Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Exécuté par aouadj (22-03-2017 20:01:34) Exécuté depuis C:\Users\aouadj\Desktop Windows 10 Home Version 1607 (X64) (2017-02-04 12:00:35) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-1623413559-2434277838-4126419415-500 - Administrator - Disabled) aouadj (S-1-5-21-1623413559-2434277838-4126419415-1001 - Administrator - Enabled) => C:\Users\aouadj DefaultAccount (S-1-5-21-1623413559-2434277838-4126419415-503 - Limited - Disabled) defaultuser0 (S-1-5-21-1623413559-2434277838-4126419415-1000 - Limited - Disabled) => C:\Users\defaultuser0 Invité (S-1-5-21-1623413559-2434277838-4126419415-501 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) . . . (Version: 2.1.28.3 - Intel) Hidden µTorrent (HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.) AION Free-to-Play (HKLM\...\Steam App 261430) (Version: - NCSOFT) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Atlas Reactor (HKLM\...\Steam App 402570) (Version: - Trion Worlds) BLOCKADE 3D (HKLM\...\Steam App 302830) (Version: - Shumkov Dmitriy) Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) Counter-Strike: Global Offensive (Version: - Valve) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®) Discord (HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Dofus (HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\...\2744A393-554C-4E35-A24F-DEF0392B4484-2) (Version: - Ankama) Étude pour l'amélioration du produit HP ENVY 4520 series (HKLM\...\{86298E97-610F-4A5A-8CC9-07EEB1790566}) (Version: 36.0.72.54013 - Hewlett-Packard Co.) Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - ) f.lux (HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\...\Flux) (Version: - ) Garrys Mod version 16.02.26 (HKLM\...\{C8F834F5-46EA-4933-8AA9-F6CD7D29EED0}_is1) (Version: 16.02.26 - Strogino CS Portal) Gear Up (HKLM\...\Steam App 214420) (Version: - Doctor Entertainment AB) Ghost in the Shell: Stand Alone Complex - First Assault Online (HKLM\...\Steam App 369200) (Version: - Neople) Logiciel de base du périphérique HP ENVY 4520 series (HKLM\...\{D20015E2-CAB7-4664-B8D8-F153E9427DE2}) (Version: 36.0.72.54013 - Hewlett-Packard Co.) Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProplusRetail - fr-fr) (Version: 16.0.7870.2024 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden osu! (HKLM-x32\...\{eb8d036f-1cb8-41b3-9dd2-f898c23e044c}) (Version: latest - ppy Pty Ltd) Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios) PlanetSide 2 (HKLM\...\Steam App 218230) (Version: - Daybreak Game Company) PlanetSide 2 (HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) Robocraft (HKLM\...\Steam App 301520) (Version: - Freejam) ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 11.6.0 - ShareX Team) SNOW (HKLM\...\Steam App 244930) (Version: - Poppermost Productions) Spiral Knights (HKLM\...\Steam App 99900) (Version: - Grey Havens) Super Meat Boy (Version: - Team Meat) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated) TeamSpeak 3 Client (HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH) TERA (HKLM\...\Steam App 212740) (Version: - Bluehole, Inc.) Tribes: Ascend (HKLM\...\Steam App 17080) (Version: - Hi-Rez Studios) Trove (HKLM\...\Steam App 304050) (Version: - Trion Worlds) Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games) Warframe (HKLM\...\Steam App 230410) (Version: - Digital Extremes) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1623413559-2434277838-4126419415-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F217E6B6DBD2}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-1623413559-2434277838-4126419415-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {06E81FD7-EB89-45E8-8562-FA97666CFC76} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation) Task: {19ECEC4D-C760-4220-B49F-859E1EAEC464} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation) Task: {1A0550EF-CEA8-47EC-8058-3383F62EE24B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-04] (Google Inc.) Task: {24F5AC1B-FDF1-43BA-9F7B-F59C816E56B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-09] (Microsoft Corporation) Task: {2B7B01A4-66AC-4B3A-B388-3DEEB5C056C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-23] (Adobe Systems Incorporated) Task: {3803A097-91E3-4DF0-8124-32D927EE5A2F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-05] (AVAST Software) Task: {40C2F87D-CE72-4594-A9EA-28F57367F735} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [2015-03-09] (Hewlett-Packard Development Company, LP) Task: {47B35A67-BF75-4D4F-ABCE-5E422B32B4F8} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-04I3FC8-aouadj => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {61D942E2-A342-42B9-81B4-F48F40EAD99E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-02] (Microsoft Corporation) Task: {624D8E89-C855-4693-9DA9-FC0D1D48D485} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs" Task: {6C31B223-68B6-4342-BA9B-B0A8CD508344} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation) Task: {83B188E8-4042-4365-AE82-CA10A7E637B9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-23] (Adobe Systems Incorporated) Task: {854DCEF1-48FF-442C-B8F0-F69F149F00AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-04] (Google Inc.) Task: {B61315BB-8236-4489-BEA1-C483AD87F54D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {B7BA5BA0-B565-41B1-BAD2-9ED78B67CCB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation) Task: {BAC3A312-3885-48A9-B622-A44C16933B6A} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2016-12-23] (Advanced Micro Devices, Inc.) Task: {BEFFD162-56DD-4FEC-98D7-46339149844B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation) Task: {CBA74547-E3F8-4121-B650-26E8243C6EAF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {CC113A00-85BA-4178-894D-0C6C5CEC7F69} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-03-16] (Overwolf LTD) Task: {DA7C079C-DF95-49A8-8445-D10189F46B7C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-02] (Microsoft Corporation) Task: {F6A92657-6578-45BB-9609-4321737F0E57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-09] (Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Raccourcis ============================= (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2017-02-04 13:31 - 2016-11-17 22:16 - 00805632 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe 2017-02-04 13:31 - 2016-11-17 22:18 - 01981184 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll 2017-02-04 13:30 - 2016-11-17 22:11 - 00247552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll 2017-02-04 13:31 - 2016-11-17 22:10 - 00212736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll 2017-02-04 13:30 - 2016-11-17 22:11 - 00174848 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll 2017-02-04 13:31 - 2016-11-17 22:10 - 00203520 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_state_input.dll 2017-02-04 13:31 - 2016-11-17 22:09 - 00206592 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_disktrace_input.dll 2017-02-04 13:31 - 2016-11-17 22:09 - 00336640 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll 2017-02-04 13:31 - 2016-11-17 22:06 - 00147712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll 2017-02-04 13:31 - 2016-11-17 22:11 - 00213248 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll 2017-02-04 13:31 - 2016-11-17 22:07 - 00229120 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input.dll 2017-02-04 13:31 - 2016-11-17 22:08 - 00224000 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll 2017-02-04 13:31 - 2016-11-17 22:06 - 00211712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_input.dll 2017-02-04 13:31 - 2016-11-17 22:08 - 00219904 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll 2016-11-17 22:05 - 2016-11-17 22:05 - 00156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll 2017-03-15 00:38 - 2017-03-04 08:19 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll 2017-03-15 00:38 - 2017-03-04 08:19 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll 2017-03-15 00:38 - 2017-03-04 08:19 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll 2016-10-31 20:45 - 2016-10-31 20:45 - 00592384 _____ () C:\Users\aouadj\AppData\Local\MEGAsync\ShellExtX64.dll 2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-03-08 03:42 - 2017-03-08 03:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2017-02-04 14:34 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 00:35 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-02-19 21:11 - 2014-08-06 02:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe 2017-02-04 13:31 - 2016-11-17 22:14 - 00730880 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe 2017-02-04 13:31 - 2016-11-17 22:12 - 00237824 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll 2017-02-04 13:31 - 2016-11-17 22:08 - 00217344 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll 2016-10-25 09:57 - 2016-10-25 09:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2017-03-02 16:12 - 2017-03-02 16:16 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-03-02 16:12 - 2017-03-02 16:16 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-03-02 16:12 - 2017-03-02 16:16 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-02-04 14:41 - 2017-02-04 14:42 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2017-03-02 16:12 - 2017-03-02 16:16 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-03-02 16:12 - 2017-03-02 16:16 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2016-07-16 23:51 - 2016-07-16 23:51 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2017-03-09 13:58 - 2017-03-09 13:59 - 10650112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2017-03-09 13:58 - 2017-03-09 13:59 - 02653184 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2017-03-09 13:58 - 2017-03-09 13:59 - 00761344 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll 2017-03-15 00:38 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-15 00:38 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-15 00:38 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-03-15 00:39 - 2017-03-04 07:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-03-15 00:38 - 2017-03-04 07:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-03-15 00:43 - 2017-03-04 07:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-02-19 21:29 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\aouadj\AppData\Local\Discord\app-0.0.297\ffmpeg.dll 2017-02-19 21:30 - 2017-02-19 21:30 - 01082880 _____ () \\?