Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 17.02.2018
Exécuté par Maugan (17-02-2018 12:22:26)
Exécuté depuis E:\Maugan\Bureau
Windows 10 Pro Version 1709 16299.192 (X64) (2017-10-27 19:22:46)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-18911686-2275477452-3199720197-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-18911686-2275477452-3199720197-503 - Limited - Disabled)
Invité (S-1-5-21-18911686-2275477452-3199720197-501 - Limited - Disabled)
Maugan (S-1-5-21-18911686-2275477452-3199720197-1001 - Administrator - Enabled) => C:\Users\Maugan
WDAGUtilityAccount (S-1-5-21-18911686-2275477452-3199720197-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20036 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Application Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Assassin's Creed: Syndicate (HKLM-x32\...\Assassin's Creed: Syndicate_is1) (Version: - )
Assassins's Creed 4: Black Flag (HKLM-x32\...\Assassins's Creed 4: Black Flag_is1) (Version: - )
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
Batman: Arkham City (HKLM-x32\...\Batman: Arkham City_is1) (Version: - )
Batman: Arkham Knight (HKLM-x32\...\Batman: Arkham Knight_is1) (Version: - )
BioShock 2 Remastered (HKLM-x32\...\BioShock 2 Remastered_is1) (Version: - )
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - )
BioShock Remastered (HKLM-x32\...\BioShock Remastered_is1) (Version: - )
Bulletstorm: Full Clip Edition (HKLM-x32\...\Bulletstorm: Full Clip Edition_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH)
CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crysis 3 (HKLM-x32\...\Crysis 3_is1) (Version: - )
Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - )
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version: - )
Discord (HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dishonored 2 (HKLM-x32\...\Dishonored 2_is1) (Version: - )
Dishonored: DotO (HKLM-x32\...\Dishonored: DotO_is1) (Version: - )
Dishonored: GotY Edition (HKLM-x32\...\Dishonored: GotY Edition_is1) (Version: - )
Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.91.005 - Portrait Displays, Inc.)
Dragon Ball: Xenoverse 2 (HKLM-x32\...\Dragon Ball: Xenoverse 2_is1) (Version: - )
Dying Light: The Following (HKLM-x32\...\Dying Light: The Following_is1) (Version: - )
Epic Games Launcher (HKLM-x32\...\{886E86E6-6673-4EAD-A4FF-6E087A661F4E}) (Version: 1.1.123.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: - )
Ghost Recon: Wildlands (HKLM-x32\...\Ghost Recon: Wildlands_is1) (Version: - )
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 2.08.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 2.08.0000 - GIGABYTE Technology Co.,Ltd.)
Goat Simulator: GOATY Edition (HKLM-x32\...\Goat Simulator: GOATY Edition_is1) (Version: - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.5.0.1051 - Intel Corporation)
Just Cause 3 (HKLM-x32\...\Just Cause 3_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{11B73856-A062-4E6B-A80E-A3F380BBAB65}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Life is Strange: Complete Season 1 (HKLM-x32\...\Life is Strange: Complete Season 1_is1) (Version: - )
Mad Max (HKLM-x32\...\Mad Max_is1) (Version: - )
MAGIX Contenu et Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{DFEE4333-B802-4E27-9521-2D9E970B7813}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MATLAB R2017a (HKLM\...\Matlab R2017a) (Version: 9.2 - MathWorks)
Microsoft Office 365 ProPlus - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.8431.2153 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{27a7f406-88d7-44ea-a775-b2146040b201}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{21a92a8d-968e-4b78-9af4-329f60d97ed7}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mirror's Edge: Catalyst (HKLM-x32\...\Mirror's Edge: Catalyst_is1) (Version: - )
Mises à jour NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Movie Studio 13.0 (64-bit) (HKLM\...\{16C8F9C0-B5A5-11E6-AF35-EF6B4CB4F8F1}) (Version: 13.0.208 - VEGAS)
Mozilla Firefox 58.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 58.0.2 (x64 fr)) (Version: 58.0.2 - Mozilla)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH)
NSUNS 3: Full Burst HD (HKLM-x32\...\NSUNS 3: Full Burst HD_is1) (Version: - )
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Pilote graphique 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation)
Ori and the Blind Forest: Definitive Edition (HKLM-x32\...\Ori and the Blind Forest: Definitive Edition_is1) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
Panneau de configuration NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\PhotoFiltre 7) (Version: - )
Pivot Pro Plugin (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 9.61.004 - Portrait Displays, Inc.) Hidden
Planet Coaster (HKLM-x32\...\Planet Coaster_is1) (Version: - )
Prey (HKLM-x32\...\Prey_is1) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
scilab-6.0.0 (64-bit) (HKLM\...\scilab-6.0.0 (64-bit)_is1) (Version: - Scilab Enterprises)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 3.10.003 - Portrait Displays, Inc.) Hidden
Sniper Elite 3 (HKLM-x32\...\Sniper Elite 3_is1) (Version: - )
Sniper Elite 4 (HKLM-x32\...\Sniper Elite 4_is1) (Version: - )
Sniper: Ghost Warrior 3 (HKLM-x32\...\Sniper: Ghost Warrior 3_is1) (Version: - )
Splinter Cell: Blacklist (HKLM-x32\...\Splinter Cell: Blacklist_is1) (Version: - )
Spotify (HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB)
Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.0 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Styx: Shards of Darkness (HKLM-x32\...\Styx: Shards of Darkness_is1) (Version: - )
Tales from the Borderlands (HKLM-x32\...\Tales from the Borderlands_is1) (Version: - )
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
TEKKEN 7 (HKLM-x32\...\TEKKEN 7_is1) (Version: - )
TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Unravel (HKLM-x32\...\Unravel_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 44.0 - Ubisoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vita Concert Grand LE (HKLM\...\{BFA88ABE-D175-42C7-B374-92A2D9333CAB}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Watch Dogs 2 (HKLM-x32\...\Watch Dogs 2_is1) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zemana AntiLogger (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-18911686-2275477452-3199720197-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Maugan\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-18911686-2275477452-3199720197-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Maugan\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-18911686-2275477452-3199720197-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Maugan\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2017-06-17] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2017-06-17] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00865218-4766-4DC3-8D2D-73B3FC8620E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-19] (Microsoft Corporation)
Task: {0C43EC5F-E087-423F-A000-C56273034A00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-19] (Microsoft Corporation)
Task: {1A69657B-76BC-4D5E-87FA-2D114E328A06} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Connect" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GIGABYTE OC GURU" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MSIAfterburner" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {293F6B92-2A91-471D-B099-8302DE8462FD} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {326192D2-BA95-46DF-A24A-4701D8AC4618} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-08-02] (MAGIX Software GmbH)
Task: {3751A105-749E-4A93-B499-024C94FA3D9A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {39E7CC6A-36F4-41CC-A2CB-4EBDB07D9893} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-28] (AVAST Software)
Task: {3A880277-B3A0-4C07-8A2F-C7A658D4C890} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {5724CC59-5557-4CDC-A587-2708AC789FDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
Task: {6DEC136F-EDC6-464D-BB8C-0A0B3A4A253D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {6FA2FEF0-DFAC-4260-B626-2DF4178EEBA3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {709E8EA6-1944-478F-B0E2-B123594A1730} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {78F8F16A-6F93-4F8D-AA49-87757692AFB1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {7D913358-C5ED-4929-9692-AF8B42ED20E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated)
Task: {8418598A-7CB6-4F61-9982-78FA6FA0657D} - System32\Tasks\CreateExplorerShellUnelevatedTask => c:\windows\explorer.exe /NOUACCHECK
Task: {9B37659C-9944-4CDF-A297-F6FCF663B073} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-19] (Microsoft Corporation)
Task: {9D8C8BCD-FA53-4B01-9920-4812EB39DB0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {9DF4C18B-908D-46CA-A95B-4E1A41475D56} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-12-15] ()
Task: {A9ECA067-0586-4D78-AF8D-8F8A66D61FDA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-08] (Adobe Systems Incorporated)
Task: {AE61A286-0E75-4D32-9D71-C4C7501B07B7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-19] ()
Task: {AF5A8171-00EA-49F6-B8DF-73ACFD887562} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {B087486A-AAAA-4A71-A76A-85F3DFB7BCA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
Task: {B3BAFEBB-BB32-4F19-A11A-255B213D109B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {B8A7ED1B-A0B1-48F7-9774-64E378597CFD} - System32\Tasks\{DC5F99F0-1B6D-4467-842D-14CBB40CF658} => C:\WINDOWS\system32\pcalua.exe -a E:\Games\Hitman\unins000.exe -d E:\Games\Hitman
Task: {C41EA81C-3C30-476F-8533-9A8044AF4066} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-06] (AVAST Software)
Task: {D2CEFD9D-3A82-4D4B-927D-D01D4FE31DD5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-19] ()
Task: {DDEBC3E9-E28E-4103-93B8-B4531C4260C9} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\remsh.exe
Task: {DF58F4E1-DF59-4536-BD5D-5ACEA120438D} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {DFFCD21B-BDED-48CA-BFAC-6432EE134399} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe
Task: {E27BFAE6-BCDE-4E6A-8776-40D1A953592A} - System32\Tasks\GIGABYTE OC GURU => C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2017-01-19] (GIGABYTE Technology Co.,Ltd.)
