Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:18-04-2016 Exécuté par amir (2016-04-19 19:44:25) Exécuté depuis C:\Users\amir\Desktop Windows 10 Home Version 1511 (X64) (2016-02-05 00:45:21) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-163684358-3070949431-2119094716-500 - Administrator - Disabled) amir (S-1-5-21-163684358-3070949431-2119094716-1003 - Administrator - Enabled) => C:\Users\amir DefaultAccount (S-1-5-21-163684358-3070949431-2119094716-503 - Limited - Disabled) Invité (S-1-5-21-163684358-3070949431-2119094716-501 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.) ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 11.2.2261 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games) Catalyst Control Center Next Localization BR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform) Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd) Discord (HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\Discord) (Version: 0.0.287 - Hammer & Chisel, Inc.) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) DVD Decoder Pak for Windows XP (HKLM-x32\...\{92C5DB3D-9D6F-4324-BB11-57825F4C2635}) (Version: 1.0.0 - roddy2000@hotbox.ru) Enclave (HKLM\...\Steam App 253980) (Version: - Starbreeze) Epic Games Launcher (HKLM-x32\...\{A1C97AE7-FB6B-425F-B75B-7A16E1E5639D}) (Version: 1.1.52.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden f.lux (HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\Flux) (Version: - ) FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse) Firestorm Launcher version 1.0 (HKLM-x32\...\{008D5963-9A73-4472-8C16-A5BF04491B9D}_is1) (Version: 1.0 - Firestorm) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.150.0 - International GeoGebra Institute) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.75 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Hard Room (HKLM\...\Steam App 431560) (Version: - Evgeny Shcherbakov) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Heroes of the Storm Public Test (HKLM-x32\...\Heroes of the Storm Public Test) (Version: - Blizzard Entertainment) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HOTSLogsUploader (HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\99a83d131490dc73) (Version: 1.0.0.12 - HOTSLogsUploader) InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios) InterActual Player (HKLM-x32\...\InterActual Player) (Version: - ) Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version: - Paradox North) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{4549ceb8-695a-42eb-a183-4820d542a15f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{121727D5-FDF3-4723-BA57-EB383440ED72}) (Version: 4.11.9775 - Apache Software Foundation) Oracle VM VirtualBox 4.3.28 (HKLM\...\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}) (Version: 4.3.28 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Princess.Loot.Pixel.Again (HKLM\...\Steam App 414290) (Version: - EfimovMax) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Raptr (HKLM-x32\...\Raptr) (Version: 5.1.2-r111396-release - Raptr, Inc) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.) Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC) SafeZone Stable 1.48.2066.98 (x32 Version: 1.48.2066.98 - Avast Software) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) SMITE (HKLM-x32\...\Steam App 386360) (Version: - Hi-Rez Studios) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer) Teeworlds (HKLM-x32\...\Steam App 380840) (Version: - Teeworlds Team) Trine (HKLM-x32\...\Steam App 35700) (Version: - Frozenbyte) Two Worlds: Epic Edition (HKLM\...\Steam App 1930) (Version: - Reality Pump Studios) Unity Web Player (HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\UnityWebPlayer) (Version: 5.3.4f1 - Unity Technologies ApS) Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) Warcraft version V1.0 (HKLM-x32\...\{DDD719C5-9C70-4EDA-8ECE-CB880790F651}_is1) (Version: V1.0 - Abandonware-France) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-163684358-3070949431-2119094716-1003_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\amir\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0686F106-1310-47FC-A371-7195F27A60C2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {14FD4157-3712-4BF5-B173-AD7157CE044E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-18] (Google Inc.) Task: {1B29C940-14BF-4421-9D0D-43C63245DCE8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {27B16D17-640A-43D4-8996-BFECA942D14A} - System32\Tasks\{908DB420-16E2-44E3-BF00-A6F03F9B3979} => pcalua.exe -a "C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 