\C:\Users\aouadj\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node 2017-02-19 21:30 - 2017-02-19 21:30 - 03750400 _____ () \\?\C:\Users\aouadj\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll 2017-02-19 21:30 - 2017-02-19 21:30 - 00914432 _____ () \\?\C:\Users\aouadj\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node 2017-02-19 21:30 - 2017-02-19 21:30 - 01127424 _____ () \\?\C:\Users\aouadj\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node 2017-02-09 17:45 - 2017-02-03 02:42 - 00668960 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-02-09 17:45 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-02-09 17:45 - 2017-03-13 23:04 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll 2017-02-09 17:45 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2017-02-09 17:45 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2017-02-09 17:45 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2017-02-09 17:45 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2017-02-09 17:45 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2017-02-09 17:45 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-02-09 17:45 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-02-09 17:45 - 2017-03-13 23:04 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-02-09 17:45 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-12-09 15:09 - 2016-12-09 15:09 - 52051544 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2017-03-22 09:58 - 2017-03-22 09:58 - 00148992 _____ () \\?\C:\Users\aouadj\AppData\Local\Temp\B054.tmp.node 2017-02-19 21:30 - 2017-02-19 21:30 - 02658304 _____ () \\?\C:\Users\aouadj\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node 2017-02-19 21:32 - 2017-02-19 21:32 - 02130432 _____ () \\?\C:\Users\aouadj\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node 2017-02-09 17:47 - 2017-01-30 22:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2017-02-09 17:45 - 2017-03-13 23:04 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll 2016-12-02 01:54 - 2016-12-02 01:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-12-02 01:54 - 2016-12-02 01:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-12-02 01:54 - 2016-12-02 01:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2016-12-02 01:54 - 2016-12-02 01:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-12-09 15:09 - 2016-12-09 15:09 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-12-02 01:54 - 2016-12-02 01:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2016-10-10 23:15 - 2016-10-10 23:15 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-10-10 23:15 - 2016-10-10 23:15 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node 2016-10-10 23:15 - 2016-10-10 23:15 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-10-10 23:17 - 2016-10-10 23:17 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-12-09 15:02 - 2016-12-09 15:02 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-10-10 23:14 - 2016-10-10 23:14 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node 2016-10-10 23:14 - 2016-10-10 23:14 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node 2017-02-09 17:45 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2016-07-16 12:47 - 2010-12-23 21:08 - 00000780 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKU\S-1-5-21-1623413559-2434277838-4126419415-1001\...\StartupApproved\Run: => "f.lux" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{588238CE-DE77-4654-8ADD-76F25175F86D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{BC82B8ED-026B-479E-869C-60A43C5711D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C766E528-5088-41EE-9FBF-333AFE2B8A8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{30C72BB8-0992-4B3D-818F-B26C49AF6EF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{192BA86D-49C8-4E56-8865-037A9AA7320F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{6055CE8F-89A0-451B-B94A-C26E87613199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe FirewallRules: [{4544BEF7-4FED-4541-85EB-13AE1846ECFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe FirewallRules: [{7F01A3D8-24B8-41D2-B3A9-A557DAB154C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{21383094-0473-4111-93BE-B15A9344B8AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{B92EA6B9-0C73-4B96-BA79-FF343C352900}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [{9905E37D-7E4A-4871-8CCE-EDEC29D47821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [TCP Query User{D5641787-0B8A-4C12-B6A5-58F7C5090EA2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{DABA339A-E082-445A-9791-3C48E42DD0D7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{3B1B5D46-8B1C-4BB1-A1F0-AD2079F3F86C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe FirewallRules: [{C1E8BA05-ECF5-4809-AFB0-CE26BC66310B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AION\NCLauncher.exe FirewallRules: [{13250DC9-49A9-4F29-825F-8F0706151B61}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{00A886BD-EE06-44F1-BE29-21E2E351F7B2}] => (Allow) C:\Users\aouadj\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{12F99AC6-FD0D-4E2E-A802-AC5D813F3EDB}] => (Allow) C:\Users\aouadj\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{179EFCED-96A3-48C1-9E77-87DA1B600843}] => (Allow) C:\Users\aouadj\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{34DF8C0C-5CE3-4EE8-93B7-159D5560E63A}] => (Allow) C:\Users\aouadj\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C5E76957-3FDA-4242-8AF1-028AA457F424}] => (Allow) C:\Users\aouadj\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3842C806-BF82-469A-8013-939139307369}] => (Allow) C:\Users\aouadj\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{C6346B15-84BE-4101-ACDD-54587846E10F}C:\users\aouadj\downloads\the.forest.public.alpha.v0.55c\theforest.exe] => (Allow) C:\users\aouadj\downloads\the.forest.public.alpha.v0.55c\theforest.exe FirewallRules: [UDP Query User{832E3A0C-247A-4C05-8B8D-E71850A8869F}C:\users\aouadj\downloads\the.forest.public.alpha.v0.55c\theforest.exe] => (Allow) C:\users\aouadj\downloads\the.forest.public.alpha.v0.55c\theforest.exe FirewallRules: [{8D6A717A-2DCB-4C70-8E15-B0818591BCE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe FirewallRules: [{D94F9BD4-BE7C-4B57-8027-9C5FC837D5D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe FirewallRules: [{46FAFD99-BBE7-408A-B58D-B40820151244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe FirewallRules: [{0B9B2783-7BB3-40D0-9F5A-FFFEE360A040}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe FirewallRules: [TCP Query User{C34D617F-7DDD-4A98-9CA9-B0CAF42E673D}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{E0F488D9-A6E6-4C00-A9A4-B58A58E35EB5}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [{BFB31BEF-24F3-4417-B9FB-0A05825C3997}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{0C466B8F-905B-4F99-85B4-F489AE33C2A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{1A9C2E23-92E3-483A-9AD7-F0517090D9DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{3882DBF9-0FB8-42F7-8347-9EDB469794A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [TCP Query User{BF09E55A-A859-4025-A719-6E3F62873DFD}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{B5BE0A35-9968-4A4E-A991-8DD6C0535864}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{01F3624B-59A6-4499-9E3E-4494C7842609}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GearUp\bin\Traktor.Amalgam.App.exe FirewallRules: [{3FAB83F2-DFD0-4A41-89F8-F20EEDFD759B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GearUp\bin\Traktor.Amalgam.App.exe FirewallRules: [{28087678-B0EC-402E-BAA0-B9C03F0CE37D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{F368BEEE-444F-4719-B27C-9172B846919B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [TCP Query User{CD10B051-4613-45E1-8884-6F82A64E5B27}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe FirewallRules: [UDP Query User{53233DCA-C96E-4B56-B48C-D1FEB1EC08B2}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe FirewallRules: [{AB6683DC-E671-4F89-88B6-8AC9524A29BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tribes\Binaries\Win32\TribesAscend.exe FirewallRules: [{1A3CCF42-2299-47EA-B077-B08DC914F4D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tribes\Binaries\Win32\TribesAscend.exe FirewallRules: [{C1AE2515-826A-4CA2-B6E9-B88D58B1C1E7}] => (Allow) C:\QQVipDownload\MHO_Setup_2.0.11.388.exe FirewallRules: [TCP Query User{849EB872-FEA9-40DF-82C6-20B4ECA77255}C:\users\aouadj\documents\astroneer.pre-alpha.v0.2.10125.0\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\users\aouadj\documents\astroneer.pre-alpha.v0.2.10125.0\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [UDP Query User{0D8C17A8-EB47-4B96-8A7B-21ABFAE21E19}C:\users\aouadj\documents\astroneer.pre-alpha.v0.2.10125.0\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\users\aouadj\documents\astroneer.pre-alpha.v0.2.10125.0\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [TCP Query User{2965BD91-AE61-40FC-807C-80E6C50F62C7}C:\users\aouadj\downloads\black ops\call_of_duty_black_ops_french\blackops.exe] => (Allow) C:\users\aouadj\downloads\black