Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 03-10-2017 01 Exécuté par Léo (06-10-2017 10:04:33) Exécuté depuis C:\Users\Léo\Desktop Windows 10 Home Version 1703 (X64) (2017-10-04 17:40:11) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3889460067-2094249397-1606092602-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3889460067-2094249397-1606092602-503 - Limited - Disabled) Invité (S-1-5-21-3889460067-2094249397-1606092602-501 - Limited - Disabled) Léo (S-1-5-21-3889460067-2094249397-1606092602-1001 - Administrator - Enabled) => C:\Users\Léo ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) 7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov) ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation) AirServer Universal (x64) (HKLM\...\{69380A3E-760E-4AA7-AED4-B10F6FA47B30}) (Version: 5.1.0 - App Dynamic) Apple Application Support (32 bits) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) AVG (HKLM\...\AvgZen) (Version: 1.41.1.56922 - AVG Technologies) AVG Zen (HKLM\...\{CEDC1C27-A73A-4779-9121-DB77A8AE2003}) (Version: 1.41.29 - AVG Technologies) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts) Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch) Call of Duty: Modern Warfare 3 - Multiplayer (HKLM\...\Steam App 42690) (Version: - Infinity Ward) Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - Playsaurus) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0220 - Disc Soft Ltd) Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit) DriversCloud.com (64 bits) (HKLM\...\{A7964621-50FB-4581-80FC-091FE4A605CE}) (Version: 8.0.3.0 - Cybelsoft) Epic Games Launcher (HKLM-x32\...\{886E86E6-6673-4EAD-A4FF-6E087A661F4E}) (Version: 1.1.123.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FMW 1 (HKLM\...\{0AB3CCB3-5C0B-4C65-9FA4-CFEF6283F7F1}) (Version: 1.62.2 - AVG Technologies) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North) H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Daybreak Games) H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company) iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation) IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.0 - IObit) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.21 - IObit) Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation) KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.8431.2079 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{b3c7f59f-dc40-4be9-829c-77dd292978ea}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mises à jour NVIDIA 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.8.1.21 - NVIDIA Corporation) Hidden Mozilla Firefox 47.0.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 fr)) (Version: 47.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla) MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.08 - MSI) MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI) MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.029 - MSI) MSI(R) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{2267B034-BB59-4653-A84D-D3C3C2699AB4}) (Version: 6.0.2.101 - Intel Corporation) Hidden MSI(R) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{482c7431-75e2-4124-a453-6a294cd2c6a4}) (Version: 6.0.2.101 - Intel Corporation) NetworkGenie (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.0.0.11 - MSI) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden OpenOffice 4.1.2 (HKLM-x32\...\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}) (Version: 4.12.9782 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.10.2.4863 - Electronic Arts, Inc.) paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC) Panneau de configuration NVIDIA 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.69 - NVIDIA Corporation) Hidden PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 5.15.1.0 - PureVPN) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.) Rise of the Tomb Raider (HKLM-x32\...\{484431B3-9ADE-4B1B-8FD7-F46BD61A1150}_is1) (Version: 1.0.668.1 - Eidos Inc.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0250 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.8.1.21 - NVIDIA Corporation) Hidden Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.4 - IObit) Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.08 - Creative Technology Limited) Space Engineers (HKLM\...\Steam App 244850) (Version: - Keen Software House) Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version: - Ubisoft) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal) TuneUp Utilities 2014 (fr-FR) (HKLM-x32\...\{1A1940AF-774B-450B-864E-1CB2A1BE0951}) (Version: 14.0.1000.353 - TuneUp Software) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> Pas de fichier ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] () ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2015-12-23] (IObit) ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-04-22] (Apple Inc.) ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\system32\IObitSmartDefragExtension.dll [2015-01-10] (IObit) ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => -> Pas de fichier ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2015-12-23] (IObit) ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2015-12-23] (IObit) ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\system32\IObitSmartDefragExtension.dll [2015-01-10] (IObit) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {126A5CC2-B15D-4455-A33E-35F29E5AED83} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation) Task: {1495B48D-2A4A-4DBA-8439-1CAEF9867680} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.) Task: {2836229E-09C0-4ED2-8464-245E1F2A357A} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2016-02-17] (IObit) Task: {32BE173B-60CA-4586-9BDD-9AF2F077F8C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-30] (Microsoft Corporation) Task: {37AA9D99-6975-4475-A836-D33010133D40} - System32\Tasks\Uninstaller_SkipUac_Léo => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-11-23] (IObit) Task: {39052326-E7F6-4309-AEF3-FBBBEA7CE7EA} - System32\Tasks\RtlNetworkGenieVistaStart => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe [2015-07-09] (Realtek Semiconductor) Task: {496E1600-3DDF-4682-AD01-C51B7821C54A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.) Task: {5C7B6A65-88EF-4BFD-90A6-16DD3032D244} - System32\Tasks\ASC9_SkipUac_Léo => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: {6101AF6F-C347-4B0B-9907-3BC7127733DB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {66F86CBC-856C-4170-951F-D99BE0AAD60A} - System32\Tasks\S-1-5-21-3889460067-2094249397-1606092602-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation) Task: {7189D778-B2AA-4F0E-AC5A-D44BD917082A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-30] (Microsoft Corporation) Task: {7A7E079C-4BA0-49E4-9011-7A11E6B97CA8} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2016-01-28] (IObit) Task: {8318F5F6-10CF-49D4-B152-6DC76FE16D2D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {86E947BF-6AFC-45E1-B0BB-612AAE135BBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {8E3E6E2B-3B60-41E1-8CE9-708E41B9587D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-30] () Task: {B3328B75-E01B-4E99-A57F-F44683F77016} - System32\Tasks\{E41503F3-2DC7-4C2F-AADE-578C7B6FAA62} => C:\Windows\system32\pcalua.exe -a C:\Users\Léo\Desktop\forge-1.7.2-10.12.2.1121-installer-win.exe -d C:\Users\Léo\Desktop Task: {B7474C94-5A27-4685-9072-A711675954D4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {BD47AC54-80CE-4887-83ED-2C97416DF711} - \ASC10_SkipUac_Léo -> Pas de fichier <==== ATTENTION Task: {DF014A89-5C38-4E0E-92E3-D38102D87F65} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-30] () Task: {EB9CFFFE-4277-41A6-83A7-268E218F9C02} - System32\Tasks\Driver Booster SkipUAC (Léo) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-07-18] (IObit) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Léo.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\RtlNetworkGenieVistaStart.job => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Léo.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2017-07-13 20:50 - 2017-07-13 20:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-10-04 23:09 - 2017-09-27 09:37 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-10-04 23:09 - 2017-09-27 09:37 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-06-30 14:51 - 2016-06-30 14:51 - 000076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-05-18 00:42 - 2016-05-18 00:42 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2017-03-18 22:59 - 2017-03-20 07:11 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-19 23:08 - 2015-12-23 18:17 - 000625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2015-07-11 00:37 - 2015-07-11 00:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-12-19 22:28 - 2015-07-07 08:43 - 000158424 ____R () C:\Program Files (x86)\MSI\NetworkGenie\gep.dll 2016-03-15 20:35 - 2016-01-28 19:25 - 000899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\webres.dll 2016-03-15 20:35 - 2016-01-28 19:24 - 000625440 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\ProductStatistics.dll 2015-12-19 22:42 - 2015-12-09 03:53 - 000011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-07-10 13:04 - 2017-09-29 18:53 - 000001281 _____ C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema 2" HKLM\...\StartupApproved\Run32: => "Command Center" HKLM\...\StartupApproved\Run32: => "Fast Boot" HKLM\...\StartupApproved\Run32: => "Super Charger" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\StartupFolder: => "PureVPN.lnk" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "join.me.launcher" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3889460067-2094249397-1606092602-1001\...