11\unins000.exe" Task: {2AFE47C0-35F7-4DB5-B834-CB38D42BBFEC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation) Task: {391BC8BE-AA7A-4FF5-A186-731831A2FEDC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {4F2355A6-F87C-46C3-8F78-509F5B3AA201} - System32\Tasks\SafeZone scheduled Autoupdate 1461004395 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-30] (Avast Software) Task: {511851E9-260B-45D1-9643-9902C1889E41} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {5E46F0B4-43EF-4F01-A492-30AFA68AE422} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {7D6B5112-3A75-4CEF-94ED-1DDA198932A3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated) Task: {7FC3A26A-7100-4683-B891-89DAB4D5F47F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {9279C6F5-7080-4244-B8FF-B8532086C356} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {9FF07391-02D9-4674-A5DB-C5C65E7BDF0B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> Pas de fichier <==== ATTENTION Task: {A1EC49A1-B87F-41B1-AF4C-A857D5974D31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-18] (Google Inc.) Task: {AF7A8540-0321-4597-B7CA-EEC544DEDAD1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {BBAEDC64-B0E8-43F4-B608-045D2FC98ECC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {C091DB1C-D838-4FF9-B68C-5AE2631EA421} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd) Task: {CEA204B9-5DAE-4AE8-BA6F-F9948829B129} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {CEABAB8A-D7B9-46EB-8230-4C9C0897DBFC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {E9EFE306-E1F8-4783-A115-E5FED4F09779} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {F0B8C62F-DC59-442A-8602-6B0B5EEE24DE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.) Task: {F5ED1E19-BF33-4BB0-A2B4-BFA4CE9091BB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {FAE25D38-1DD5-4E7A-9C6F-1C612C3F34A9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-04-18] (AVAST Software) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-13 19:40 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 19:40 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-03-16 12:17 - 2016-03-16 12:17 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2016-02-12 23:13 - 2016-02-12 23:13 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2016-02-06 02:08 - 2016-02-06 02:09 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-02-05 01:24 - 2016-02-05 01:24 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-04-13 19:38 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-04-13 19:39 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-04-13 19:39 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-13 19:40 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-04-13 19:40 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-04-18 20:27 - 2016-04-18 20:27 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-04-18 20:27 - 2016-04-18 20:27 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-04-18 20:32 - 2016-04-18 20:32 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041800\algo.dll 2016-04-19 17:44 - 2016-04-19 17:44 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041900\algo.dll 2016-04-18 20:27 - 2016-04-18 20:27 - 00478144 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-04-18 20:27 - 2016-04-18 20:27 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-02-06 02:08 - 2016-02-06 02:09 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-02-06 02:08 - 2016-02-06 02:10 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-12-05 11:21 - 2015-12-05 11:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll 2016-04-18 17:39 - 2016-04-13 10:37 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.75\libglesv2.dll 2016-04-18 17:39 - 2016-04-13 10:36 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.75\libegl.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver" ==================== EXE Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 15:25 - 2016-04-08 04:53 - 00008128 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 3dns.adobe.com 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 3dns-5.adobe.com 127.0.0.1 activate.wip1.adobe.com 127.0.0.1 activate.wip2.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 activate.wip4.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-1.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 adobe-dns-4.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 ereg.adobe.com 127.0.0.1 ereg.wip.adobe.com Il y a 105 plus de lignes. ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-163684358-3070949431-2119094716-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\amir\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 212.27.40.241 - 212.27.40.240 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "StartCN" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "GrpConv" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\StartupApproved\Run: => "AppEx Accelerator UI" HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\StartupApproved\Run: => "HydraVisionDesktopManager" HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\StartupApproved\Run: => "BingSvc" HKU\S-1-5-21-163684358-3070949431-2119094716-1003\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{93D76608-D7B4-482E-B1F3-8A3E35F515CF}C:\program files (x86)\heroes of the storm public test\versions\base40336\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm public test\versions\base40336\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{F0F0D37F-1A6E-48FC-ADC6-16A66DD33814}C:\program files (x86)\heroes of the storm public test\versions\base40336\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm public test\versions\base40336\heroesofthestorm_x64.exe FirewallRules: [{9F20BC69-74FD-41C2-9609-09013A618297}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [{D0F86B54-EED9-4732-A710-C8CC139E2C13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [{08CA3E1B-CF60-48EF-AE75-69D68AD4E290}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{900A0C47-5C9D-413D-8DB1-A808EC3B7D12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{3C15A490-FA44-4D7F-B6AF-1B2E5F9AE5E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe FirewallRules: [{FA379A1C-260A-417F-975D-E6F01F71188B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe FirewallRules: [UDP Query User{C7BFFFBE-C176-486E-A466-38A4F8615DA9}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe FirewallRules: [TCP Query User{86F25E68-1CFE-4195-A924-03535C2773B0}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe FirewallRules: [{E53D26DB-6211-444F-9D34-375B0FF11EA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe FirewallRules: [{0B8A6846-DC29-43CD-8AD9-30FD4D23C9E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe FirewallRules: [UDP Query User{9D69B590-8AE9-4EA2-846D-62D5FFE2D295}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{09CB2303-93C7-478B-8228-B52801B5C2E3}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe FirewallRules: [{9793EEF3-6452-4709-B3C4-810EA46D5024}] => (Allow) LPort=3306 FirewallRules: [{D61B752D-179F-49BB-A96A-141F4EE7078F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Teeworlds\teeworlds.exe FirewallRules: [{015AADBB-05C5-44FE-B822-CE5ECEF4509D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Teeworlds\teeworlds.exe FirewallRules: [UDP Query User{19EC7C0C-C7F7-414B-8BCB-ABA49A089CE8}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{6AD7A516-9C8F-4B5E-B1D5-7F34FBCE51AE}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [{6649B927-7D97-4CC8-BE0F-2ACE9DEA5F12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [{9BAA6AF8-9AC6-47F5-9D3C-25FD48C9E8B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [{780317CD-3FE7-4E84-BAEC-92FA75F1D87E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [{7570BE5E-7E81-46D7-9122-6EFC2C22E945}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [{44D86505-AE77-40CA-88E4-1F4F3C32B6E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe FirewallRules: [{90C7DCBA-DB2F-4763-A2BA-9B9846AE03E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe FirewallRules: [{560519E1-E54F-45AE-AD28-C42B299F005C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{6250EC3D-81E3-4C79-A327-0C981071B68B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [UDP Query User{EE60FDF8-F41E-4E3E-8590-7EDD57345BAE}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe FirewallRules: [TCP Query User{5EBC8DCD-BC84-4496-BCE7-52F9B4EA0848}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe FirewallRules: [UDP Query