Task: {E8FC3DA9-ECE7-454D-B456-3A4AABCD8766} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {FE7010B7-E279-4E63-B594-8D98906F53B6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2017-09-08 16:48 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-23 20:55 - 2017-10-27 17:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-12-15 10:04 - 2017-12-15 10:04 - 000725288 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-06-17 10:35 - 2017-06-17 10:35 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll
2017-05-23 19:13 - 2013-06-18 11:26 - 000677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2017-05-23 19:13 - 2013-06-18 11:26 - 000714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
2017-09-28 23:15 - 2017-09-28 23:17 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2017-09-28 23:17 - 2017-09-28 23:17 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2017-09-28 23:17 - 2017-09-28 23:17 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-02-16 03:56 - 2018-02-16 03:56 - 025843200 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-02-16 03:56 - 2018-02-16 03:56 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-16 03:56 - 2018-02-16 03:56 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-02-08 23:29 - 2018-02-08 23:32 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-29 04:55 - 2017-09-29 05:04 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-16 03:56 - 2018-02-16 03:56 - 005527040 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000067984 _____ () C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000067920 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-12-14 18:56 - 2017-12-14 18:56 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2017-12-14 18:56 - 2017-12-14 18:56 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2017-12-14 18:56 - 2017-12-14 18:56 - 000232448 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2017-12-14 18:56 - 2017-12-14 18:56 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2017-12-14 18:57 - 2017-12-14 18:57 - 000566784 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2017-09-08 16:48 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-17 15:23 - 2017-11-29 06:09 - 000781088 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2017-05-19 17:22 - 2016-09-01 02:02 - 004969248 _____ () E:\Program Files (x86)\Steam\v8.dll
2017-12-17 15:23 - 2017-12-15 20:59 - 002558752 _____ () E:\Program Files (x86)\Steam\video.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 005137696 _____ () E:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 000351520 _____ () E:\Program Files (x86)\Steam\libavresample-3.dll
2017-05-19 17:22 - 2016-09-01 02:02 - 001563936 _____ () E:\Program Files (x86)\Steam\icui18n.dll
2017-05-19 17:22 - 2016-09-01 02:02 - 001195296 _____ () E:\Program Files (x86)\Steam\icuuc.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 000695584 _____ () E:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 000847136 _____ () E:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 000783648 _____ () E:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-17 15:23 - 2017-12-15 20:59 - 000904992 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-05-19 17:21 - 2016-07-04 23:17 - 000266560 _____ () E:\Program Files (x86)\Steam\openvr_api.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-07-08 11:56 - 2017-07-08 11:56 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2015-03-24 18:01 - 2015-03-24 18:01 - 000192512 _____ () C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvVGAConfig.dll
2017-10-15 13:03 - 2017-09-07 03:04 - 000678400 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-12-17 15:23 - 2017-10-31 05:44 - 071471904 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-05-19 17:21 - 2015-09-25 00:52 - 000119208 _____ () E:\Program Files (x86)\Steam\winh264.dll
2018-01-12 18:41 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Maugan\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-12 18:42 - 2018-02-15 18:45 - 001780216 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2018-01-12 18:41 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Maugan\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-12 18:41 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Maugan\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-12 18:42 - 2018-01-27 14:50 - 009817080 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-12 18:42 - 2018-02-01 23:30 - 001508344 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-12 18:42 - 2018-01-12 18:42 - 000513016 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-12 18:42 - 2018-01-12 18:42 - 002662904 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-12 18:42 - 2018-02-01 23:30 - 001518072 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2018-01-12 19:43 - 2018-01-12 19:43 - 002749944 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_contact_import\discord_contact_import.node
2017-12-17 15:23 - 2017-10-31 05:44 - 002020128 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-12-17 15:23 - 2017-10-31 05:44 - 000114464 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-05-18 20:16 - 2017-10-28 22:27 - 000004994 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 apps.skype.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
Il y a 93 plus de lignes.
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\Control Panel\Desktop\\Wallpaper -> E:\Maugan\Images\Wallpaper\Lion-Wallpaper-Hdnbspfond-ecran-hd3.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "Spotify"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{7D85BD3A-ABC1-43B5-9B37-D328DE4D3A49}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{08DBF042-5FEB-4095-BCF0-917B78FC07F0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{423BDAAD-91FB-475A-903A-EFEEC2ADEEB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{577B08B7-FB4C-4AEA-A24E-A1B329844B21}E:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) E:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{0FAE9FDB-C0D9-4622-8B24-77D015D1A884}E:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) E:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{CCC0D4B2-E1D9-4741-B729-B72A9DDD4FC9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{43A97F16-6D57-4E96-B1CD-8CA6F9072043}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1195C194-E334-4B87-AE3F-7FD2F08E7F4A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{4A3D700B-8724-4B09-9B09-EA756BFF68C3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{29B11104-03B5-4C4D-97A7-0FA0CD963296}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8086B143-F7E5-45A5-9288-237AEACB1098}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{37F5EE91-FF3D-4E8B-B9DA-1B404155F924}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{61A0306F-9252-466E-9F02-5516AC3B1ECE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [UDP Query User{DA3C9431-DBB7-46BA-A3BF-8A772EBC5991}E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe] => (Block) E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe
FirewallRules: [TCP Query User{4AAEDE90-7B2E-4677-A08A-73D711120D38}E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe] => (Block) E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe
FirewallRules: [{F9362AA5-69B6-45FF-9084-4A6080362D28}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{EB8762A0-D50A-4B1C-9988-41DD315A3182}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{8A43A23A-CB57-46D2-B5B6-FBC6618DD192}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FF7A5D00-9DBD-44C9-8757-EA261D9D606E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DD9FE133-2D3E-4A5C-AE3E-43023B2A544A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{56FAF207-72CE-40B3-AE3B-25BF6C66092D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{D8658D03-5AAE-4848-A762-0F951AE7E2D0}E:\games\far cry 4\bin\farcry4.exe] => (Allow) E:\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{D231A1D0-6E74-4CF1-82D4-48542F71A35B}E:\games\far cry 4\bin\farcry4.exe] => (Allow) E:\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{60D4C56D-70DE-498B-8344-25C2B63C09D1}E:\program files\openshot video editor\launch.exe] => (Allow) E:\program files\openshot video editor\launch.exe
FirewallRules: [TCP Query User{077EEC3F-73DF-48D8-B66F-18AD9EDFBA52}E:\program files\openshot video editor\launch.exe] => (Allow) E:\program files\openshot video editor\launch.exe
FirewallRules: [{A4A03276-E8D6-4D63-BD12-140DA2808273}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BRINK\brink.exe
FirewallRules: [{8D3D79C9-60B4-4142-BE9F-AA7DEEB6E5DD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BRINK\brink.exe
FirewallRules: [UDP Query User{743D88FA-D8B7-4836-9EA2-77E682AA275C}E:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) E:\games\batman - arkham city\binaries\win32\batmanac.exe
FirewallRules: [TCP Query User{FBA8B430-CEAC-4E16-99EA-61C4C035898D}E:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) E:\games\batman - arkham city\binaries\win32\batmanac.exe
