Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27-11-2016 Exécuté par Théau (27-11-2016 18:37:37) Exécuté depuis C:\Users\Théau\Desktop Windows 10 Pro Version 1607 (X64) (2016-10-06 18:01:59) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2659002703-1534055522-1945196165-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2659002703-1534055522-1945196165-503 - Limited - Disabled) Invité (S-1-5-21-2659002703-1534055522-1945196165-501 - Limited - Disabled) Théau (S-1-5-21-2659002703-1534055522-1945196165-1001 - Administrator - Enabled) => C:\Users\Théau ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.) Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_1) (Version: 13.8.1 - Adobe Systems Incorporated) Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.5.291 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_4_0) (Version: 10.4.0 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform) DriversCloud.com (64 bits) (HKLM\...\{77EEC345-B758-45DF-94C2-25D91D520650}) (Version: 8.0.4.0 - Cybelsoft) Dropbox (HKLM-x32\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.57.1 - Dropbox, Inc.) Hidden FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Gadwin PrintScreen (32-Bit) (HKLM-x32\...\{40475700-0CC9-4B2C-A365-293E82D784BC}) (Version: 5.4.2.0 - Gadwin Systems) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - ) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden Lecture à distance PS4 (HKLM-x32\...\{0E6F9CB6-D048-43A6-8475-D80657DC6976}) (Version: 1.5.0.08251 - Sony Interactive Entertainment Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 48.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 fr)) (Version: 48.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla) OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation) paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.7.19.0 - Red Giant, LLC) Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant) Trapcode Suite 64-bit (Version: 12.1.3 - Red Giant) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{1F535D6E-0BC8-11E5-B2CB-F04DA23A5C58}) (Version: 13.0.453 - Sony) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2659002703-1534055522-1945196165-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2659002703-1534055522-1945196165-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-463A3C202E93}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-2659002703-1534055522-1945196165-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2659002703-1534055522-1945196165-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2659002703-1534055522-1945196165-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2659002703-1534055522-1945196165-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2659002703-1534055522-1945196165-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2659002703-1534055522-1945196165-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0660AAD5-4032-4E13-B8F4-C24044C7C814} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK Task: {191992B9-8CD7-4222-B016-2B527CE0C2FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {280DBDF7-0903-43E4-AA07-AE1EF94B3C8A} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe Task: {696BB72D-3275-4B6B-8ED4-17BE0510BF86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-26] (Google Inc.) Task: {70EDD0C0-68C9-470B-8EC5-8422AC16A118} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {79C0AC41-094D-4694-ACE7-74DBC499706A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {81A21EC9-A6D2-41A5-BBCC-6937E475FC15} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A229B62E-AE77-493D-A441-AA1476443A6A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-12] (Adobe Systems Incorporated) Task: {A399FFD3-7732-47D3-8AEA-7B22DCDEC557} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-30] (Dropbox, Inc.) Task: {AC4FC5BB-F043-4490-BD1E-042573BCFD13} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd) Task: {B6BC0B45-2D0C-47F5-958A-B8573AEF4A7C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-30] (Dropbox, Inc.) Task: {BDC73147-0E34-48D5-A1B2-C1B9F874B1AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {D2A176CB-C56E-4624-BB06-106CF6E804C6} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-VCQ5LFS-Théau => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {DE291F5E-7584-4FCD-B68E-EC4B40482636} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-26] (Google Inc.) Task: {EBA49D89-7453-4B87-BD47-9F50BD5617F6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-12] (Adobe Systems Incorporated) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\Théau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Gofat\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Théau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Gofat\Application\chrome.exe (Google Inc.) ==================== Modules chargés (Avec liste blanche) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-10-06 19:10 - 2016-10-06 19:10 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-10-06 19:10 - 2016-10-06 19:10 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-10-06 19:10 - 2016-10-06 19:10 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-06-30 09:23 - 2016-06-30 09:23 - 00592384 ____C () C:\Users\Théau\AppData\Local\MEGAsync\ShellExtX64.dll 2016-05-22 18:33 - 2016-05-22 18:33 - 00491184 ____C () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-10-06 19:52 - 2016-10-06 19:52 - 01864384 ____C () C:\Users\Théau\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2016-10-06 19:11 - 2016-10-06 19:11 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-11-09 19:54 - 2016-11-02 11:30 - 00474112 ____C () C:\Windows\ShellExperiences\QuickActions.dll 2016-11-09 19:53 - 2016-11-02 11:21 - 09760768 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-09 19:53 - 2016-11-02 11:15 - 01401856 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-09 19:53 - 2016-11-02 11:14 - 00757248 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-11-09 19:53 - 2016-11-02 11:15 - 01033216 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-11-09 19:53 - 2016-11-02 11:16 - 02424320 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-09 19:53 - 2016-11-02 11:17 - 04853760 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-11-09 21:21 - 2016-11-09 21:21 - 01484776 ____C () C:\Program Files (x86)\Battle.net\Battle.net.8142\Battle.net Helper.exe 2016-11-09 21:21 - 2016-11-09 21:22 - 37247976 ____C () C:\Program Files (x86)\Battle.net\Battle.net.8142\libcef.dll 2016-11-09 21:22 - 2016-11-09 21:22 - 00540336 ____C () C:\Program Files (x86)\Battle.net\Battle.net.8142\ortp.dll 2016-11-09 21:21 - 2016-11-09 21:21 - 06402560 ____C () C:\Program Files (x86)\Battle.net\Battle.net.8142\battle.net.dll 2016-11-09 21:22 - 2016-11-09 21:22 - 00133632 ____C () C:\Program Files (x86)\Battle.net\Battle.net.8142\libEGL.dll 2016-11-09 21:22 - 2016-11-09 21:22 - 03384832 ____C () C:\Program Files (x86)\Battle.net\Battle.net.8142\libGLESv2.dll 2016-11-09 21:22 - 2016-11-09 21:22 - 03384832 ____C () C:\Program Files (x86)\Battle.net\Battle.net.8142\libglesv2.dll 2016-11-09 21:22 - 2016-11-09 21:22 - 00133632 ____C () C:\Program Files (x86)\Battle.net\Battle.net.8142\libegl.dll 2016-06-30 12:24 - 2016-06-30 12:24 - 00564224 ____C () C:\Users\Théau\AppData\Local\MEGAsync\ShellExtX32.dll 2016-11-24 18:16 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Gofat\Application\libglesv2.dll 2016-11-24 18:16 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Gofat\Application\libegl.dll 2016-11-09 21:21 - 2016-11-09 21:21 - 00990696 ____C () C:\Program Files (x86)\Battle.net\Battle.net.8142\ffmpegsumo.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\Software\Classes\exefile: <===== ATTENTION HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\Software\Classes\.exe: exefile => <===== ATTENTION HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2016-07-27 18:16 - 2016-11-26 14:22 - 00000860 ___AC C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Théau\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{fe476e14-8d85-4919-bb4f-739e0fc27507}.jpeg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "RazerCortex" HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\...\StartupApproved\Run: => "Gadwin PrintScreen (32-bit)" HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2659002703-1534055522-1945196165-1001\...\StartupApproved\Run: => "Steam" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{BD140065-5B9A-43A7-B1FA-DC34073A6D62}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe FirewallRules: [TCP Query User{B763C82B-EFF0-4C8B-A466-1F581E34D7F7}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe FirewallRules: [{69B3AF6D-150E-43B6-9238-EA5E7BAB17CD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{1E136A6C-0339-4FB2-8606-B46BA70964F7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{1BCD8071-31A8-4578-88A6-9D4841DA839A}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe FirewallRules: [{31F2C696-1DD8-473A-AB32-34B8C97703E5}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe FirewallRules: [{78ED8510-D1F7-4970-A727-5F6474A13304}] => (Allow) C:\Users\Théau\AppData\Roaming\PT\updater.exe FirewallRules: [{68F1A4AD-62D8-48D4-AB01-479635C7FB18}] => (Allow) C:\Users\Théau\AppData\Roaming\PT\updater.exe FirewallRules: [{5722BCDA-C675-4140-AC8F-C86A4895CC50}] => (Allow) C:\Users\Théau\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{19B05EEF-2A97-4F86-9775-503506967A12}] => (Allow) C:\Users\Théau\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{ECFBF56C-A813-4559-860C-88FBB172C0C0}] => (Allow) C:\Users\Théau\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6838C65B-A4E1-422F-B4D8-5F98409FB501}] => (Allow) C:\Users\Théau\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{01C0491A-E6B3-4AD0-AEDD-06BA9B84BD9B}] => (Allow) C:\Users\Théau\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9409A295-4E65-4D4C-9C7E-1730FA18B291}] => (Allow) C:\Users\Théau\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{FE831874-AE84-4BC2-AB19-A3A62810FAEE}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{04A999BC-770D-4668-BF9E-927C48B52EF1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{129ABC95-0126-4D9B-A166-D5420F42FD18}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{E851969C-0024-48A4-90C6-B472923725B3}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{7947C069-7A2B-441D-ABD3-832D0791527F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A6E51CA0-B29E-4DB0-982A-51EE94B319A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{F6BFEE59-1D71-465A-8A19-FAE81B3E3CD3}C:\users\théau\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\théau\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{F236ECFD-0A04-41F2-824D-C0F98B6E8A55}C:\users\théau\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\théau\appdata\roaming\spotify\spotify.exe