Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 17.02.2018 Exécuté par Maugan (17-02-2018 12:22:26) Exécuté depuis E:\Maugan\Bureau Windows 10 Pro Version 1709 16299.192 (X64) (2017-10-27 19:22:46) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-18911686-2275477452-3199720197-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-18911686-2275477452-3199720197-503 - Limited - Disabled) Invité (S-1-5-21-18911686-2275477452-3199720197-501 - Limited - Disabled) Maugan (S-1-5-21-18911686-2275477452-3199720197-1001 - Administrator - Enabled) => C:\Users\Maugan WDAGUtilityAccount (S-1-5-21-18911686-2275477452-3199720197-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20036 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated) Application Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Assassin's Creed: Syndicate (HKLM-x32\...\Assassin's Creed: Syndicate_is1) (Version: - ) Assassins's Creed 4: Black Flag (HKLM-x32\...\Assassins's Creed 4: Black Flag_is1) (Version: - ) Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software) Batman: Arkham City (HKLM-x32\...\Batman: Arkham City_is1) (Version: - ) Batman: Arkham Knight (HKLM-x32\...\Batman: Arkham Knight_is1) (Version: - ) BioShock 2 Remastered (HKLM-x32\...\BioShock 2 Remastered_is1) (Version: - ) BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - ) BioShock Remastered (HKLM-x32\...\BioShock Remastered_is1) (Version: - ) Bulletstorm: Full Clip Edition (HKLM-x32\...\Bulletstorm: Full Clip Edition_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform) Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH) CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Crysis 3 (HKLM-x32\...\Crysis 3_is1) (Version: - ) Cuphead (HKLM-x32\...\Cuphead_is1) (Version: - ) Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version: - ) Discord (HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\Discord) (Version: 0.0.300 - Discord Inc.) Dishonored 2 (HKLM-x32\...\Dishonored 2_is1) (Version: - ) Dishonored: DotO (HKLM-x32\...\Dishonored: DotO_is1) (Version: - ) Dishonored: GotY Edition (HKLM-x32\...\Dishonored: GotY Edition_is1) (Version: - ) Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.91.005 - Portrait Displays, Inc.) Dragon Ball: Xenoverse 2 (HKLM-x32\...\Dragon Ball: Xenoverse 2_is1) (Version: - ) Dying Light: The Following (HKLM-x32\...\Dying Light: The Following_is1) (Version: - ) Epic Games Launcher (HKLM-x32\...\{886E86E6-6673-4EAD-A4FF-6E087A661F4E}) (Version: 1.1.123.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: - ) Ghost Recon: Wildlands (HKLM-x32\...\Ghost Recon: Wildlands_is1) (Version: - ) GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 2.08.0000 - GIGABYTE Technology Co.,Ltd.) Hidden GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 2.08.0000 - GIGABYTE Technology Co.,Ltd.) Goat Simulator: GOATY Edition (HKLM-x32\...\Goat Simulator: GOATY Edition_is1) (Version: - ) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.5.0.1051 - Intel Corporation) Just Cause 3 (HKLM-x32\...\Just Cause 3_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\{11B73856-A062-4E6B-A80E-A3F380BBAB65}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) Life is Strange: Complete Season 1 (HKLM-x32\...\Life is Strange: Complete Season 1_is1) (Version: - ) Mad Max (HKLM-x32\...\Mad Max_is1) (Version: - ) MAGIX Contenu et Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Soundpool Music Maker - Feel good (HKLM\...\{DFEE4333-B802-4E27-9521-2D9E970B7813}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) MATLAB R2017a (HKLM\...\Matlab R2017a) (Version: 9.2 - MathWorks) Microsoft Office 365 ProPlus - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.8431.2153 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{27a7f406-88d7-44ea-a775-b2146040b201}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{21a92a8d-968e-4b78-9af4-329f60d97ed7}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Mirror's Edge: Catalyst (HKLM-x32\...\Mirror's Edge: Catalyst_is1) (Version: - ) Mises à jour NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden Movie Studio 13.0 (64-bit) (HKLM\...\{16C8F9C0-B5A5-11E6-AF35-EF6B4CB4F8F1}) (Version: 13.0.208 - VEGAS) Mozilla Firefox 58.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 58.0.2 (x64 fr)) (Version: 58.0.2 - Mozilla) MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH) Hidden Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH) NSUNS 3: Full Burst HD (HKLM-x32\...