FirewallRules: [UDP Query User{E3D0856A-F54E-41C6-A733-E2A22A4DD092}E:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored - goty edition\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{406A1BAB-4D22-470A-8EBE-A393F9FE070A}E:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored - goty edition\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{EADEDA82-7E38-4452-85E5-DD3843E2BF6F}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\maugan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8945BB63-FBEF-4900-978A-B4F3BBAFF13F}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\maugan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A8238D2E-50C5-4655-A79D-5B8F045DF431}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maugan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{037FC86C-F0CF-4446-B28B-95267AAFD72C}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maugan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{68E0FC2F-8BCC-4204-BAE3-715746599518}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{746ED4D3-D37C-4F04-B96F-79BD10AB8B4F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [UDP Query User{56C9B647-1442-4CE8-AA88-1E849ECB3ECC}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{776B0DD8-1813-4311-96F3-443A468CB99E}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{18EF663E-B99F-4693-9FF7-EB7A51FCE370}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{A1E569E4-05AC-410B-A503-130003D334CB}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{9D8C4FFD-0A35-4D8C-8EE9-2CC20A92A2D8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C1EF7A27-CFDF-4029-8156-4F8678A37335}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C5D467AD-EBBB-4B19-9ACA-51CE28727581}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1A4AD2D2-212F-4637-81C4-8F6E7D033061}] => (Block) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{F0605A0C-EAFF-4F58-9BDA-AF504BA6FFD4}] => (Block) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [UDP Query User{D9891E2F-5274-4799-8376-5072A9CC7E28}E:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [TCP Query User{67BEF66F-D30A-4AFC-A1C2-B4AD95E731CC}E:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{C1B451E9-8EBD-450D-A15E-81FF99D4F2C2}] => (Allow) E:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{124BC2BD-1659-4188-92FB-FCAF5371EA64}] => (Allow) E:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{EF2FF7FF-D77B-4861-81D0-8F9AEE5D395B}] => (Block) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{930A2525-D21E-4929-92DB-940D72D04A86}] => (Block) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{F8E4027E-0C1D-4B08-8F95-6E8CED94C219}C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [TCP Query User{E6C9AE1D-B184-4CBA-BCC0-D90903F6714A}C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{624A2605-8573-4C8D-919C-A157786FD6D5}] => (Block) E:\games\quantum break\dx11\quantumbreak.exe
FirewallRules: [{FF22CF74-98DC-41E3-AF9D-862557766328}] => (Block) E:\games\quantum break\dx11\quantumbreak.exe
FirewallRules: [UDP Query User{B170E8D2-F0EC-43D2-8D1C-50DC710C776D}E:\games\quantum break\dx11\quantumbreak.exe] => (Allow) E:\games\quantum break\dx11\quantumbreak.exe
FirewallRules: [TCP Query User{3DBB6EBB-2CCA-4F80-BD39-C62082EC8AFA}E:\games\quantum break\dx11\quantumbreak.exe] => (Allow) E:\games\quantum break\dx11\quantumbreak.exe
FirewallRules: [{521BC71E-38C2-42C8-B684-CE7EAF319BB2}] => (Block) E:\games\far cry - primal\bin\fcprimal.exe
FirewallRules: [{64D0F8E7-7EDA-4337-9F25-B07D432D2003}] => (Block) E:\games\far cry - primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{5200ED0B-5BCF-474D-B0A4-AE14822DFBF6}E:\games\far cry - primal\bin\fcprimal.exe] => (Allow) E:\games\far cry - primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{E410F98B-BA1C-4B82-9FB8-374A5354111F}E:\games\far cry - primal\bin\fcprimal.exe] => (Allow) E:\games\far cry - primal\bin\fcprimal.exe
FirewallRules: [{9A1A2D56-4113-42AE-940D-087B47D8E6D8}] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{BB5D9CFF-B449-475B-BD7A-A0C7AFF0ECCC}] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{456FFA2F-99CC-467D-BCD9-B984444B7DA9}E:\games\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{2D4E7513-74B6-40F9-8F87-6C64D6C54C84}E:\games\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{BA0DD08D-A5D4-4E3C-8CE9-5080B5535C92}] => (Block) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [{6EAB6FC7-B720-496D-A300-7C963812CBD6}] => (Block) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [UDP Query User{7F5963F5-8BAF-4802-B150-81FD72BD0033}E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe] => (Allow) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [TCP Query User{7B6B6D4D-1487-48AE-8737-B182A45F6705}E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe] => (Allow) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [{C904B72E-D867-43E9-8C2A-27D2542DCA56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{34FFDCA3-2200-495B-9CE5-16544A719F87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7ED0CF59-5B00-44E8-9E9A-3ED70C9E7E0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{326D156B-9143-427C-9CDE-C96F7F5831FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{98E87266-6596-483D-BF55-1F18DA07858F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{37530080-050B-44B1-80B5-87274D8749C6}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{B983156D-BC00-432D-AED8-32F368B678FD}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{898E92A6-95E7-4F25-B151-45AC633A705B}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{6ED761F7-9147-44DD-989B-87785B34BBA7}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{2D036481-3C45-4F98-A5D8-55309ABDA6C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{67A79304-F5CE-4450-A3F2-7CEAE68F16F6}E:\program files (x86)\hearthstone\hearthstone.exe] => (Block) E:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{2077521E-2F40-4A39-834E-F9320DDC94A4}E:\program files (x86)\hearthstone\hearthstone.exe] => (Block) E:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe
FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe
FirewallRules: [{88822580-026A-4617-8175-5683DEC9702E}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{774786C1-8E06-4771-9755-2383A5062F18}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6B5B6238-A42C-4966-8164-BBA99AA1F756}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{045838D9-E306-4A28-9700-AA46F0AE2163}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FB33D2A5-4CB9-4F74-B108-B792977128BF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{D4EC023A-33A1-47A9-9903-73BD4C8EB658}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{8E334CC6-A12E-41EE-8C66-8ECBD6A21612}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{803C0EC1-211F-45BA-AF06-A0A0E6541009}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{050DC654-26A2-44C4-AFA8-2D2C7A354A28}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{24E69BAD-54E4-46F7-8586-AB072769CC67}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C688214A-B514-4B9F-BF96-79AA60F4BF4C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{6E605186-ED0E-4F08-9681-A143AC41D1A0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{379439E9-705E-4199-B530-35948E3E899C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{25A1F391-9979-4ACF-B066-12463954BA66}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{64F688BA-E76E-4897-8BF1-919187DF214F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{A207232C-67C9-4EF1-B276-5640E1455E67}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{A1093E11-E3D9-4A3B-A5CA-DB2010FEC5F3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{53F64268-3CE6-477B-8C2C-7AF7F00E73DF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{2BCB2EC9-3643-42CD-BA62-EABFEA05EA06}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{0F58614A-C68D-4004-85A0-21B8AE5A3C52}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{B2FAD79D-7D2A-45FB-92B1-884C598AC641}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4BB74623-94FE-4B57-A3EF-4C88CB2C90C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F9FCF23D-7809-4C75-A136-7C7FE7DE219B}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [{4CA42252-0E0F-4BC3-B10D-34B380630089}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [TCP Query User{B9A15A14-7EE4-4BCF-AB36-345D2567D1C3}E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AC83DDF5-F8FC-44E3-B627-B8D914D4606B}E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [{BD8C1739-F48E-4327-BB69-92215A6EA934}] => (Block) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [{8994E5FD-3274-4323-933E-A487F5F1445F}] => (Block) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [{1791D131-1FAE-4C13-8F46-21D34375A295}] => (Block) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{CEF4DCDB-4E60-47C2-85CB-6E7CED1B4554}E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [UDP Query User{C8D902AA-7C91-4C57-BD69-CCFCA28C7F1E}E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [TCP Query User{9A74CDD8-7B0C-4012-BAB3-7530AF31CFB2}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{8D6B8810-5EDE-4906-A703-DA55DA9A505E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{17310C27-7D9B-4837-AF13-F55B167D64A8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3037C3F5-06E4-45F9-8C5A-4792FD666AE1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{39C3D995-BB79-4279-A6A3-347490D83C6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EE3537BE-B96F-4FC8-A093-E7C787444582}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{F9797BAA-D9EB-4ECB-A88F-AF9A9B3CA7E9}E:\program files\matlab\r2017a\bin\win64\matlab.exe] => (Allow) E:\program files\matlab\r2017a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{9C0F4983-6C7F-456B-BB4C-7A539B7849B3}E:\program files\matlab\r2017a\bin\win64\matlab.exe] => (Allow) E:\program files\matlab\r2017a\bin\win64\matlab.exe
FirewallRules: [{B5E36C50-FFFF-42EF-86A2-28D086363435}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{3A48CAA9-1CEA-484C-AF10-FA8B9A13CEA8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{B8707A6E-7896-4D01-A518-E5A209666D42}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DECB881E-9353-48D7-B421-2DA8A2947F77}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4A25CEB-AABA-40B8-8789-7093A9D6C776}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{54DE71A0-5D85-46D5-B91E-88E0AE3D9BEE}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E1DC0F6D-3B79-4E1C-A1DD-8D7CAC1C1E6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{52C3A29C-D10C-419F-80AD-6BEF4C016CEF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{7BAC59F5-565A-4A25-A2D4-96465EFD7195}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{06E0FC55-9055-420C-A5BE-75026774CB3D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{470D51A6-DC59-4E0B-ABBC-39F38761385B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{BA11A040-55D8-46BE-90F8-9E81E18E92F7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{C6453BDD-5949-447D-8CA0-6AFE652FF3D7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{0D180CC7-F7AF-4F1C-957A-E985CA566941}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{75313528-0FD9-41A8-B1F3-41A8DE081F8D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{AF6B383F-EFFF-40F6-9755-3C56695C9DBA}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe
FirewallRules: [{AA921351-34CE-400B-8F3F-84D0262F2001}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe
FirewallRules: [{3EB90671-F4F2-40B8-9DCE-48E4DD3CD35B}] => (Allow) LPort=1688
