/2018 09:23:49 PM) (Source: nssm) (EventID: 1018) (User: )
Description: Échec de l'ouverture de la valeur de registre AppDirectory:
L’opération a réussi.
Error: (02/01/2018 09:12:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (02/01/2018 09:08:19 PM) (Source: nssm) (EventID: 1018) (User: )
Description: Échec de l'ouverture de la valeur de registre AppDirectory:
L’opération a réussi.
Error: (02/01/2018 09:07:07 PM) (Source: nssm) (EventID: 1018) (User: )
Description: Échec de l'ouverture de la valeur de registre AppDirectory:
L’opération a réussi.
Error: (02/01/2018 08:45:38 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/01/2018 08:45:36 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (02/01/2018 08:45:36 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Erreurs système:
=============
Error: (02/01/2018 09:58:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:54:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:47:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:46:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:41:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:39:26 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:31:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:28:41 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/01/2018 09:23:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 21:08:18 le 01/02/2018 n’était pas prévu.
Error: (02/01/2018 09:08:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D7P66OC)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-D7P66OC\Ilhan de l’utilisateur (S-1-5-21-2862122455-3878037029-2977138710-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
CodeIntegrity:
===================================
Date: 2018-02-01 21:49:12.120
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:39:28.055
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:31:28.031
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:21:30.152
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:18:09.884
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:14:06.196
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:10:34.429
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:08:56.549
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 21:08:33.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-02-01 20:30:47.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\50.0.2762.67\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Pourcentage de mémoire utilisée: 33%
Mémoire physique - RAM - totale: 16332.85 MB
Mémoire physique - RAM - disponible: 10935.29 MB
Mémoire virtuelle totale: 18764.85 MB
Mémoire virtuelle disponible: 13448.88 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:110.83 GB) (Free:56.28 GB) NTFS
Drive d: (SSD500GO) (Fixed) (Total:465.76 GB) (Free:131.73 GB) NTFS
Drive f: (Nouveau nom) (Fixed) (Total:931.51 GB) (Free:754.4 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 75668EED)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=483 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9F329E05)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BF326E98)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================