\NSUNS 3: Full Burst HD_is1) (Version: - ) NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Pilote graphique 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation) Ori and the Blind Forest: Definitive Edition (HKLM-x32\...\Ori and the Blind Forest: Definitive Edition_is1) (Version: - ) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment) Panneau de configuration NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden PhotoFiltre 7 (HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\PhotoFiltre 7) (Version: - ) Pivot Pro Plugin (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 9.61.004 - Portrait Displays, Inc.) Hidden Planet Coaster (HKLM-x32\...\Planet Coaster_is1) (Version: - ) Prey (HKLM-x32\...\Prey_is1) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.) scilab-6.0.0 (64-bit) (HKLM\...\scilab-6.0.0 (64-bit)_is1) (Version: - Scilab Enterprises) SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 3.10.003 - Portrait Displays, Inc.) Hidden Sniper Elite 3 (HKLM-x32\...\Sniper Elite 3_is1) (Version: - ) Sniper Elite 4 (HKLM-x32\...\Sniper Elite 4_is1) (Version: - ) Sniper: Ghost Warrior 3 (HKLM-x32\...\Sniper: Ghost Warrior 3_is1) (Version: - ) Splinter Cell: Blacklist (HKLM-x32\...\Splinter Cell: Blacklist_is1) (Version: - ) Spotify (HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB) Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.0 - Stardock Software, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Styx: Shards of Darkness (HKLM-x32\...\Styx: Shards of Darkness_is1) (Version: - ) Tales from the Borderlands (HKLM-x32\...\Tales from the Borderlands_is1) (Version: - ) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.90922 - TeamViewer) TEKKEN 7 (HKLM-x32\...\TEKKEN 7_is1) (Version: - ) TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom) TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Unravel (HKLM-x32\...\Unravel_is1) (Version: - ) Uplay (HKLM-x32\...\Uplay) (Version: 44.0 - Ubisoft) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Vita Concert Grand LE (HKLM\...\{BFA88ABE-D175-42C7-B374-92A2D9333CAB}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Watch Dogs 2 (HKLM-x32\...\Watch Dogs 2_is1) (Version: - ) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Zemana AntiLogger (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-18911686-2275477452-3199720197-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Maugan\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-18911686-2275477452-3199720197-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Maugan\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-18911686-2275477452-3199720197-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Maugan\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Pas de fichier ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software) ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2017-06-17] () ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation) ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2017-06-17] () ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-28] (AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {00865218-4766-4DC3-8D2D-73B3FC8620E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-19] (Microsoft Corporation) Task: {0C43EC5F-E087-423F-A000-C56273034A00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-19] (Microsoft Corporation) Task: {1A69657B-76BC-4D5E-87FA-2D114E328A06} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Connect" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GIGABYTE OC GURU" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MSIAfterburner" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {238F20E7-9192-48BE-A232-E7C7FB76411D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {293F6B92-2A91-471D-B099-8302DE8462FD} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd) Task: {326192D2-BA95-46DF-A24A-4701D8AC4618} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-08-02] (MAGIX Software GmbH) Task: {3751A105-749E-4A93-B499-024C94FA3D9A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {39E7CC6A-36F4-41CC-A2CB-4EBDB07D9893} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-28] (AVAST Software) Task: {3A880277-B3A0-4C07-8A2F-C7A658D4C890} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation) Task: {5724CC59-5557-4CDC-A587-2708AC789FDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation) Task: {6DEC136F-EDC6-464D-BB8C-0A0B3A4A253D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation) Task: {6FA2FEF0-DFAC-4260-B626-2DF4178EEBA3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {709E8EA6-1944-478F-B0E2-B123594A1730} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {78F8F16A-6F93-4F8D-AA49-87757692AFB1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation) Task: {7D913358-C5ED-4929-9692-AF8B42ED20E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated) Task: {8418598A-7CB6-4F61-9982-78FA6FA0657D} - System32\Tasks\CreateExplorerShellUnelevatedTask => c:\windows\explorer.exe /NOUACCHECK Task: {9B37659C-9944-4CDF-A297-F6FCF663B073} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-19] (Microsoft Corporation) Task: {9D8C8BCD-FA53-4B01-9920-4812EB39DB0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation) Task: {9DF4C18B-908D-46CA-A95B-4E1A41475D56} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-12-15] () Task: {A9ECA067-0586-4D78-AF8D-8F8A66D61FDA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-08] (Adobe Systems Incorporated) Task: {AE61A286-0E75-4D32-9D71-C4C7501B07B7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-19] () Task: {AF5A8171-00EA-49F6-B8DF-73ACFD887562} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation) Task: {B087486A-AAAA-4A71-A76A-85F3DFB7BCA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation) Task: {B3BAFEBB-BB32-4F19-A11A-255B213D109B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation) Task: {B8A7ED1B-A0B1-48F7-9774-64E378597CFD} - System32\Tasks\{DC5F99F0-1B6D-4467-842D-14CBB40CF658} => C:\WINDOWS\system32\pcalua.exe -a E:\Games\Hitman\unins000.exe -d E:\Games\Hitman Task: {C41EA81C-3C30-476F-8533-9A8044AF4066} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-06] (AVAST Software) Task: {D2CEFD9D-3A82-4D4B-927D-D01D4FE31DD5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-19] () Task: {DDEBC3E9-E28E-4103-93B8-B4531C4260C9} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\remsh.exe Task: {DF58F4E1-DF59-4536-BD5D-5ACEA120438D} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {DFFCD21B-BDED-48CA-BFAC-6432EE134399} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe Task: {E27BFAE6-BCDE-4E6A-8776-40D1A953592A} - System32\Tasks\GIGABYTE OC GURU => C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2017-01-19] (GIGABYTE Technology Co.,Ltd.) Task: {E8FC3DA9-ECE7-454D-B456-3A4AABCD8766} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation) Task: {FE7010B7-E279-4E63-B594-8D98906F53B6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2017-09-08 16:48 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-05-23 20:55 - 2017-10-27 17:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-12-15 10:04 - 2017-12-15 10:04 - 000725288 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2017-06-17 10:35 - 2017-06-17 10:35 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll 2017-05-23 19:13 - 2013-06-18 11:26 - 000677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe 2017-05-23 19:13 - 2013-06-18 11:26 - 000714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe 2017-09-28 23:15 - 2017-09-28 23:17 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll 2017-09-28 23:17 - 2017-09-28 23:17 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll 2017-09-28 23:17 - 2017-09-28 23:17 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll 2018-02-16 03:56 - 2018-02-16 03:56 - 025843200 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.UI.exe 2018-02-16 03:56 - 2018-02-16 03:56 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-02-16 03:56 - 2018-02-16 03:56 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll 2018-02-08 23:29 - 2018-02-08 23:32 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2017-09-29 04:55 - 2017-09-29 05:04 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-02-16 03:56 - 2018-02-16 03:56 - 005527040 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.Visuals.dll 2017-12-28 12:40 - 2017-12-28 12:40 - 000067984 _____ () C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll 2017-12-28 12:40 - 2017-12-28 12:40 - 000067920 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll 2017-12-14 18:56 - 2017-12-14 18:56 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2017-12-14 18:56 - 2017-12-14 18:56 