FirewallRules: [{59A71822-3B48-4B88-A80D-0AA631889669}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe
FirewallRules: [{D0CD19A1-330C-4C12-B4D9-C3569D67DCDC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe
FirewallRules: [{60DBD3CA-1716-4823-A420-4CF611DD9164}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe
==================== Points de restauration =========================
27-01-2018 11:41:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
02-02-2018 17:59:03 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
08-02-2018 22:16:00 Windows Update
15-02-2018 22:48:55 Point de contrôle planifié
==================== Éléments en erreur du Gestionnaire de périphériques =============
Name: Clavier standard PS/2
Description: Clavier standard PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Claviers standard)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Souris Microsoft PS/2
Description: Souris Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (02/08/2018 07:47:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante uTorrent.exe, version : 2.2.1.25110, horodatage : 0x4d78393f
Nom du module défaillant : GDI32.dll, version : 10.0.16299.15, horodatage : 0xbf7b6630
Code d’exception : 0xc000041d
Décalage d’erreur : 0x00005b36
ID du processus défaillant : 0x23a4
Heure de début de l’application défaillante : 0x01d3a053fa631324
Chemin d’accès de l’application défaillante : E:\Program Files (x86)\uTorrent\uTorrent.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\GDI32.dll
ID de rapport : 47017ba1-fada-4c66-8baa-22cdf3e075ed
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (02/08/2018 06:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante setup.tmp, version : 51.1052.0.0, horodatage : 0x506a75b5
Nom du module défaillant : botva2.dll_unloaded, version : 0.9.7.151, horodatage : 0x2a425e19
Code d’exception : 0xc000041d
Décalage d’erreur : 0x00005514
ID du processus défaillant : 0x3a94
Heure de début de l’application défaillante : 0x01d3a1013bc17909
Chemin d’accès de l’application défaillante : C:\Users\Maugan\AppData\Local\Temp\is-QIS07.tmp\setup.tmp
Chemin d’accès du module défaillant: botva2.dll
ID de rapport : 7258b269-fef9-4716-a342-0c9c8079df33
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (02/08/2018 06:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante setup.tmp, version : 51.1052.0.0, horodatage : 0x506a75b5
Nom du module défaillant : botva2.dll_unloaded, version : 0.9.7.151, horodatage : 0x2a425e19
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00005514
ID du processus défaillant : 0x3a94
Heure de début de l’application défaillante : 0x01d3a1013bc17909
Chemin d’accès de l’application défaillante : C:\Users\Maugan\AppData\Local\Temp\is-QIS07.tmp\setup.tmp
Chemin d’accès du module défaillant: botva2.dll
ID de rapport : 2a8415e2-5611-4949-a0f3-fb2edd45888c
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (02/07/2018 09:39:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x80004005
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/07/2018 09:39:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x80004005
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/07/2018 09:39:14 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x80004005
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (02/04/2018 01:58:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante uTorrent.exe, version : 2.2.1.25110, horodatage : 0x4d78393f
Nom du module défaillant : GDI32.dll, version : 10.0.16299.15, horodatage : 0xbf7b6630
Code d’exception : 0xc000041d
Décalage d’erreur : 0x00005b36
ID du processus défaillant : 0x4e4
Heure de début de l’application défaillante : 0x01d39d54ca61505b
Chemin d’accès de l’application défaillante : E:\Program Files (x86)\uTorrent\uTorrent.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\GDI32.dll
ID de rapport : 5a68dc73-a585-4955-a7c4-e315ca651e92
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (02/04/2018 12:09:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x80004005
Arguments de la ligne de commande :
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Erreurs système:
=============
Error: (02/17/2018 12:49:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service TeamViewer 12 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 2000 millisecondes : Redémarrer le service.
Error: (02/16/2018 10:05:07 PM) (Source: DCOM) (EventID: 10016) (User: PC-MAUGAN)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID PC-MAUGAN\Maugan de l’utilisateur (S-1-5-21-18911686-2275477452-3199720197-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/08/2018 11:23:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Update Orchestrator Service s’est arrêté avec l’erreur :
Cette opération s’est terminée car le délai d’attente a expiré.
Error: (02/01/2018 11:16:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 10:47:49 le 01/02/2018 n’était pas prévu.
Error: (01/20/2018 02:43:22 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/20/2018 02:33:14 PM) (Source: DCOM) (EventID: 10010) (User: PC-MAUGAN)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/20/2018 02:33:14 PM) (Source: DCOM) (EventID: 10010) (User: PC-MAUGAN)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/20/2018 02:21:16 PM) (Source: DCOM) (EventID: 10001) (User: PC-MAUGAN)
Description: Impossible de démarrer un serveur DCOM : Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca en tant que Non disponible/Non disponible. L’erreur
« 267 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
Windows Defender:
===================================
Date: 2018-02-08 23:20:29.297
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {5845E63E-7031-46B5-A6C8-F480188E0CD3}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2018-02-08 19:00:51.894
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe->[lowcase_mzpe];file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe->[lowcase_mzpe];process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : PC-MAUGAN\Maugan
Nom du processus : C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0
Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-02-08 19:00:51.629
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe->[lowcase_mzpe];process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : PC-MAUGAN\Maugan
Nom du processus : C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0
Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-02-08 19:00:01.744
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : PC-MAUGAN\Maugan
Nom du processus : C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0
Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-02-08 18:59:09.930
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : PC-MAUGAN\Maugan
Nom du processus : E:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0
Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-02-07 21:52:25.063
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80072ee2
Description de l’erreur : Le délai imparti à l’opération est dépassé
Date: 2018-02-07 21:52:25.063
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de signature : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80072ee2
Description de l’erreur : Le délai imparti à l’opération est dépassé
Date: 2018-02-07 21:52:25.063
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80072ee2
Description de l’erreur : Le délai imparti à l’opération est dépassé
Date: 2018-02-07 21:49:36.990
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
Date: 2018-02-07 21:49:36.990
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Pourcentage de mémoire utilisée: 57%
Mémoire physique - RAM - totale: 8154.53 MB
Mémoire physique - RAM - disponible: 3468.62 MB
Mémoire virtuelle totale: 9306.53 MB
Mémoire virtuelle disponible: 2764.66 MB
==================== Lecteurs ================================
Drive c: (Disque Windows) (Fixed) (Total:223.02 GB) (Free:133.33 GB) NTFS
Drive e: (Disque données) (Fixed) (Total:1862.89 GB) (Free:75.24 GB) NTFS
\\?\Volume{2c053695-b4ac-4328-ae88-d452ea69feda}\ (Récupération) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
\\?\Volume{27be7878-fe3a-46ed-8393-812f78b678d8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt ============================
Exécuté par Maugan (17-02-2018 12:22:26)
Exécuté depuis E:\Maugan\Bureau
Windows 10 Pro Version 1709 16299.192 (X64) (2017-10-27 19:22:46)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-18911686-2275477452-3199720197-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-18911686-2275477452-3199720197-503 - Limited - Disabled)
Invité (S-1-5-21-18911686-2275477452-3199720197-501 - Limited - Disabled)
Maugan (S-1-5-21-18911686-2275477452-3199720197-1001 - Administrator - Enabled) => C:\Users\Maugan
WDAGUtilityAccount (S-1-5-21-18911686-2275477452-3199720197-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20036 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Application Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Assassin's Creed: Syndicate (HKLM-x32\...\Assassin's Creed: Syndicate_is1) (Version: - )
Assassins's Creed 4: Black Flag (HKLM-x32\...\Assassins's Creed 4: Black Flag_is1) (Version: - )
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
Batman: Arkham City (HKLM-x32\...\Batman: Arkham City_is1) (Version: - )
Batman: Arkham Knight (HKLM-x32\...\Batman: Arkham Knight_is1) (Version: - )
BioShock 2 Remastered (HKLM-x32\...\BioShock 2 Remastered_is1) (Version: - )
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - )
BioShock Remastered (HKLM-x32\...\BioShock Remastered_is1) (Version: - )
Bulletstorm: Full Clip Edition (HKLM-x32\...\Bulletstorm: Full Clip Edition_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH)
CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crysis 3 (HKLM-x32\...\Crysis 3_is1) (Version: - )
Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - )
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version: - )
Discord (HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dishonored 2 (HKLM-x32\...\Dishonored 2_is1) (Version: - )
Dishonored: DotO (HKLM-x32\...\Dishonored: DotO_is1) (Version: - )
Dishonored: GotY Edition (HKLM-x32\...\Dishonored: GotY Edition_is1) (Version: - )
Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.91.005 - Portrait Displays, Inc.)