\StartupApproved\Run: => "iFunBox" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{1B46C064-980C-4C2E-BC2F-10E897F0EFA8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{86A7BFA8-E7D0-4C85-AFB2-BD6908E5ACA9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{18178EE6-CFCB-4119-916B-E8374BCABE97}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{485994A5-E620-4A99-8329-74BC2827BF5C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [{4A43BFAA-C6EA-4165-84D4-24E73E5ADA88}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{584D8780-147F-423C-9535-0C87EA4882F1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{A4A03954-CD86-4457-92A4-BF08DFA746E3}] => (Allow) C:\Users\Léo\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0EF71BA6-9319-43C4-9EAC-44D1F467CF51}] => (Allow) C:\Users\Léo\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{E4FFB915-7E07-4D46-AC3E-3F3BDAFA4699}C:\games\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) C:\games\tom clancy's rainbow six siege\rainbowsixgame.exe FirewallRules: [TCP Query User{E04BE6D1-6357-451A-963D-96F1B30CEAF8}C:\games\tom clancy's rainbow six siege\rainbowsixgame.exe] => (Allow) C:\games\tom clancy's rainbow six siege\rainbowsixgame.exe FirewallRules: [{10D5D78C-88E6-4811-BA0A-FB4A17CFFB5A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{7D3E680F-C06E-4D22-BB34-EAEE191210A6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{67E5C372-D41D-42F8-B0E5-CA757C68C4DC}] => (Allow) C:\Games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe FirewallRules: [{56CE4C58-AC39-4E27-81BA-0801CD80385C}] => (Allow) C:\Games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe FirewallRules: [{7684BE3F-9E58-495F-9E82-3C829A877C80}] => (Allow) C:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{DC7BCFE9-83CB-4EC4-87BE-D003278DBB18}] => (Allow) C:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [UDP Query User{9BF59D76-5684-4E5A-AA12-C33B470AC184}C:\program files (x86)\java\jre1.8.0_92\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_92\bin\java.exe FirewallRules: [TCP Query User{7B3E6FF0-1B89-49A8-952B-E72C848A8227}C:\program files (x86)\java\jre1.8.0_92\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_92\bin\java.exe FirewallRules: [UDP Query User{7F38A687-7196-4ED1-80FB-8D8517FAB2B4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{0EBB7609-FA40-405B-82A5-CAB933E5F592}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{623D69D7-B48E-41EA-872F-719CCFD75BD1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{43E471BA-4474-4B34-8011-704339A7EDB9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{2E3AC35D-9A9D-4407-BBAD-037A7BB6D95B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{14E3C997-6864-4EEE-9655-BAB0FC6819B5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [UDP Query User{88139562-DE92-4F21-985F-B54CC5C5E164}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [TCP Query User{27DB6A56-E095-475E-B8F8-87E0B79F3023}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [{16A2E939-CCC5-40EC-BA87-998CCEFD4217}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{58B1B7EE-00B2-49C1-AF93-AD91CD6573DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{C3C10790-FC87-42B8-BA32-786B87E0DF1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{0370411A-5BAA-4A10-A93B-A1A81086AAF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{8BC32610-39F0-4820-BC1D-9C0B33C43F63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{FF248C19-876A-407A-9FCD-5EC16B48DFB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{E3DCE185-53BD-4EA1-9C70-595625F207EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5B6EB5E5-E15D-41F6-8058-C57FD465B1A7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FB6F3A03-CF0F-4EA7-8C2C-4ACFD130F3DE}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe FirewallRules: [{A9E1568A-22F2-404D-ACEA-0BC642E7FEF2}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe FirewallRules: [{F61151B1-96E2-4F55-ADAE-8A7849FDA7BA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{F6384C38-6014-4985-A29F-81E33123F00F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{65940423-016F-423C-8390-ACA376CCC152}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{A9FE4E7E-561D-4C22-9D9C-C01882668DAD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{CD1608FB-669F-497F-8565-8EB74B6A5E1A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{2F8E100B-666A-431E-A45D-1043684247D4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{4C43E9CC-891F-4986-9CE2-7C1C74AAC10B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8DBBA881-8873-4067-BABE-98A6663B51CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{9A4165B5-02B9-4E30-AB95-8F3137AE2A86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{0C63FD1B-82F6-470D-BC3E-D00ABF72D219}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{4E91F59D-D04A-4F4A-9370-156FFB4D304E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{010AA47F-0578-4931-9AA9-375940ACECA3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{6197608F-68BF-4340-961E-3A3895BF5019}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{0BCD25E6-06C2-485F-9478-043C4F392045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{0AF27C8F-590A-4151-9ED6-C215F6869DB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [TCP