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2017-12-14 18:56 - 2017-12-14 18:56 - 000232448 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2017-12-14 18:56 - 2017-12-14 18:56 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2017-12-14 18:57 - 2017-12-14 18:57 - 000566784 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2017-09-08 16:48 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-12-17 15:23 - 2017-11-29 06:09 - 000781088 _____ () E:\Program Files (x86)\Steam\SDL2.dll 2017-05-19 17:22 - 2016-09-01 02:02 - 004969248 _____ () E:\Program Files (x86)\Steam\v8.dll 2017-12-17 15:23 - 2017-12-15 20:59 - 002558752 _____ () E:\Program Files (x86)\Steam\video.dll 2017-12-17 15:23 - 2017-11-04 02:54 - 005137696 _____ () E:\Program Files (x86)\Steam\libavcodec-57.dll 2017-12-17 15:23 - 2017-11-04 02:54 - 000351520 _____ () E:\Program Files (x86)\Steam\libavresample-3.dll 2017-05-19 17:22 - 2016-09-01 02:02 - 001563936 _____ () E:\Program Files (x86)\Steam\icui18n.dll 2017-05-19 17:22 - 2016-09-01 02:02 - 001195296 _____ () E:\Program Files (x86)\Steam\icuuc.dll 2017-12-17 15:23 - 2017-11-04 02:54 - 000695584 _____ () E:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-17 15:23 - 2017-11-04 02:54 - 000847136 _____ () E:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-17 15:23 - 2017-11-04 02:54 - 000783648 _____ () E:\Program Files (x86)\Steam\libswscale-4.dll 2017-12-17 15:23 - 2017-12-15 20:59 - 000904992 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-05-19 17:21 - 2016-07-04 23:17 - 000266560 _____ () E:\Program Files (x86)\Steam\openvr_api.dll 2017-12-28 12:40 - 2017-12-28 12:40 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-12-28 12:40 - 2017-12-28 12:40 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-12-28 12:40 - 2017-12-28 12:40 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll 2017-07-08 11:56 - 2017-07-08 11:56 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-12-28 12:40 - 2017-12-28 12:40 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-12-28 12:40 - 2017-12-28 12:40 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2015-03-24 18:01 - 2015-03-24 18:01 - 000192512 _____ () C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvVGAConfig.dll 2017-10-15 13:03 - 2017-09-07 03:04 - 000678400 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2017-12-17 15:23 - 2017-10-31 05:44 - 071471904 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2017-05-19 17:21 - 2015-09-25 00:52 - 000119208 _____ () E:\Program Files (x86)\Steam\winh264.dll 2018-01-12 18:41 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Maugan\AppData\Local\Discord\app-0.0.300\ffmpeg.dll 2018-01-12 18:42 - 2018-02-15 18:45 - 001780216 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node 2018-01-12 18:41 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Maugan\AppData\Local\Discord\app-0.0.300\libglesv2.dll 2018-01-12 18:41 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Maugan\AppData\Local\Discord\app-0.0.300\libegl.dll 2018-01-12 18:42 - 2018-01-27 14:50 - 009817080 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node 2018-01-12 18:42 - 2018-02-01 23:30 - 001508344 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node 2018-01-12 18:42 - 2018-01-12 18:42 - 000513016 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node 2018-01-12 18:42 - 2018-01-12 18:42 - 002662904 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node 2018-01-12 18:42 - 2018-02-01 23:30 - 001518072 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node 2018-01-12 19:43 - 2018-01-12 19:43 - 002749944 _____ () \\?\C:\Users\Maugan\AppData\Roaming\discord\0.0.300\modules\discord_contact_import\discord_contact_import.node 2017-12-17 15:23 - 2017-10-31 05:44 - 002020128 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll 2017-12-17 15:23 - 2017-10-31 05:44 - 000114464 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\Public\AppData:CSM [470] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-05-18 20:16 - 2017-10-28 22:27 - 000004994 _____ C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msads.net 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.rad.msn.com 0.0.0.0 a-0001.a-msedge.net 0.0.0.0 a-0002.a-msedge.net 0.0.0.0 a-0003.a-msedge.net 0.0.0.0 a-0004.a-msedge.net 0.0.0.0 a-0005.a-msedge.net 0.0.0.0 a-0006.a-msedge.net 0.0.0.0 a-0007.a-msedge.net 0.0.0.0 a-0008.a-msedge.net 0.0.0.0 a-0009.a-msedge.net 0.0.0.0 ac3.msn.com 0.0.0.0 ad.doubleclick.net 0.0.0.0 adnexus.net 0.0.0.0 adnxs.com 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msads.net 0.0.0.0 ads1.msn.com 0.0.0.0 aidps.atdmt.com 0.0.0.0 aka-cdn-ns.adtech.de 0.0.0.0 a-msedge.net 0.0.0.0 apps.skype.com 0.0.0.0 az361816.vo.msecnd.net 0.0.0.0 az512334.vo.msecnd.net 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.ads2.msads.net 0.0.0.0 b.rad.msn.com 0.0.0.0 bs.serving-sys.com Il y a 93 plus de lignes. ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-18911686-2275477452-3199720197-1001\Control Panel\Desktop\\Wallpaper -> E:\Maugan\Images\Wallpaper\Lion-Wallpaper-Hdnbspfond-ecran-hd3.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "WindowsDefender" HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-18911686-2275477452-3199720197-1001\...\StartupApproved\Run: => "Spotify" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{7D85BD3A-ABC1-43B5-9B37-D328DE4D3A49}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe FirewallRules: [{08DBF042-5FEB-4095-BCF0-917B78FC07F0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe FirewallRules: [{423BDAAD-91FB-475A-903A-EFEEC2ADEEB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [UDP Query User{577B08B7-FB4C-4AEA-A24E-A1B329844B21}E:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) E:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{0FAE9FDB-C0D9-4622-8B24-77D015D1A884}E:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) E:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{CCC0D4B2-E1D9-4741-B729-B72A9DDD4FC9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{43A97F16-6D57-4E96-B1CD-8CA6F9072043}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{1195C194-E334-4B87-AE3F-7FD2F08E7F4A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{4A3D700B-8724-4B09-9B09-EA756BFF68C3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [{29B11104-03B5-4C4D-97A7-0FA0CD963296}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8086B143-F7E5-45A5-9288-237AEACB1098}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{37F5EE91-FF3D-4E8B-B9DA-1B404155F924}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe FirewallRules: [{61A0306F-9252-466E-9F02-5516AC3B1ECE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe FirewallRules: [UDP Query User{DA3C9431-DBB7-46BA-A3BF-8A772EBC5991}E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe] => (Block) E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe FirewallRules: [TCP Query User{4AAEDE90-7B2E-4677-A08A-73D711120D38}E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe] => (Block) E:\games\sniper elite 4\bin\sniperelite4_dedicated.exe FirewallRules: [{F9362AA5-69B6-45FF-9084-4A6080362D28}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe FirewallRules: [{EB8762A0-D50A-4B1C-9988-41DD315A3182}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe FirewallRules: [{8A43A23A-CB57-46D2-B5B6-FBC6618DD192}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{FF7A5D00-9DBD-44C9-8757-EA261D9D606E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{DD9FE133-2D3E-4A5C-AE3E-43023B2A544A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{56FAF207-72CE-40B3-AE3B-25BF6C66092D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [UDP Query User{D8658D03-5AAE-4848-A762-0F951AE7E2D0}E:\games\far cry 4\bin\farcry4.exe] => (Allow) E:\games\far cry 4\bin\farcry4.exe FirewallRules: [TCP Query User{D231A1D0-6E74-4CF1-82D4-48542F71A35B}E:\games\far cry 4\bin\farcry4.exe] => (Allow) E:\games\far cry 4\bin\farcry4.exe FirewallRules: [UDP Query User{60D4C56D-70DE-498B-8344-25C2B63C09D1}E:\program files\openshot video editor\launch.exe] => (Allow) E:\program files\openshot video editor\launch.exe FirewallRules: [TCP Query User{077EEC3F-73DF-48D8-B66F-18AD9EDFBA52}E:\program files\openshot video editor\launch.exe] => (Allow) E:\program files\openshot video editor\launch.exe FirewallRules: [{A4A03276-E8D6-4D63-BD12-140DA2808273}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BRINK\brink.exe FirewallRules: [{8D3D79C9-60B4-4142-BE9F-AA7DEEB6E5DD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BRINK\brink.exe FirewallRules: [UDP Query User{743D88FA-D8B7-4836-9EA2-77E682AA275C}E:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) E:\games\batman - arkham city\binaries\win32\batmanac.exe FirewallRules: [TCP Query