Dragon Ball: Xenoverse 2 (HKLM-x32\...\Dragon Ball: Xenoverse 2_is1) (Version: - )
Dying Light: The Following (HKLM-x32\...\Dying Light: The Following_is1) (Version: - )
Epic Games Launcher (HKLM-x32\...\{886E86E6-6673-4EAD-A4FF-6E087A661F4E}) (Version: 1.1.123.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: - )
Ghost Recon: Wildlands (HKLM-x32\...\Ghost Recon: Wildlands_is1) (Version: - )
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 2.08.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 2.08.0000 - GIGABYTE Technology Co.,Ltd.)
Goat Simulator: GOATY Edition (HKLM-x32\...\Goat Simulator: GOATY Edition_is1) (Version: - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.5.0.1051 - Intel Corporation)
Just Cause 3 (HKLM-x32\...\Just Cause 3_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{11B73856-A062-4E6B-A80E-A3F380BBAB65}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Life is Strange: Complete Season 1 (HKLM-x32\...\Life is Strange: Complete Season 1_is1) (Version: - )
Mad Max (HKLM-x32\...\Mad Max_is1) (Version: - )
MAGIX Contenu et Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{DFEE4333-B802-4E27-9521-2D9E970B7813}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MATLAB R2017a (HKLM\...\Matlab R2017a) (Version: 9.2 - MathWorks)
Microsoft Office 365 ProPlus - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.8431.2153 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{27a7f406-88d7-44ea-a775-b2146040b201}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{21a92a8d-968e-4b78-9af4-329f60d97ed7}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mirror's Edge: Catalyst (HKLM-x32\...\Mirror's Edge: Catalyst_is1) (Version: - )
Mises à jour NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Movie Studio 13.0 (64-bit) (HKLM\...\{16C8F9C0-B5A5-11E6-AF35-EF6B4CB4F8F1}) (Version: 13.0.208 - VEGAS)
Mozilla Firefox 58.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 58.0.2 (x64 fr)) (Version: 58.0.2 - Mozilla)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH)
NSUNS 3: Full Burst HD (HKLM-x32\...\NSUNS 3: Full Burst HD_is1) (Version: - )
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Pilote graphique 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation)
Ori and the Blind Forest: Definitive Edition (HKLM-x32\...\Ori and the Blind Forest: Definitive Edition_is1) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
Panneau de configuration NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\PhotoFiltre 7) (Version: - )
Pivot Pro Plugin (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 9.61.004 - Portrait Displays, Inc.) Hidden
Planet Coaster (HKLM-x32\...\Planet Coaster_is1) (Version: - )
Prey (HKLM-x32\...\Prey_is1) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
scilab-6.0.0 (64-bit) (HKLM\...\scilab-6.0.0 (64-bit)_is1) (Version: - Scilab Enterprises)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 3.10.003 - Portrait Displays, Inc.) Hidden
Sniper Elite 3 (HKLM-x32\...\Sniper Elite 3_is1) (Version: - )
Sniper Elite 4 (HKLM-x32\...\Sniper Elite 4_is1) (Version: - )
Sniper: Ghost Warrior 3 (HKLM-x32\...\Sniper: Ghost Warrior 3_is1) (Version: - )
Splinter Cell: Blacklist (HKLM-x32\...\Splinter Cell: Blacklist_is1) (Version: - )
Spotify (HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB)
Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.0 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Styx: Shards of Darkness (HKLM-x32\...\Styx: Shards of Darkness_is1) (Version: - )
Tales from the Borderlands (HKLM-x32\...\Tales from the Borderlands_is1) (Version: - )
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
TEKKEN 7 (HKLM-x32\...\TEKKEN 7_is1) (Version: - )
TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Unravel (HKLM-x32\...\Unravel_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 44.0 - Ubisoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vita Concert Grand LE (HKLM\...\{BFA88ABE-D175-42C7-B374-92A2D9333CAB}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Watch Dogs 2 (HKLM-x32\...\Watch Dogs 2_is1) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zemana AntiLogger (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-18911686-2275477452-3199720197-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Maugan\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-18911686-2275477452-3199720197-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Maugan\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-18911686-2275477452-3199720197-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Maugan\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2017-06-17] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2017-06-17] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00865218-4766-4DC3-8D2D-73B3FC8620E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-19] (Microsoft Corporation)
Task: {0C43EC5F-E087-423F-A000-C56273034A00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-19] (Microsoft Corporation)
Task: {1A69657B-76BC-4D5E-87FA-2D114E328A06} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Connect" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GIGABYTE OC GURU" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MSIAfterburner" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {293F6B92-2A91-471D-B099-8302DE8462FD} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {326192D2-BA95-46DF-A24A-4701D8AC4618} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-08-02] (MAGIX Software GmbH)
Task: {3751A105-749E-4A93-B499-024C94FA3D9A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {39E7CC6A-36F4-41CC-A2CB-4EBDB07D9893} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-28] (AVAST Software)
Task: {3A880277-B3A0-4C07-8A2F-C7A658D4C890} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {5724CC59-5557-4CDC-A587-2708AC789FDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
Task: {6DEC136F-EDC6-464D-BB8C-0A0B3A4A253D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {6FA2FEF0-DFAC-4260-B626-2DF4178EEBA3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {709E8EA6-1944-478F-B0E2-B123594A1730} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {78F8F16A-6F93-4F8D-AA49-87757692AFB1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {7D913358-C5ED-4929-9692-AF8B42ED20E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated)
Task: {8418598A-7CB6-4F61-9982-78FA6FA0657D} - System32\Tasks\CreateExplorerShellUnelevatedTask => c:\windows\explorer.exe /NOUACCHECK
Task: {9B37659C-9944-4CDF-A297-F6FCF663B073} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-19] (Microsoft Corporation)
Task: {9D8C8BCD-FA53-4B01-9920-4812EB39DB0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {9DF4C18B-908D-46CA-A95B-4E1A41475D56} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-12-15] ()
Task: {A9ECA067-0586-4D78-AF8D-8F8A66D61FDA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-08] (Adobe Systems Incorporated)
Task: {AE61A286-0E75-4D32-9D71-C4C7501B07B7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-19] ()
Task: {AF5A8171-00EA-49F6-B8DF-73ACFD887562} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {B087486A-AAAA-4A71-A76A-85F3DFB7BCA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
Task: {B3BAFEBB-BB32-4F19-A11A-255B213D109B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {B8A7ED1B-A0B1-48F7-9774-64E378597CFD} - System32\Tasks\{DC5F99F0-1B6D-4467-842D-14CBB40CF658} => C:\WINDOWS\system32\pcalua.exe -a E:\Games\Hitman\unins000.exe -d E:\Games\Hitman
Task: {C41EA81C-3C30-476F-8533-9A8044AF4066} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-06] (AVAST Software)
Task: {D2CEFD9D-3A82-4D4B-927D-D01D4FE31DD5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-19] ()
Task: {DDEBC3E9-E28E-4103-93B8-B4531C4260C9} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\remsh.exe
Task: {DF58F4E1-DF59-4536-BD5D-5ACEA120438D} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {DFFCD21B-BDED-48CA-BFAC-6432EE134399} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe
Task: {E27BFAE6-BCDE-4E6A-8776-40D1A953592A} - System32\Tasks\GIGABYTE OC GURU => C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2017-01-19] (GIGABYTE Technology Co.,Ltd.)
