Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 17-08-2016 Exécuté par Cam' (19-08-2016 01:55:10) Exécuté depuis C:\Users\Cam'\Downloads Windows 10 Home Version 1607 (X64) (2016-08-16 21:07:06) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-837621063-972018106-1016489498-500 - Administrator - Disabled) => C:\Users\Administrateur Cam' (S-1-5-21-837621063-972018106-1016489498-1001 - Administrator - Enabled) => C:\Users\Cam' DefaultAccount (S-1-5-21-837621063-972018106-1016489498-503 - Limited - Disabled) Invité (S-1-5-21-837621063-972018106-1016489498-501 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.1.0 - IObit) Alan Wake's American Nightmare (HKLM-x32\...\Steam App 202750) (Version: - Remedy Entertainment) Ansel (Version: 372.54 - NVIDIA Corporation) Hidden Apple Application Support (32 bits) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 12.2.2276 - AVAST Software) Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version: - Rocksteady Studios) BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - ) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch) CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform) Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair) CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts) Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version: - Sports Interactive) Fraps (HKLM-x32\...\Fraps) (Version: - ) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard) Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.) Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Logitech - Assistant pour jeux vidéo 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Mark of the Ninja (HKLM\...\Steam App 214560) (Version: - Klei Entertainment) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.7070.2033 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mises à jour NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.54 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Pilote graphique 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation) NVIDIA Son virtuel Miracast 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7030.1021 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7030.1021 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7030.1021 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.) Panneau de configuration NVIDIA 372.54 (Version: 372.54 - NVIDIA Corporation) Hidden qBittorrent 3.3.6 (HKLM-x32\...\qBittorrent) (Version: 3.3.6 - The qBittorrent project) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.) Resident Evil 6 / Biohazard 6 (HKLM\...\Steam App 221040) (Version: - Capcom) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games) SafeZone Stable 1.51.2220.47 (x32 Version: 1.51.2220.47 - Avast Software) Hidden SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.) Spec Ops: The Line (HKLM\...\Steam App 50300) (Version: - Yager Development) Spotify (HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly) Unity Web Player (HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) WinRAR 4.00 (32 bits) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-837621063-972018106-1016489498-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Cam'\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {018EE555-5218-4BB1-9440-13CBAC3AAA16} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation) Task: {0ACC68B9-72A3-4427-87F0-FD752501B58A} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe Task: {373DA6D6-F035-426A-8696-29A5D6E5E4CA} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-05-27] () Task: {3811280C-A081-42D7-9753-F3A422DB9087} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-03] (Microsoft Corporation) Task: {4FB39513-4BB4-44AF-B3C5-217CAE34950D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-20] (Adobe Systems Incorporated) Task: {59A08763-B0B2-4C52-910D-CF0903F6AEFA} - System32\Tasks\ASC9_SkipUac_Cam' => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-01-18] (IObit) Task: {5BE91AA6-4313-4E4B-9C09-33DBE53D8152} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation) Task: {5FD86118-DFB4-419E-86CA-A95355A0D412} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd) Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand Task: {692147CD-E1DE-4A4F-9B74-43F7A6518A12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-08-03] (Microsoft Corporation) Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand Task: {738A1455-D1D5-46D9-8159-C9896E875867} - System32\Tasks\{EB073971-ED6E-4C07-B2D9-F9A206D24DFF} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.14.0.104&LastError=404 Task: {75AA84CE-FBB1-4AA6-86D6-DC1FD0E47498} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense Task: {883FDC71-85CF-4893-A391-082018A24D05} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation) Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-07-16] (Microsoft Corporation) Task: {9B996FCD-B98B-4AC5-824B-34E258950FB2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {A08D3BCF-E836-40BD-93C5-013B7E2D48D9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {AE4A1286-8E43-47A4-A930-96C62AF9955B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {B230C623-D0C3-440C-9D36-F1AEB61C88B5} - \Microsoft\Windows\Setup\GWXTriggers\Time-3xd -> Pas de fichier <==== ATTENTION Task: {B33CF7E6-1EA0-4E35-A8F6-16B6E55B971B} - System32\Tasks\{C00A07BC-67FC-469A-955E-48CE32241091} => pcalua.exe -a "C:\Users\Cam'\Documents\Camille\Logiciel + Installation\MaConfig_win.exe" -d "C:\Users\Cam'\Documents\Camille\Logiciel + Installation" Task: {B5DDA5BE-F9B7-4780-B309-D3A821070AC0} - System32\Tasks\Driver Booster SkipUAC (Cam') => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-07-16] (Microsoft Corporation) Task: {BFD26172-B95F-4824-941F-BE529D9A7B44} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {C31A7A3C-BFE6-4105-9A2D-0A0DD699F4F6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-01] (AVAST