User{762FEB4D-78F8-4CB3-B3E3-F1BB9D5433C7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{F75DBB9B-010A-4C8C-BAA7-57A4D0826A68}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{2441C63B-8632-4167-8623-35E8C8B317F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{D868F92C-A5C6-4266-A03A-E4D7DB616FE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{CE29CCFD-6FB1-4F22-A0F3-8ABD1D37936F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{40CDE265-D87D-42C1-9110-2591FA75AC15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DA575819-4C84-418C-B664-68A23998115F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{547D5926-B71A-465C-A429-2C1D3B63D1BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{24F39159-E9EF-4EE8-8736-CA7F2B890C73}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{6106E18C-17EF-4EFD-919F-277140DC2EE4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{4D4ECCB6-5610-4BA2-A0A7-1C634E38639A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{9E0BB74D-6510-453F-9699-576CE9C1CBC3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{ECE016D6-A839-40AB-BFD5-ABE2FBD46A96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{06C8B3BB-7822-4827-8189-07343C3889B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{02F2139A-B8A3-4B08-8A44-3E0C51FF8836}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{C60696DF-08C9-4195-81D9-01C37C7674E0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{1FB37C12-D07E-4940-90FE-A2DEAD766AA4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{7444B070-8E08-48C8-A0B1-22DE9F908422}] => (Allow) LPort=1900 FirewallRules: [{FFC0F777-525B-4416-8BC1-E5B95DBB29E8}] => (Allow) LPort=2869 FirewallRules: [{E7FB244F-0022-40A0-B0B6-83F6DE5AC5C1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [TCP Query User{64987F5A-767B-4557-BC03-17AC4AF25E7E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{F80A04DF-2DD6-450E-B75F-6ADA51F3A9A2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{4A3FF75F-1450-40F7-84E9-096F13EB107A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BDF5C242-6A89-4526-AE96-6E5EA106C2A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{86F34DEE-5133-4AE9-8236-240B141B8E0A}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{9FC115E3-5594-49B5-8AB1-92B56A6614E9}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{5FB988B4-60F8-40D5-91DA-BCFD7A315B9D}] => (Allow) C:\Users\amir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{209AEFEA-C261-4AA0-B2EA-0529D585308E}] => (Allow) C:\Users\amir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CABD1DFC-F446-421A-8009-3E253B57AAAF}] => (Allow) C:\Users\amir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{000D74E9-FC1B-40BF-8C16-F0EC35FDA476}] => (Allow) C:\Users\amir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5B7C5110-2F90-4D26-B7D3-97535C15E730}] => (Allow) C:\Users\amir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1C9B9EC9-3B74-4D2F-9F8F-8CA790957D16}] => (Allow) C:\Users\amir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{AFAC1560-3443-4F0C-ADE7-7BB3C1C41948}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{3AF6B705-3965-4F29-840D-0DC1C301E1E7}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe FirewallRules: [{FCE4E002-A894-426E-9000-C5C47B5FC8A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess.Loot.Pixel.Again\game.exe FirewallRules: [{D907BA73-65FB-4524-9F10-235FB2689E14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess.Loot.Pixel.Again\game.exe FirewallRules: [{7BB45FB7-DEF0-47DB-B82D-F08436E5DBA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HardRoom\hardroom.exe FirewallRules: [{F81AE9BB-C263-4FA9-BE60-F7AA4FB39DE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HardRoom\hardroom.exe FirewallRules: [{0F46E901-3AEF-4605-91F8-212CBE25AA9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe FirewallRules: [{59155560-A15A-458D-8911-DC5EACFD9010}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe FirewallRules: [{7DD8940E-A64C-4A9E-9122-DE3870CE4FFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe FirewallRules: [{1B7FC064-BF3D-4024-A5A5-2A6DFC5D5C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe FirewallRules: [{248A8554-6591-46E2-BEE8-955411F583BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Enclave\Enclave.exe FirewallRules: [{E1430FA5-FA3D-4478-A437-DDBAA75FFF34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Enclave\Enclave.exe FirewallRules: [{0851D709-B47E-43CB-A3FD-C32D318C629B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{EDEE46CD-57C7-4302-B8E0-8B409D620846}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{74534054-6FD0-4A8A-A5F4-BF27DA2B3D29}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{49180912-C7EB-45FA-BAD8-4BB4803E07CF}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{B61A222D-7676-4705-B687-BE47CA22A3FB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Points de restauration ========================= 14-04-2016 03:36:55 Installed NVIDIA PhysX 15-04-2016 16:50:39 DirectX est installé 17-04-2016 02:20:01 ResetBrowser 18-04-2016 17:29:48 Removed Google Chrome ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (04/19/2016 06:58:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme League of Legends.exe version 6.7.139.4318 