Task: {E8FC3DA9-ECE7-454D-B456-3A4AABCD8766} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {FE7010B7-E279-4E63-B594-8D98906F53B6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2017-09-08 16:48 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-23 20:55 - 2017-10-27 17:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-12-15 10:04 - 2017-12-15 10:04 - 000725288 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-06-17 10:35 - 2017-06-17 10:35 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll
2017-05-23 19:13 - 2013-06-18 11:26 - 000677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2017-05-23 19:13 - 2013-06-18 11:26 - 000714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
2017-09-28 23:15 - 2017-09-28 23:17 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2017-09-28 23:17 - 2017-09-28 23:17 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2017-09-28 23:17 - 2017-09-28 23:17 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-02-16 03:56 - 2018-02-16 03:56 - 025843200 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-02-16 03:56 - 2018-02-16 03:56 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-16 03:56 - 2018-02-16 03:56 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-02-08 23:29 - 2018-02-08 23:32 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-29 04:55 - 2017-09-29 05:04 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-16 03:56 - 2018-02-16 03:56 - 005527040 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000067984 _____ () C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000067920 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-12-14 18:56 - 2017-12-14 18:56 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2017-12-14 18:56 - 2017-12-14 18:56 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2017-12-14 18:56 - 2017-12-14 18:56 - 000232448 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2017-12-14 18:56 - 2017-12-14 18:56 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2017-12-14 18:57 - 2017-12-14 18:57 - 000566784 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2017-09-08 16:48 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-17 15:23 - 2017-11-29 06:09 - 000781088 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2017-05-19 17:22 - 2016-09-01 02:02 - 004969248 _____ () E:\Program Files (x86)\Steam\v8.dll
2017-12-17 15:23 - 2017-12-15 20:59 - 002558752 _____ () E:\Program Files (x86)\Steam\video.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 005137696 _____ () E:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 000351520 _____ () E:\Program Files (x86)\Steam\libavresample-3.dll
2017-05-19 17:22 - 2016-09-01 02:02 - 001563936 _____ () E:\Program Files (x86)\Steam\icui18n.dll
2017-05-19 17:22 - 2016-09-01 02:02 - 001195296 _____ () E:\Program Files (x86)\Steam\icuuc.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 000695584 _____ () E:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 000847136 _____ () E:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-17 15:23 - 2017-11-04 02:54 - 000783648 _____ () E:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-17 15:23 - 2017-12-15 20:59 - 000904992 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-05-19 17:21 - 2016-07-04 23:17 - 000266560 _____ () E:\Program Files (x86)\Steam\openvr_api.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-07-08 11:56 - 2017-07-08 11:56 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-12-28 12:40 - 2017-12-28 12:40 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2015-03-24 18:01 - 2015-03-24 18:01 - 000192512 _____ () C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvVGAConfig.dll
2017-10-15 13:03 - 2017-09-07 03:04 - 000678400 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-12-17 15:23 - 2017-10-31 05:44 - 071471904 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-05-19 17:21 - 2015-09-25 00:52 - 000119208 _____ () E:\Program Files (x86)\Steam\winh264.dll
2018-01-12 18:41 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Maugan\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-12 18:42 - 2018-02-15 18:45 - 001780216 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2018-01-12 18:41 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Maugan\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-12 18:41 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Maugan\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-12 18:42 - 2018-01-27 14:50 - 009817080 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-12 18:42 - 2018-02-01 23:30 - 001508344 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-12 18:42 - 2018-01-12 18:42 - 000513016 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-12 18:42 - 2018-01-12 18:42 - 002662904 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-12 18:42 - 2018-02-01 23:30 - 001518072 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2018-01-12 19:43 - 2018-01-12 19:43 - 002749944 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_contact_import\discord_contact_import.node
2017-12-17 15:23 - 2017-10-31 05:44 - 002020128 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-12-17 15:23 - 2017-10-31 05:44 - 000114464 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-05-18 20:16 - 2017-10-28 22:27 - 000004994 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 apps.skype.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
Il y a 93 plus de lignes.
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\Control Panel\Desktop\\Wallpaper -> E:\Maugan\Images\Wallpaper\Lion-Wallpaper-Hdnbspfond-ecran-hd3.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "Spotify"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{7D85BD3A-ABC1-43B5-9B37-D328DE4D3A49}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{08DBF042-5FEB-4095-BCF0-917B78FC07F0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{423BDAAD-91FB-475A-903A-EFEEC2ADEEB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{577B08B7-FB4C-4AEA-A24E-A1B329844B21}E:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) E:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{0FAE9FDB-C0D9-4622-8B24-77D015D1A884}E:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) E:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{CCC0D4B2-E1D9-4741-B729-B72A9DDD4FC9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{43A97F16-6D57-4E96-B1CD-8CA6F9072043}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1195C194-E334-4B87-AE3F-7FD2F08E7F4A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{4A3D700B-8724-4B09-9B09-EA756BFF68C3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{29B11104-03B5-4C4D-97A7-0FA0CD963296}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8086B143-F7E5-45A5-9288-237AEACB1098}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{37F5EE91-FF3D-4E8B-B9DA-1B404155F924}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{61A0306F-9252-466E-9F02-5516AC3B1ECE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [UDP Query User{DA3C9431-DBB7-46BA-A3BF-8A772EBC5991}E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe] => (Block) E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe
FirewallRules: [TCP Query User{4AAEDE90-7B2E-4677-A08A-73D711120D38}E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe] => (Block) E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe
FirewallRules: [{F9362AA5-69B6-45FF-9084-4A6080362D28}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{EB8762A0-D50A-4B1C-9988-41DD315A3182}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{8A43A23A-CB57-46D2-B5B6-FBC6618DD192}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FF7A5D00-9DBD-44C9-8757-EA261D9D606E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DD9FE133-2D3E-4A5C-AE3E-43023B2A544A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{56FAF207-72CE-40B3-AE3B-25BF6C66092D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{D8658D03-5AAE-4848-A762-0F951AE7E2D0}E:\games\far cry 4\bin\farcry4.exe] => (Allow) E:\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{D231A1D0-6E74-4CF1-82D4-48542F71A35B}E:\games\far cry 4\bin\farcry4.exe] => (Allow) E:\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{60D4C56D-70DE-498B-8344-25C2B63C09D1}E:\program files\openshot video editor\launch.exe] => (Allow) E:\program files\openshot video editor\launch.exe
FirewallRules: [TCP Query User{077EEC3F-73DF-48D8-B66F-18AD9EDFBA52}E:\program files\openshot video editor\launch.exe] => (Allow) E:\program files\openshot video editor\launch.exe
FirewallRules: [{A4A03276-E8D6-4D63-BD12-140DA2808273}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BRINK\brink.exe
FirewallRules: [{8D3D79C9-60B4-4142-BE9F-AA7DEEB6E5DD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BRINK\brink.exe
FirewallRules: [UDP Query User{743D88FA-D8B7-4836-9EA2-77E682AA275C}E:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) E:\games\batman - arkham city\binaries\win32\batmanac.exe
FirewallRules: [TCP Query User{FBA8B430-CEAC-4E16-99EA-61C4C035898D}E:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) E:\games\batman - arkham city\binaries\win32\batmanac.exe