Software) Task: {C433EBF4-D158-47F4-A531-D72D52EE18F7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession Task: {CD19BC8A-E9FE-49ED-92A5-0E1194F69F00} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation) Task: {CD2605FD-83D8-4151-A697-93A23CC7FD29} - System32\Tasks\SafeZone scheduled Autoupdate 1458672103 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-07-25] (Avast Software) Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation) Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation) Task: {F674932E-D7E7-457A-9FAC-4D0C09C875D1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {F704DB3C-7371-4542-964F-6D46D442CF4D} - System32\Tasks\ASC9_SkipUac_Système => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-01-18] (IObit) Task: {FA16CACD-07BE-4251-9C12-A6E18843AA02} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation) Task: {FD42280A-EEAA-4B4A-B780-6C2F28F0EEC2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Cam'.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Système.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-08-16 22:35 - 2016-08-11 14:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-08-16 23:15 - 2016-08-16 23:15 - 00959168 _____ () C:\Users\Cam'\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll 2014-11-23 21:18 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-08-16 23:25 - 2016-08-16 23:25 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-08-16 23:25 - 2016-08-16 23:25 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-08-16 23:25 - 2016-08-16 23:25 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-08-16 23:25 - 2016-08-16 23:25 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-08-16 23:25 - 2016-08-16 23:25 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-08-16 23:25 - 2016-08-16 23:25 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-11-20 23:41 - 2015-11-20 23:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-11-20 23:41 - 2015-11-20 23:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2016-08-01 17:32 - 2016-08-01 17:32 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-08-01 17:32 - 2016-08-01 17:32 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-08-19 01:03 - 2016-08-19 01:03 - 03015680 _____ () C:\Program Files\AVAST Software\Avast\defs\16081802\algo.dll 2015-10-29 17:30 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-08-01 17:32 - 2016-08-01 17:32 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-03-23 11:04 - 2016-03-23 11:04 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll 2016-03-23 11:02 - 2016-03-23 11:02 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll 2016-03-23 11:02 - 2016-03-23 11:02 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\ma-config.com -> hxxp://ma-config.com IE trusted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\touslesdrivers.com -> hxxp://touslesdrivers.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\100sexlinks.com -> 100sexlinks.com Il y a 4788 plus de sites. ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-837621063-972018106-1016489498-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cam'\Documents\Camille\Fond d'écran 13.png DNS Servers: 208.67.222.222 - 208.67.220.220 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Actuellement, il n'y a pas de correction automatique pour cette section.) MSCONFIG\Services: LiveUpdateSvc => 2 HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "emsisoft anti-malware" HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-837621063-972018106-1016489498-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe FirewallRules: [{106106F6-7721-4543-9291-095E6197FF3A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{46E0FF09-7C86-4E0C-935E-F50800672F18}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [UDP Query User{D128F349-03A2-4A34-9031-53336C420512}C:\users\cam'\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cam'\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{242ABDE4-C60C-4B6C-B1B4-7021F5E88C01}C:\users\cam'\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cam'\appdata\roaming\spotify\spotify.exe FirewallRules: [{7A2F9ED1-D622-43BF-9563-AD13DD81A024}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{52FC199F-FA18-43FB-97C2-B7FF26546699}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{062CB5DA-AD11-465A-A107-8728CE6F3303}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe FirewallRules: [{9D90661F-2282-4786-B290-903C7FC76716}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe FirewallRules: [{1B747AE2-2A15-488A-8C1F-CCD9147B27AC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{9DFE86B5-194F-42A3-BB3C-7DFD0BF5F250}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{781DBBC0-5411-453E-A09F-EEF9361F2842}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{00C9A6FB-0D4D-43B4-A863-EB032C23DA4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{2DEAC09D-832B-4EA6-808E-A5A2B240412E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [{56A4A3B4-B55A-404C-B980-38A56A29A79E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [UDP Query User{5D90F9E8-6B7A-447F-BC2F-D40DF6FEAE73}C:\users\cam'\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\cam'\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe FirewallRules: [TCP Query User{2AEF6B0E-FF0E-469F-AB3B-562F421AF4B5}C:\users\cam'\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\cam'\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe FirewallRules: [UDP Query User{CB456285-7EC5-41F0-963C-B2CDACCCE126}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{C0C719F2-3DA4-4743-81F1-DB8FD1636570}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{FEB90F63-C970-467F-91AB-07C176EBAA63}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{DEBA0EA9-B492-4507-B051-4D22511B2A8B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe FirewallRules: [{B88329D9-CC25-443E-B132-7D74D3DA4A4E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe FirewallRules: [{5CECAE73-4DA5-46CB-B10F-FDA27230340D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{FADF1554-3F5D-4DA6-B6FC-7493A4641816}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{CCF757A9-4D5C-4830-A4C9-7D910238EE62}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{D58AC03C-E353-4582-A107-DE87A7A51146}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{B8CCB6D8-E4AE-4FDA-AB55-3939D3A1E015}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe FirewallRules: [{3CAA9B8A-BD76-4BA3-A6BB-459C21C6ACFA}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe FirewallRules: [{58E808CA-05D3-455B-BF39-B2F85AC2BEF1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{94E31247-FC8F-4BE5-B8B3-1D9A832EB83F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{BBD70CF6-8E4C-4796-AB50-AFA7A65E432D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{CA02B9A2-475F-4B1D-A3F6-8E9C381CBA9B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [UDP Query User{71499285-935D-4AFA-A004-F2DC6D5D972A}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe FirewallRules: [TCP Query User{5CCEB113-5B33-4ED9-9E90-16E6186E9FAD}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe FirewallRules: [{C3251F9C-EB1B-4FFE-A17B-74AC30C6DF1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{EEF4F39D-18EB-4C8E-A092-7FF6ED7E8EE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [UDP Query User{55C65D51-0F4A-4F67-A25C-BFB7FF51EA1D}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe FirewallRules: [TCP Query User{8756CE0A-8A2B-480F-B822-88B86965C6F0}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe FirewallRules: [{3FD34577-E4DB-4204-B649-F06EDF1FEAF1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [{36369EA9-1640-4950-B7F3-8682762213F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [UDP Query User{BBA28E38-74E9-4131-8981-F06354C70BB9}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{DE306CE1-B33E-46C9-AD47-13AA157EC1BD}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe FirewallRules: [{D21AB80B-AE39-4DCE-9E03-9DA2185DF1A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015\fm.exe FirewallRules: [{CFB18E77-60FC-4B6B-8D43-EBA0A4CF5BE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015\fm.exe FirewallRules: [{5564D814-C9C2-47C1-96F1-96FA11329260}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe FirewallRules: [{D3C5932C-3084-4FA9-91F8-76CBBE99C03F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe FirewallRules: [{0162B868-89F6-4619-ADFE-013DD4F6732C}] => (Allow) LPort=48113 FirewallRules: [{AD7C5B52-5735-4961-8639-69D3DDC54FDB}] => (Allow) LPort=48114 FirewallRules: [{9EC8573B-7344-4258-8C67-89CD1576B38A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{2B485EC0-D768-4649-A1F1-7F6913681168}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{260321C5-7974-46AB-94E6-3AA4C3B5867D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{57BADC26-2E91-4A50-B358-4530C62ACCCF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2E7B6867-BBB4-494B-8967-79CAFE400EAD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{117FA5D7-94E1-40CF-90C2-76BA80A2864C}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [UDP Query User{3CE7C05D-8978-4638-A8AD-756039B0DA35}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [{9EC63DA8-BF6E-40E2-9006-C3FF0B582272}] => (Block) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [{0CC00515-40D8-4DE6-93D8-7EC443975426}] => (Block) C:\program files (x86)\origin games\fifa 16\fifa16.exe FirewallRules: [{029442F3-AF88-46D4-A4B5-8B143F825545}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{76DE8FDD-C811-48CF-A57B-7419E8E88EB1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{BE079FB2-650A-4343-9F31-BB779C21D275}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CFC4980A-EF62-4977-9E3E-524FA7E54070}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{57C7F3F3-B7A9-4319-9BCC-419E1939AD6D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{FFEA92E5-4370-436C-9AB3-DBC09094755B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E4888379-3A25-4D23-B115-41528224F069}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{6D359C81-13CA-4308-B186-0DED20D49876}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{D9912BC9-5D4E-4049-9E78-2353077CBA48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{63E6F170-85B7-4A83-9096-53B04FD4CCD4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1F50D50E-6314-4348-8DCD-BE5437EA2855}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{25349D54-0FA0-4F60-ADCE-1B17BEFBDD59}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{59EA01E0-5E1A-405C-8C78-1968A4B3D458}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [TCP Query User{E5F342CF-9EEF-4A44-8188-BF027359696B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{DC51AF41-086D-49FC-B904-C2894926621A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe ==================== Points de restauration ========================= 17-08-2016 17:24:58 17 Aout 2016 ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (08/19/2016 01:51:25 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante fm.exe, version : 15.3.2.0, horodatage : 0x551d37bc Nom du module défaillant : fm.exe, version : 15.3.2.0, horodatage : 0x551d37bc Code d’exception : 0xc0000005 Décalage d’erreur : 0x00b5fdb6 ID du processus défaillant : 0x2354 Heure de début de l’application défaillante : 0xfm.exe0 Chemin d’accès de l’application défaillante : fm.exe1 Chemin d’accès du module défaillant: fm.exe2 ID de rapport : fm.exe3 Nom complet du package défaillant : fm.exe4 ID de l’application relative au package défaillant : fm.exe5 Error: (08/18/2016 11:21:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante fm.exe, version : 15.3.2.0, horodatage : 0x551d37bc Nom du module défaillant : fm.exe, version : 15.3.2.0, horodatage : 0x551d37bc Code d’exception : 0xc0000005 