FirewallRules: [{26D9B616-4729-44B5-9599-3C587829CA4F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{1D7B85EC-DCD4-4AC4-82B6-C3227390A986}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{6BFA633E-957B-4E8B-AC6E-87BCB10FB299}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{8AE9F692-7F1F-4C4C-BC5C-C14BC39C2824}C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe FirewallRules: [UDP Query User{AAAB0041-7D64-46CC-9F01-639297A41600}C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe FirewallRules: [{818311F4-984A-4E33-82D7-9FAC3E652C79}] => (Allow) C:\Program Files (x86)\Gofat\Application\chrome.exe FirewallRules: [{67394F62-FB26-46B7-B775-CD0D63C00A32}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{20938F36-C5B5-4CF9-AF9D-4440436D5178}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{580C9BCF-4691-4218-8890-8A6668D0BE29}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{304352E2-527C-4C91-A513-6D94D2CD8DBA}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe ==================== Points de restauration ========================= 11-11-2016 20:01:41 Windows Update 13-11-2016 18:12:32 Installed OpenOffice 4.1.3 23-11-2016 20:09:41 Removed amuleC 26-11-2016 14:20:38 Installed STOPzilla AntiMalware. ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (11/27/2016 04:07:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/27/2016 02:46:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/27/2016 02:46:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (11/27/2016 01:43:06 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/27/2016 01:43:06 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/27/2016 01:43:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/27/2016 12:40:46 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/27/2016 12:40:46 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/26/2016 11:47:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/26/2016 09:34:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante DllHost.exe, version : 10.0.14393.0, horodatage : 0x57899b69 Nom du module défaillant : vorbis.acm, version : 0.0.3.6, horodatage : 0x50a51541 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000001f4f ID du processus défaillant : 0x1e2c Heure de début de l’application défaillante : 0x01d2482476074cbd Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\DllHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\vorbis.acm ID de rapport : 5dba073e-b38f-4759-987e-6b2563531681 Nom complet du package défaillant : ID de l’application relative au package défaillant : Erreurs système: ============= Error: (11/27/2016 02:56:11 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/27/2016 02:56:09 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (11/27/2016 02:45:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service CDPUserSvc_c48489 s’est arrêté avec l’erreur : Erreur non spécifiée Error: (11/27/2016 12:40:51 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/27/2016 12:14:23 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/27/2016 12:14:21 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (11/26/2016 10:47:34 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/26/2016 10:47:31 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (11/26/2016 07:45:33 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/26/2016 07:45:31 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. CodeIntegrity: =================================== Date: 2016-11-26 16:21:44.541 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-11-26 15:10:31.431 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-11-26 15:08:33.164 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-11-26 14:08:33.177 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-11-26 14:07:58.313 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-11-25 21:04:12.499 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-11-25 20:09:35.196 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-11-25 19:28:25.801 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-11-24 20:01:23.374 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-11-24 18:45:35.861 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== Processeur: AMD Athlon(tm) II P320 Dual-Core Processor Pourcentage de mémoire utilisée: 58% Mémoire physique - RAM - totale: 3834.89 MB Mémoire physique - RAM - disponible: 1591.88 MB Mémoire virtuelle totale: 5882.89 MB Mémoire virtuelle disponible: 3006.3 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:297.31 GB) (Free:224.46 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: C8C2942F) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=297.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Fin de Addition.txt ============================