FirewallRules: [UDP Query User{E3D0856A-F54E-41C6-A733-E2A22A4DD092}E:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored - goty edition\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{406A1BAB-4D22-470A-8EBE-A393F9FE070A}E:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored - goty edition\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{EADEDA82-7E38-4452-85E5-DD3843E2BF6F}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\maugan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8945BB63-FBEF-4900-978A-B4F3BBAFF13F}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\maugan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A8238D2E-50C5-4655-A79D-5B8F045DF431}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maugan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{037FC86C-F0CF-4446-B28B-95267AAFD72C}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maugan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{68E0FC2F-8BCC-4204-BAE3-715746599518}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{746ED4D3-D37C-4F04-B96F-79BD10AB8B4F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [UDP Query User{56C9B647-1442-4CE8-AA88-1E849ECB3ECC}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{776B0DD8-1813-4311-96F3-443A468CB99E}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{18EF663E-B99F-4693-9FF7-EB7A51FCE370}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{A1E569E4-05AC-410B-A503-130003D334CB}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{9D8C4FFD-0A35-4D8C-8EE9-2CC20A92A2D8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C1EF7A27-CFDF-4029-8156-4F8678A37335}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C5D467AD-EBBB-4B19-9ACA-51CE28727581}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1A4AD2D2-212F-4637-81C4-8F6E7D033061}] => (Block) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{F0605A0C-EAFF-4F58-9BDA-AF504BA6FFD4}] => (Block) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [UDP Query User{D9891E2F-5274-4799-8376-5072A9CC7E28}E:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [TCP Query User{67BEF66F-D30A-4AFC-A1C2-B4AD95E731CC}E:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{C1B451E9-8EBD-450D-A15E-81FF99D4F2C2}] => (Allow) E:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{124BC2BD-1659-4188-92FB-FCAF5371EA64}] => (Allow) E:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{EF2FF7FF-D77B-4861-81D0-8F9AEE5D395B}] => (Block) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{930A2525-D21E-4929-92DB-940D72D04A86}] => (Block) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{F8E4027E-0C1D-4B08-8F95-6E8CED94C219}C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [TCP Query User{E6C9AE1D-B184-4CBA-BCC0-D90903F6714A}C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{624A2605-8573-4C8D-919C-A157786FD6D5}] => (Block) E:\games\quantum break\dx11\quantumbreak.exe
FirewallRules: [{FF22CF74-98DC-41E3-AF9D-862557766328}] => (Block) E:\games\quantum break\dx11\quantumbreak.exe
FirewallRules: [UDP Query User{B170E8D2-F0EC-43D2-8D1C-50DC710C776D}E:\games\quantum break\dx11\quantumbreak.exe] => (Allow) E:\games\quantum break\dx11\quantumbreak.exe
FirewallRules: [TCP Query User{3DBB6EBB-2CCA-4F80-BD39-C62082EC8AFA}E:\games\quantum break\dx11\quantumbreak.exe] => (Allow) E:\games\quantum break\dx11\quantumbreak.exe
FirewallRules: [{521BC71E-38C2-42C8-B684-CE7EAF319BB2}] => (Block) E:\games\far cry - primal\bin\fcprimal.exe
FirewallRules: [{64D0F8E7-7EDA-4337-9F25-B07D432D2003}] => (Block) E:\games\far cry - primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{5200ED0B-5BCF-474D-B0A4-AE14822DFBF6}E:\games\far cry - primal\bin\fcprimal.exe] => (Allow) E:\games\far cry - primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{E410F98B-BA1C-4B82-9FB8-374A5354111F}E:\games\far cry - primal\bin\fcprimal.exe] => (Allow) E:\games\far cry - primal\bin\fcprimal.exe
FirewallRules: [{9A1A2D56-4113-42AE-940D-087B47D8E6D8}] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{BB5D9CFF-B449-475B-BD7A-A0C7AFF0ECCC}] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{456FFA2F-99CC-467D-BCD9-B984444B7DA9}E:\games\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{2D4E7513-74B6-40F9-8F87-6C64D6C54C84}E:\games\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{BA0DD08D-A5D4-4E3C-8CE9-5080B5535C92}] => (Block) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [{6EAB6FC7-B720-496D-A300-7C963812CBD6}] => (Block) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [UDP Query User{7F5963F5-8BAF-4802-B150-81FD72BD0033}E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe] => (Allow) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [TCP Query User{7B6B6D4D-1487-48AE-8737-B182A45F6705}E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe] => (Allow) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe
FirewallRules: [{C904B72E-D867-43E9-8C2A-27D2542DCA56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{34FFDCA3-2200-495B-9CE5-16544A719F87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7ED0CF59-5B00-44E8-9E9A-3ED70C9E7E0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{326D156B-9143-427C-9CDE-C96F7F5831FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{98E87266-6596-483D-BF55-1F18DA07858F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{37530080-050B-44B1-80B5-87274D8749C6}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{B983156D-BC00-432D-AED8-32F368B678FD}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{898E92A6-95E7-4F25-B151-45AC633A705B}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{6ED761F7-9147-44DD-989B-87785B34BBA7}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{2D036481-3C45-4F98-A5D8-55309ABDA6C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{67A79304-F5CE-4450-A3F2-7CEAE68F16F6}E:\program files (x86)\hearthstone\hearthstone.exe] => (Block) E:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{2077521E-2F40-4A39-834E-F9320DDC94A4}E:\program files (x86)\hearthstone\hearthstone.exe] => (Block) E:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe
FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe
FirewallRules: [{88822580-026A-4617-8175-5683DEC9702E}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{774786C1-8E06-4771-9755-2383A5062F18}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6B5B6238-A42C-4966-8164-BBA99AA1F756}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{045838D9-E306-4A28-9700-AA46F0AE2163}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FB33D2A5-4CB9-4F74-B108-B792977128BF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{D4EC023A-33A1-47A9-9903-73BD4C8EB658}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{8E334CC6-A12E-41EE-8C66-8ECBD6A21612}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{803C0EC1-211F-45BA-AF06-A0A0E6541009}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{050DC654-26A2-44C4-AFA8-2D2C7A354A28}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{24E69BAD-54E4-46F7-8586-AB072769CC67}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C688214A-B514-4B9F-BF96-79AA60F4BF4C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{6E605186-ED0E-4F08-9681-A143AC41D1A0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{379439E9-705E-4199-B530-35948E3E899C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{25A1F391-9979-4ACF-B066-12463954BA66}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{64F688BA-E76E-4897-8BF1-919187DF214F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{A207232C-67C9-4EF1-B276-5640E1455E67}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{A1093E11-E3D9-4A3B-A5CA-DB2010FEC5F3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{53F64268-3CE6-477B-8C2C-7AF7F00E73DF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{2BCB2EC9-3643-42CD-BA62-EABFEA05EA06}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{0F58614A-C68D-4004-85A0-21B8AE5A3C52}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{B2FAD79D-7D2A-45FB-92B1-884C598AC641}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4BB74623-94FE-4B57-A3EF-4C88CB2C90C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F9FCF23D-7809-4C75-A136-7C7FE7DE219B}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [{4CA42252-0E0F-4BC3-B10D-34B380630089}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [TCP Query User{B9A15A14-7EE4-4BCF-AB36-345D2567D1C3}E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AC83DDF5-F8FC-44E3-B627-B8D914D4606B}E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [{BD8C1739-F48E-4327-BB69-92215A6EA934}] => (Block) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [{8994E5FD-3274-4323-933E-A487F5F1445F}] => (Block) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [{1791D131-1FAE-4C13-8F46-21D34375A295}] => (Block) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{CEF4DCDB-4E60-47C2-85CB-6E7CED1B4554}E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [UDP Query User{C8D902AA-7C91-4C57-BD69-CCFCA28C7F1E}E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [TCP Query User{9A74CDD8-7B0C-4012-BAB3-7530AF31CFB2}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{8D6B8810-5EDE-4906-A703-DA55DA9A505E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{17310C27-7D9B-4837-AF13-F55B167D64A8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3037C3F5-06E4-45F9-8C5A-4792FD666AE1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{39C3D995-BB79-4279-A6A3-347490D83C6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EE3537BE-B96F-4FC8-A093-E7C787444582}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{F9797BAA-D9EB-4ECB-A88F-AF9A9B3CA7E9}E:\program files\matlab\r2017a\bin\win64\matlab.exe] => (Allow) E:\program files\matlab\r2017a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{9C0F4983-6C7F-456B-BB4C-7A539B7849B3}E:\program files\matlab\r2017a\bin\win64\matlab.exe] => (Allow) E:\program files\matlab\r2017a\bin\win64\matlab.exe