Décalage d’erreur : 0x00b5fdb6 ID du processus défaillant : 0x1660 Heure de début de l’application défaillante : 0xfm.exe0 Chemin d’accès de l’application défaillante : fm.exe1 Chemin d’accès du module défaillant: fm.exe2 ID de rapport : fm.exe3 Nom complet du package défaillant : fm.exe4 ID de l’application relative au package défaillant : fm.exe5 Error: (08/18/2016 07:25:54 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (08/18/2016 04:23:01 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante fm.exe, version : 15.3.2.0, horodatage : 0x551d37bc Nom du module défaillant : fm.exe, version : 15.3.2.0, horodatage : 0x551d37bc Code d’exception : 0xc0000005 Décalage d’erreur : 0x00b5fdb6 ID du processus défaillant : 0x117c Heure de début de l’application défaillante : 0xfm.exe0 Chemin d’accès de l’application défaillante : fm.exe1 Chemin d’accès du module défaillant: fm.exe2 ID de rapport : fm.exe3 Nom complet du package défaillant : fm.exe4 ID de l’application relative au package défaillant : fm.exe5 Error: (08/18/2016 02:37:13 AM) (Source: Windows Search Service) (EventID: 3104) (User: ) Description: Échec de l’énumération de sessions utilisateur en vue de générer des pools de filtre. Détails : (HRESULT : 0x80040210) (0x80040210) Error: (08/17/2016 06:01:41 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: La création du contexte d’activation a échoué pour « UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1 ». Erreur dans le fichier de manifeste ou de stratégie « UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2 » à la ligne UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (08/17/2016 05:35:30 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: La création du contexte d’activation a échoué pour « UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1 ». Erreur dans le fichier de manifeste ou de stratégie « UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2 » à la ligne UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (08/17/2016 05:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Error: (08/17/2016 05:10:33 PM) (Source: ESENT) (EventID: 455) (User: ) Description: CCleaner64 (8520) testing: L’erreur -1032 (0xfffffbf8) s’est produite lors de l’ouverture d’un fichier journal C:\Users\Cam'\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (08/17/2016 05:10:33 PM) (Source: ESENT) (EventID: 489) (User: ) Description: CCleaner64 (8520) testing: Une tentative d’ouverture du fichier « C:\Users\Cam'\AppData\Local\Microsoft\Windows\WebCache\V01.log » a échoué en indiquant l’erreur système 32 (0x00000020) : « Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.  ». L’opération d’ouverture de fichier échouera en indiquant l’erreur -1032 (0xfffffbf8). Erreurs système: ============= Error: (08/19/2016 01:52:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Service Microsoft Office « Démarrer en un clic » s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service. Error: (08/18/2016 10:33:18 PM) (Source: disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error: (08/18/2016 10:32:09 PM) (Source: disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error: (08/18/2016 10:32:05 PM) (Source: disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error: (08/18/2016 09:54:25 PM) (Source: Ntfs) (EventID: 55) (User: AUTORITE NT) Description: Une défaillance a été détectée dans la structure du système de fichiers sur le volume C:. La nature exacte de la défaillance est inconnue. Les structures de système de fichiers doivent être analysées en ligne. Error: (08/18/2016 09:06:14 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (08/18/2016 09:03:12 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: propres à l’applicationLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}AUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible Error: (08/18/2016 08:20:03 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (08/18/2016 07:26:53 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (08/18/2016 07:17:03 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} CodeIntegrity: =================================== Date: 2016-08-17 00:21:23.412 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\DmNotificationBroker.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-17 00:21:23.410 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\DmNotificationBroker.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-17 00:21:23.347 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\DmNotificationBroker.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-17 00:21:23.345 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\DmNotificationBroker.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-17 00:21:22.746 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\fodhelper.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-17 00:21:22.706 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\fodhelper.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-17 00:21:22.657 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\fodhelper.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-17 00:21:22.655 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\fodhelper.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-17 00:21:05.868 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-16 23:59:53.973 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\MusNotificationUx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz Pourcentage de mémoire utilisée: 20% Mémoire physique - RAM - totale: 8112.66 MB Mémoire physique - RAM - disponible: 6479.48 MB Mémoire virtuelle totale: 16112.66 MB Mémoire virtuelle disponible: 14325.89 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:930.73 GB) (Free:491.2 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 91077966) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Fin de Addition.txt ============================