Query User{979B1462-74A9-4911-9D13-63F9804571E3}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{ED3343A9-EB74-47BE-8FBD-572E90519B8D}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{F2B2EC95-A977-40AE-AC45-D6DF88CFF9CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{CCEEEDEF-A569-45C7-8893-779BEBC04F95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{57938232-9865-4DAC-829E-7855C1835F30}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{75176F4A-131C-49D4-B28C-4686D03DFBBE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{55123083-7C56-42A1-9AF7-BBA481CB708A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{F554BEF0-5020-437E-BC88-2EBC8E272635}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe FirewallRules: [{C501C296-3060-447D-82C3-45B383639E7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe FirewallRules: [TCP Query User{F29A6F37-E964-4B48-AB7A-956B965D7557}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{E446EAC7-25B4-4BCA-BBB6-225353EA1F64}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [{D4523FBB-1A0C-4B87-B731-889D7B0EB582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{E5E3A899-E5CB-444C-BE08-42C7B1A90E8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{B2FD6FDD-B56F-4786-BF20-779B6AA839B9}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe FirewallRules: [UDP Query User{17A77DA6-C096-4D20-AB4D-53148E425A99}C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_92\bin\javaw.exe FirewallRules: [{8935910B-132A-47C2-B5AB-5421E373BB68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [{858508D7-3E0B-4842-A674-D85530E29AE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [{E949DB6C-21D4-4B01-9FC0-E9734A612F9C}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe FirewallRules: [{AAAFC5CD-9B63-4076-8524-DA6427FC2144}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe FirewallRules: [TCP Query User{DA14637C-9712-412F-997B-8CCEAD26A669}C:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) C:\program files (x86)\origin games\bfh\bfh.exe FirewallRules: [UDP Query User{1958913D-EF5C-4F4C-ABF0-BA908695C6B0}C:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) C:\program files (x86)\origin games\bfh\bfh.exe FirewallRules: [{E1FD2DF0-33A5-4A9E-83F0-D37C4AC4A8FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{20561891-96F3-4A40-8560-9F6B57E51F25}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B1619026-6E8C-4995-9928-987834979A23}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{15B6AF30-A4FA-4D57-BC6B-5F2D56DB8A05}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{62D37A86-8DFB-4DFE-A55E-0F491257B013}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2944184F-ED34-42D8-B25A-2C11AE9248F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{13C75CE2-EF81-46EB-8F5F-71E1D6A94185}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B9A2BE87-F49B-4547-9F65-B93E87A8C3E2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{990FBE0B-B093-4425-AE76-C69056C7C950}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{AAA54119-010E-4785-BA5D-725CD75067F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5DBDAFBE-2DD9-4883-96CF-211D24767028}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{8AC2F7D5-1E79-4F4B-85C7-53F1F9E3FB5E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{CB73B992-B347-40ED-94DC-3CBA7D173A0A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{FB449B61-2085-45B7-A1C1-454681377545}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{9A2DAF14-1130-4CDD-A246-A7304C2B6F29}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{E290DFCB-DCCC-4639-A5C8-1029FD5D2C8B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [TCP Query User{75E85F7A-4D98-42D6-B326-2355A82A4CC1}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [UDP Query User{6632B9DF-0A32-45B4-8EDD-BF2E8E32A226}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{E461EA4C-6633-4D65-A975-F24855A90AF8}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{3A660A93-B1B6-4AE8-988A-D847B00E1FFD}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{33510200-9F20-4005-8169-D4C58595A8F9}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe FirewallRules: [{96768E79-D2FE-4F76-8ADB-D4FB1900CDDB}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe ==================== Points de restauration ========================= 04-10-2017 22:18:06 Installed Apple Application Support (32-bit) 04-10-2017 22:18:57 Installed Apple Application Support (64-bit) 04-10-2017 22:54:17 Driver Booster : Périphérique inconnu ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (10/06/2017 