ops\call_of_duty_black_ops_french\blackops.exe FirewallRules: [UDP Query User{6300C262-EEF5-4DA2-BF41-5975D04E7821}C:\users\aouadj\downloads\black ops\call_of_duty_black_ops_french\blackops.exe] => (Allow) C:\users\aouadj\downloads\black ops\call_of_duty_black_ops_french\blackops.exe FirewallRules: [{40677FD8-4B93-447E-ACC6-DC434B05B9F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{DAE06416-7192-49BB-8D9F-7456BDD8D79B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{5F0AFC4C-6174-4695-BFE6-C262129C61E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{5DE3A342-70F1-43F3-8092-551E10FA225D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{91D4ED00-0098-48B4-9DDE-234F37BB3090}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{F70CEB83-672A-4D06-9B22-3DA766456808}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{FC07F3DB-9B9B-44C0-B574-BF38AB8FD199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{ED8D3634-FA09-4BC6-9A16-111C88F127ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{25E8FE2B-D90C-4139-ACB7-D2B65CB4BFB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{44134E76-0FF6-4EB4-8222-D0EA4567CA47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{837256E9-5AB6-4FAC-A61F-C9960445E5C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{C34705EB-68A4-4B1B-A391-356900064A7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{0DD6FC39-83FE-438E-8264-0F24F840BBE0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [TCP Query User{6B700325-C69F-4CB5-8B4A-F3E78C92973C}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [UDP Query User{D2467AEE-B112-4C8A-9450-101EFB70A830}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [TCP Query User{6D5773E7-0A15-453D-A603-8F1298F99D37}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [UDP Query User{D4196A17-AFC7-4315-9187-85CD95F371EA}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [TCP Query User{664BAFDD-C4AC-43D3-B707-292496A6F80E}C:\program files\strogino cs portal\garrys mod\bin\tools\steamcmd.exe] => (Allow) C:\program files\strogino cs portal\garrys mod\bin\tools\steamcmd.exe FirewallRules: [UDP Query User{8808E19D-607B-4C69-8B1E-F59F0D4CDC86}C:\program files\strogino cs portal\garrys mod\bin\tools\steamcmd.exe] => (Allow) C:\program files\strogino cs portal\garrys mod\bin\tools\steamcmd.exe FirewallRules: [TCP Query User{9E76478E-20E7-47E7-9F96-53F3D529644A}C:\program files\strogino cs portal\garrys mod\hl2.exe] => (Allow) C:\program files\strogino cs portal\garrys mod\hl2.exe FirewallRules: [UDP Query User{E0ADE84D-A348-418B-B72B-FC984CFB312F}C:\program files\strogino cs portal\garrys mod\hl2.exe] => (Allow) C:\program files\strogino cs portal\garrys mod\hl2.exe FirewallRules: [{14FDDDE0-97AF-47B4-82A7-A81A5FB7DDCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{0FE08E2B-8349-41BD-B27E-9F4971E0AEFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [TCP Query User{0587BE43-EA8F-47AE-9DF4-01FF30E04A83}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{07DA716C-B2D6-497A-9150-C429DA397048}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{8E8F9C60-44D8-4A83-B6BE-EEEE8273CC23}C:\users\aouadj\downloads\black ops\call_of_duty_black_ops_french\blackopsmp.exe] => (Block) C:\users\aouadj\downloads\black ops\call_of_duty_black_ops_french\blackopsmp.exe FirewallRules: [UDP Query User{2B793194-A0B8-40B7-BAB4-A0AA512C2DC3}C:\users\aouadj\downloads\black ops\call_of_duty_black_ops_french\blackopsmp.exe] => (Block) C:\users\aouadj\downloads\black ops\call_of_duty_black_ops_french\blackopsmp.exe FirewallRules: [{1578B0DA-C72A-4FC7-8D49-BAE9BF482A7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{3E3560D5-C29F-4DD5-9626-EFA536760916}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{2154B0DD-1B65-44DE-81F7-885D06CC7560}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{47B85218-1865-4E25-B9A6-4A997B4FB11A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{B343DEC7-023E-4555-B108-8F25E34C3F9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe FirewallRules: [{0DFCA54C-2F3F-497B-A8FC-C35848A366C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe FirewallRules: [{EB565031-D903-493E-902B-3578C6CF5465}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [{4A5EA210-2E69-4771-B94D-C774818E00FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [{5E2D5B70-93C3-403B-B21F-6DE811AA25C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Atlas Reactor\GlyphClient.exe FirewallRules: [{1CDA26D3-633A-4C31-8D39-AEDFCDE7F511}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Atlas Reactor\GlyphClient.exe FirewallRules: [TCP Query User{4A18E966-7AC0-405C-91F5-9C1B6189B340}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe FirewallRules: [UDP Query User{78583058-2D5B-4793-A197-DDB0FCED4B7F}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe FirewallRules: [{7F0344CF-9F13-4D7A-B031-81BFB2B4265D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe FirewallRules: [{1D10E0D8-EDE5-4D19-910C-348AD377CF0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe FirewallRules: [{6ED9FC5B-A9D5-4DFF-9F8D-C919E47BE319}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe FirewallRules: [{08FA9C6A-E47B-401D-AE50-459CA9556838}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe FirewallRules: [{B33D6D40-8F0B-455C-B8B6-F8F8AE55FDF4}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe FirewallRules: [{F8051772-C86F-45C6-9300-D3A3DC8A84C3}] => (Allow) LPort=5357 FirewallRules: [{DD8C7294-AC2A-43C9-AD1F-A74B6D70CE3A}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (03/22/2017 11:23:00 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (03/22/2017 11:22:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Error: (03/21/2017 04:25:54 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. Error: (03/21/2017 04:23:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JALEEL_LA_FRITE) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147024865 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (03/21/2017 04:23:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JALEEL_LA_FRITE) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (03/21/2017 04:23:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JALEEL_LA_FRITE) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (03/21/2017 04:06:42 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (03/21/2017 04:05:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Error: (03/20/2017 06:19:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme ZHPDiag3.exe version 2017.3.15.46 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 69c Heure de début : 01d2a19e043a31da Heure de fin : 17 Chemin d'accès de l'application : C:\Users\aouadj\AppData\Roaming\ZHP\ZHPDiag3.exe ID de rapport : 5705216b-0d91-11e7-805c-a45d36676b89 Nom complet du package défaillant : ID de l'application relative au package défaillant : Error: (03/20/2017 06:06:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: JALEEL_LA_FRITE) Description: Le package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel a été interrompu, car sa suspension a été trop longue. Erreurs système: ============= Error: (03/22/2017 09:54:07 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} et l’APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/21/2017 09:32:25 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/21/2017 04:23:06 PM) (Source: DCOM) (EventID: 10001) (User: JALEEL_LA_FRITE) Description: Impossible de démarrer un serveur DCOM : CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca en tant que Non disponible/Non disponible. L’erreur « 31 » s’est produite lors du démarrage de la commande : "C:\Windows\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca Error: (03/21/2017 04:11:57 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} et l’APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/21/2017 04:11:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service USER_ESRV_SVC_QUEENCREEK s’est arrêté avec l’erreur : %%497 Error: (03/21/2017 04:08:39 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/21/2017 03:49:02 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} et l’APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/20/2017 09:37:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (03/20/2017 06:01:56 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {B91D5831-B1BD-4608-8198-D72E155020F7} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (03/20/2017 05:58:29 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} et l’APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. CodeIntegrity: =================================== Date: 2017-03-05 12:16:37.562 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\aouadj\AppData\Local\Temp\atdcm64a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-05 12:16:37.394 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\AMD\CIM\Bin64\atdcm64a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-05 11:00:10.586 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\aouadj\AppData\Local\Temp\atdcm64a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-05 11:00:10.397 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\AMD\CIM\Bin64\atdcm64a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== Processeur: AMD E2-1800 APU with Radeon(tm) HD Graphics Pourcentage de mémoire utilisée: 29% Mémoire physique - RAM - totale: 7778.26 MB Mémoire physique - RAM - disponible: 5460.84 MB Mémoire virtuelle totale: 8354.26 MB Mémoire virtuelle disponible: 5598.21 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:930.96 GB) (Free:590.63 GB) NTFS Drive e: (HP EN4520) (CDROM) (Total:0.48 GB) (Free:0 GB) CDFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: FB1B832A) Partition: GPT. ==================== Fin de Addition.txt ============================