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : c8c Heure de début : 01d19a5c25a3dfe5 Heure de fin : 848 Chemin d'accès de l'application : C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.128\deploy\League of Legends.exe ID de rapport : e10e5b6f-064f-11e6-832e-c03fd54e4141 Nom complet du package défaillant : ID de l'application relative au package défaillant : Error: (04/19/2016 05:43:35 PM) (Source: amdacpusrsvc) (EventID: 0) (User: ) Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED Error: (04/19/2016 05:43:35 PM) (Source: amdacpusrsvc) (EventID: 0) (User: ) Description: amdacpusrsvcacpusrsvc: GfxMemServiceInitialize: FAILED Error: (04/19/2016 05:43:35 PM) (Source: amdacpusrsvc) (EventID: 0) (User: ) Description: amdacpusrsvcacpusrsvc: InitalizationForWDDM_2_0: EvictSurfaceEvictSurface : FAILED Error: (04/19/2016 05:43:35 PM) (Source: amdacpusrsvc) (EventID: 0) (User: ) Description: amdacpusrsvcacpusrsvc: InitalizationForWDDM_2_0: EvictSurfaceEvictSurface : FAILED Error: (04/19/2016 05:43:35 PM) (Source: amdacpusrsvc) (EventID: 0) (User: ) Description: amdacpusrsvcacpusrsvc: InitalizationForWDDM_2_0: EvictSurfaceEvictSurface : FAILED Error: (04/19/2016 05:43:35 PM) (Source: amdacpusrsvc) (EventID: 0) (User: ) Description: amdacpusrsvcacpusrsvc: InitalizationForWDDM_2_0: Target FB Allocation : FAILED Error: (04/18/2016 06:22:24 PM) (Source: COM) (EventID: 10031) (User: ) Description: {CDC82860-468D-4D4E-B7E7-C298FF23AB2C} Error: (04/18/2016 06:22:24 PM) (Source: COM) (EventID: 10031) (User: ) Description: {CDC82860-468D-4D4E-B7E7-C298FF23AB2C} Error: (04/18/2016 05:30:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Erreurs système: ============= Error: (04/19/2016 05:43:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service APXACC n’a pas pu démarrer en raison de l’erreur : %%31 Error: (04/19/2016 05:43:22 PM) (Source: APXACC) (EventID: 1003) (User: ) Description: The NDIS6 LWF initialization has failed. (0xC0000001) Error: (04/19/2016 05:43:18 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 20:59:01 le ‎18/‎04/‎2016 n’était pas prévu. Error: (04/18/2016 02:21:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Accès aux données utilisateur_18016df s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (04/18/2016 02:21:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Stockage des données utilisateur_18016df s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (04/18/2016 02:21:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Données de contacts_18016df s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (04/18/2016 02:21:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Hôte de synchronisation_18016df s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (04/18/2016 02:21:08 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible Error: (04/17/2016 05:42:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Accès aux données utilisateur_9e51fe s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Error: (04/17/2016 05:42:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Stockage des données utilisateur_9e51fe s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. CodeIntegrity: =================================== Date: 2016-04-15 14:30:38.271 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-14 11:08:52.506 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-09 21:45:38.777 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-111387.dll that did not meet the Store signing level requirements. Date: 2016-04-08 15:13:35.518 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-07 17:14:02.771 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-07 17:14:02.751 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-07 17:14:02.712 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-07 17:14:02.521 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-07 17:13:54.830 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-07 17:13:49.243 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: AMD A10-7800 Radeon R7, 12 Compute Cores 4C+8G Pourcentage de mémoire utilisée: 67% Mémoire physique - RAM - totale: 3948.49 MB Mémoire physique - RAM - disponible: 1290.26 MB Mémoire virtuelle totale: 6764.49 MB Mémoire virtuelle disponible: 3579.29 MB ==================== Lecteurs ================================ Drive c: (Boot) (Fixed) (Total:869.36 GB) (Free:406.48 GB) NTFS Drive d: (Recover) (Fixed) (Total:60 GB) (Free:16.78 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 79A7DC34) Partition: GPT. ==================== Fin de Addition.txt ============================