09:57:37 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files\microsoft office\root\office16\odbc drivers\salesforce\lib\libcurl64.dlla\libcurl.dll ». Assembly dépendant OpenSSL.DllA,processorArchitecture="*",type="x64",version="1.0.0.4" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (10/05/2017 10:24:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-14HHPS2) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/05/2017 10:24:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-14HHPS2) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/05/2017 10:24:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-14HHPS2) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927148 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/05/2017 10:23:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante svchost.exe_AppReadiness, version : 10.0.15063.0, horodatage : 0x02799ef5 Nom du module défaillant : ntdll.dll, version : 10.0.15063.608, horodatage : 0x8274fd8b Code d’exception : 0xc0000374 Décalage d’erreur : 0x00000000000f775f ID du processus défaillant : 0x1554 Heure de début de l’application défaillante : 0x01d33e17c517ca7e Chemin d’accès de l’application défaillante : c:\windows\system32\svchost.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : bd3f3ba6-0b1f-4fd4-aabd-e9d03075bee0 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/05/2017 08:14:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-14HHPS2) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/05/2017 08:14:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-14HHPS2) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/05/2017 08:14:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-14HHPS2) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/05/2017 08:14:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-14HHPS2) Description: Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927148 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (10/05/2017 08:09:03 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. Erreurs système: ============= Error: (10/06/2017 09:49:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Service pour utilisateur de plateforme d’appareils connectés_fa0388 s’est arrêté avec l’erreur : Erreur non spécifiée Error: (10/05/2017 10:24:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Préparation des applications s’est terminé de façon inattendue pour la 1ème fois. Error: (10/05/2017 10:23:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Service pour utilisateur de plateforme d’appareils connectés_23faea s’est arrêté avec l’erreur : Erreur non spécifiée Error: (10/05/2017 10:21:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur : Cette demande n’est pas prise en charge. Error: (10/05/2017 10:21:07 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: XQHDrv.sys Error: (10/05/2017 10:18:22 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Le service Update Orchestrator Service ne s’est pas fermé correctement après avoir reçu une commande d’anticipation de fermeture. Error: (10/05/2017 10:17:27 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {995C996E-D918-4A8C-A302-45719A6F4EA7} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/05/2017 10:17:27 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {995C996E-D918-4A8C-A302-45719A6F4EA7} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/05/2017 10:17:27 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {995C996E-D918-4A8C-A302-45719A6F4EA7} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/05/2017 10:16:19 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. CodeIntegrity: =================================== Date: 2017-10-04 20:09:11.743 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 20:09:11.742 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 19:58:50.270 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 19:58:50.269 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 19:58:50.198 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 19:58:50.197 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 19:58:49.807 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 19:58:49.806 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 19:47:02.639 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 19:47:02.638 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz Pourcentage de mémoire utilisée: 36% Mémoire physique - RAM - totale: 8140.83 MB Mémoire physique - RAM - disponible: 5198.43 MB Mémoire virtuelle totale: 9420.83 MB Mémoire virtuelle disponible: 6495.54 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:930.16 GB) (Free:113.73 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BA6F7554) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=930.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=882 MB) - (Type=27) ==================== Fin de Addition.txt ============================