FirewallRules: [{B5E36C50-FFFF-42EF-86A2-28D086363435}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{3A48CAA9-1CEA-484C-AF10-FA8B9A13CEA8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{B8707A6E-7896-4D01-A518-E5A209666D42}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DECB881E-9353-48D7-B421-2DA8A2947F77}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4A25CEB-AABA-40B8-8789-7093A9D6C776}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{54DE71A0-5D85-46D5-B91E-88E0AE3D9BEE}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E1DC0F6D-3B79-4E1C-A1DD-8D7CAC1C1E6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{52C3A29C-D10C-419F-80AD-6BEF4C016CEF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{7BAC59F5-565A-4A25-A2D4-96465EFD7195}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{06E0FC55-9055-420C-A5BE-75026774CB3D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{470D51A6-DC59-4E0B-ABBC-39F38761385B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{BA11A040-55D8-46BE-90F8-9E81E18E92F7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{C6453BDD-5949-447D-8CA0-6AFE652FF3D7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{0D180CC7-F7AF-4F1C-957A-E985CA566941}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{75313528-0FD9-41A8-B1F3-41A8DE081F8D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{AF6B383F-EFFF-40F6-9755-3C56695C9DBA}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe
FirewallRules: [{AA921351-34CE-400B-8F3F-84D0262F2001}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe
FirewallRules: [{3EB90671-F4F2-40B8-9DCE-48E4DD3CD35B}] => (Allow) LPort=1688
FirewallRules: [{59A71822-3B48-4B88-A80D-0AA631889669}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe
FirewallRules: [{D0CD19A1-330C-4C12-B4D9-C3569D67DCDC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe
FirewallRules: [{60DBD3CA-1716-4823-A420-4CF611DD9164}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe
==================== Points de restauration =========================
27-01-2018 11:41:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
02-02-2018 17:59:03 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
08-02-2018 22:16:00 Windows Update
15-02-2018 22:48:55 Point de contrôle planifié
==================== Éléments en erreur du Gestionnaire de périphériques =============
Name: Clavier standard PS/2
Description: Clavier standard PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Claviers standard)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Souris Microsoft PS/2
Description: Souris Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (02/08/2018 07:47:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante uTorrent.exe, version : 2.2.1.25110, horodatage : 0x4d78393f
Nom du module défaillant : GDI32.dll, version : 10.0.16299.15, horodatage : 0xbf7b6630
Code d’exception : 0xc000041d
Décalage d’erreur : 0x00005b36
ID du processus défaillant : 0x23a4
Heure de début de l’application défaillante : 0x01d3a053fa631324
Chemin d’accès de l’application défaillante : E:\Program Files (x86)\uTorrent\uTorrent.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\GDI32.dll
ID de rapport : 47017ba1-fada-4c66-8baa-22cdf3e075ed
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (02/08/2018 06:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante setup.tmp, version : 51.1052.0.0, horodatage : 0x506a75b5
Nom du module défaillant : botva2.dll_unloaded, version : 0.9.7.151, horodatage : 0x2a425e19
Code d’exception : 0xc000041d
Décalage d’erreur : 0x00005514
ID du processus défaillant : 0x3a94
Heure de début de l’application défaillante : 0x01d3a1013bc17909
Chemin d’accès de l’application défaillante : C:\Users\Maugan\AppData\Local\Temp\is-QIS07.tmp\setup.tmp
Chemin d’accès du module défaillant: botva2.dll
ID de rapport : 7258b269-fef9-4716-a342-0c9c8079df33
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (02/08/2018 06:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante setup.tmp, version : 51.1052.0.0, horodatage : 0x506a75b5
Nom du module défaillant : botva2.dll_unloaded, version : 0.9.7.151, horodatage : 0x2a425e19
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00005514
ID du processus défaillant : 0x3a94
Heure de début de l’application défaillante : 0x01d3a1013bc17909
Chemin d’accès de l’application défaillante : C:\Users\Maugan\AppData\Local\Temp\is-QIS07.tmp\setup.tmp
Chemin d’accès du module défaillant: botva2.dll
ID de rapport : 2a8415e2-5611-4949-a0f3-fb2edd45888c
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (02/07/2018 09:39:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x80004005
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/07/2018 09:39:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x80004005
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (02/07/2018 09:39:14 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x80004005
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (02/04/2018 01:58:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante uTorrent.exe, version : 2.2.1.25110, horodatage : 0x4d78393f
Nom du module défaillant : GDI32.dll, version : 10.0.16299.15, horodatage : 0xbf7b6630
Code d’exception : 0xc000041d
Décalage d’erreur : 0x00005b36
ID du processus défaillant : 0x4e4
Heure de début de l’application défaillante : 0x01d39d54ca61505b
Chemin d’accès de l’application défaillante : E:\Program Files (x86)\uTorrent\uTorrent.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\GDI32.dll
ID de rapport : 5a68dc73-a585-4955-a7c4-e315ca651e92
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (02/04/2018 12:09:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x80004005
Arguments de la ligne de commande :
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Erreurs système:
=============
Error: (02/17/2018 12:49:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service TeamViewer 12 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 2000 millisecondes : Redémarrer le service.
Error: (02/16/2018 10:05:07 PM) (Source: DCOM) (EventID: 10016) (User: PC-MAUGAN)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID PC-MAUGAN\Maugan de l’utilisateur (S-1-5-21-18911686-2275477452-3199720197-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (02/08/2018 11:23:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Update Orchestrator Service s’est arrêté avec l’erreur :
Cette opération s’est terminée car le délai d’attente a expiré.
Error: (02/01/2018 11:16:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 10:47:49 le 01/02/2018 n’était pas prévu.
Error: (01/20/2018 02:43:22 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/20/2018 02:33:14 PM) (Source: DCOM) (EventID: 10010) (User: PC-MAUGAN)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/20/2018 02:33:14 PM) (Source: DCOM) (EventID: 10010) (User: PC-MAUGAN)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/20/2018 02:21:16 PM) (Source: DCOM) (EventID: 10001) (User: PC-MAUGAN)
Description: Impossible de démarrer un serveur DCOM : Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca en tant que Non disponible/Non disponible. L’erreur
« 267 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
Windows Defender:
===================================
Date: 2018-02-08 23:20:29.297
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {5845E63E-7031-46B5-A6C8-F480188E0CD3}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2018-02-08 19:00:51.894
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe->[lowcase_mzpe];file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe->[lowcase_mzpe];process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : PC-MAUGAN\Maugan
Nom du processus : C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0
Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-02-08 19:00:51.629
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe->[lowcase_mzpe];process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : PC-MAUGAN\Maugan
Nom du processus : C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0
Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-02-08 19:00:01.744
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : PC-MAUGAN\Maugan
Nom du processus : C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0
Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-02-08 18:59:09.930
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : PC-MAUGAN\Maugan
Nom du processus : E:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0
Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-02-07 21:52:25.063
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80072ee2
Description de l’erreur : Le délai imparti à l’opération est dépassé
Date: 2018-02-07 21:52:25.063
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de signature : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80072ee2
Description de l’erreur : Le délai imparti à l’opération est dépassé
Date: 2018-02-07 21:52:25.063
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80072ee2
Description de l’erreur : Le délai imparti à l’opération est dépassé
Date: 2018-02-07 21:49:36.990
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
Date: 2018-02-07 21:49:36.990
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.261.746.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.14500.5
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Pourcentage de mémoire utilisée: 57%
Mémoire physique - RAM - totale: 8154.53 MB
Mémoire physique - RAM - disponible: 3468.62 MB
Mémoire virtuelle totale: 9306.53 MB
Mémoire virtuelle disponible: 2764.66 MB
==================== Lecteurs ================================
Drive c: (Disque Windows) (Fixed) (Total:223.02 GB) (Free:133.33 GB) NTFS
Drive e: (Disque données) (Fixed) (Total:1862.89 GB) (Free:75.24 GB) NTFS
\\?\Volume{2c053695-b4ac-4328-ae88-d452ea69feda}\ (Récupération) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
\\?\Volume{27be7878-fe3a-46ed-8393-812f78b678d8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt ============================