User{FBA8B430-CEAC-4E16-99EA-61C4C035898D}E:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) E:\games\batman - arkham city\binaries\win32\batmanac.exe FirewallRules: [UDP Query User{E3D0856A-F54E-41C6-A733-E2A22A4DD092}E:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored - goty edition\binaries\win32\dishonored.exe FirewallRules: [TCP Query User{406A1BAB-4D22-470A-8EBE-A393F9FE070A}E:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored - goty edition\binaries\win32\dishonored.exe FirewallRules: [UDP Query User{EADEDA82-7E38-4452-85E5-DD3843E2BF6F}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\maugan\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{8945BB63-FBEF-4900-978A-B4F3BBAFF13F}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\maugan\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{A8238D2E-50C5-4655-A79D-5B8F045DF431}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maugan\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{037FC86C-F0CF-4446-B28B-95267AAFD72C}C:\users\maugan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maugan\appdata\roaming\spotify\spotify.exe FirewallRules: [{68E0FC2F-8BCC-4204-BAE3-715746599518}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{746ED4D3-D37C-4F04-B96F-79BD10AB8B4F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [UDP Query User{56C9B647-1442-4CE8-AA88-1E849ECB3ECC}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{776B0DD8-1813-4311-96F3-443A468CB99E}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Block) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{18EF663E-B99F-4693-9FF7-EB7A51FCE370}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{A1E569E4-05AC-410B-A503-130003D334CB}E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [{9D8C4FFD-0A35-4D8C-8EE9-2CC20A92A2D8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{C1EF7A27-CFDF-4029-8156-4F8678A37335}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{C5D467AD-EBBB-4B19-9ACA-51CE28727581}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{1A4AD2D2-212F-4637-81C4-8F6E7D033061}] => (Block) E:\games\prey\binaries\danielle\x64\release\prey.exe FirewallRules: [{F0605A0C-EAFF-4F58-9BDA-AF504BA6FFD4}] => (Block) E:\games\prey\binaries\danielle\x64\release\prey.exe FirewallRules: [UDP Query User{D9891E2F-5274-4799-8376-5072A9CC7E28}E:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) E:\games\prey\binaries\danielle\x64\release\prey.exe FirewallRules: [TCP Query User{67BEF66F-D30A-4AFC-A1C2-B4AD95E731CC}E:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) E:\games\prey\binaries\danielle\x64\release\prey.exe FirewallRules: [{C1B451E9-8EBD-450D-A15E-81FF99D4F2C2}] => (Allow) E:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{124BC2BD-1659-4188-92FB-FCAF5371EA64}] => (Allow) E:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{EF2FF7FF-D77B-4861-81D0-8F9AEE5D395B}] => (Block) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{930A2525-D21E-4929-92DB-940D72D04A86}] => (Block) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{F8E4027E-0C1D-4B08-8F95-6E8CED94C219}C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [TCP Query User{E6C9AE1D-B184-4CBA-BCC0-D90903F6714A}C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{624A2605-8573-4C8D-919C-A157786FD6D5}] => (Block) E:\games\quantum break\dx11\quantumbreak.exe FirewallRules: [{FF22CF74-98DC-41E3-AF9D-862557766328}] => (Block) E:\games\quantum break\dx11\quantumbreak.exe FirewallRules: [UDP Query User{B170E8D2-F0EC-43D2-8D1C-50DC710C776D}E:\games\quantum break\dx11\quantumbreak.exe] => (Allow) E:\games\quantum break\dx11\quantumbreak.exe FirewallRules: [TCP Query User{3DBB6EBB-2CCA-4F80-BD39-C62082EC8AFA}E:\games\quantum break\dx11\quantumbreak.exe] => (Allow) E:\games\quantum break\dx11\quantumbreak.exe FirewallRules: [{521BC71E-38C2-42C8-B684-CE7EAF319BB2}] => (Block) E:\games\far cry - primal\bin\fcprimal.exe FirewallRules: [{64D0F8E7-7EDA-4337-9F25-B07D432D2003}] => (Block) E:\games\far cry - primal\bin\fcprimal.exe FirewallRules: [UDP Query User{5200ED0B-5BCF-474D-B0A4-AE14822DFBF6}E:\games\far cry - primal\bin\fcprimal.exe] => (Allow) E:\games\far cry - primal\bin\fcprimal.exe FirewallRules: [TCP Query User{E410F98B-BA1C-4B82-9FB8-374A5354111F}E:\games\far cry - primal\bin\fcprimal.exe] => (Allow) E:\games\far cry - primal\bin\fcprimal.exe FirewallRules: [{9A1A2D56-4113-42AE-940D-087B47D8E6D8}] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe FirewallRules: [{BB5D9CFF-B449-475B-BD7A-A0C7AFF0ECCC}] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe FirewallRules: [UDP Query User{456FFA2F-99CC-467D-BCD9-B984444B7DA9}E:\games\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored\binaries\win32\dishonored.exe FirewallRules: [TCP Query User{2D4E7513-74B6-40F9-8F87-6C64D6C54C84}E:\games\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\games\dishonored\binaries\win32\dishonored.exe FirewallRules: [{BA0DD08D-A5D4-4E3C-8CE9-5080B5535C92}] => (Block) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe FirewallRules: [{6EAB6FC7-B720-496D-A300-7C963812CBD6}] => (Block) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe FirewallRules: [UDP Query User{7F5963F5-8BAF-4802-B150-81FD72BD0033}E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe] => (Allow) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe FirewallRules: [TCP Query User{7B6B6D4D-1487-48AE-8737-B182A45F6705}E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe] => (Allow) E:\games\street fighter v\streetfighterv\binaries\win64\streetfighterv.exe FirewallRules: [{C904B72E-D867-43E9-8C2A-27D2542DCA56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{34FFDCA3-2200-495B-9CE5-16544A719F87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7ED0CF59-5B00-44E8-9E9A-3ED70C9E7E0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{326D156B-9143-427C-9CDE-C96F7F5831FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{98E87266-6596-483D-BF55-1F18DA07858F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{37530080-050B-44B1-80B5-87274D8749C6}] => (Block) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{B983156D-BC00-432D-AED8-32F368B678FD}] => (Block) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{898E92A6-95E7-4F25-B151-45AC633A705B}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [TCP Query User{6ED761F7-9147-44DD-989B-87785B34BBA7}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{2D036481-3C45-4F98-A5D8-55309ABDA6C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{67A79304-F5CE-4450-A3F2-7CEAE68F16F6}E:\program files (x86)\hearthstone\hearthstone.exe] => (Block) E:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{2077521E-2F40-4A39-834E-F9320DDC94A4}E:\program files (x86)\hearthstone\hearthstone.exe] => (Block) E:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe FirewallRules: [{88822580-026A-4617-8175-5683DEC9702E}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{774786C1-8E06-4771-9755-2383A5062F18}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{6B5B6238-A42C-4966-8164-BBA99AA1F756}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{045838D9-E306-4A28-9700-AA46F0AE2163}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{FB33D2A5-4CB9-4F74-B108-B792977128BF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{D4EC023A-33A1-47A9-9903-73BD4C8EB658}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{8E334CC6-A12E-41EE-8C66-8ECBD6A21612}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe FirewallRules: [{803C0EC1-211F-45BA-AF06-A0A0E6541009}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe FirewallRules: [{050DC654-26A2-44C4-AFA8-2D2C7A354A28}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{24E69BAD-54E4-46F7-8586-AB072769CC67}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{C688214A-B514-4B9F-BF96-79AA60F4BF4C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe FirewallRules: [{6E605186-ED0E-4F08-9681-A143AC41D1A0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe FirewallRules: [{379439E9-705E-4199-B530-35948E3E899C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe FirewallRules: [{25A1F391-9979-4ACF-B066-12463954BA66}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe FirewallRules: [{64F688BA-E76E-4897-8BF1-919187DF214F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe FirewallRules: [{A207232C-67C9-4EF1-B276-5640E1455E67}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe FirewallRules: [{A1093E11-E3D9-4A3B-A5CA-DB2010FEC5F3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{53F64268-3CE6-477B-8C2C-7AF7F00E73DF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{2BCB2EC9-3643-42CD-BA62-EABFEA05EA06}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{0F58614A-C68D-4004-85A0-21B8AE5A3C52}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{B2FAD79D-7D2A-45FB-92B1-884C598AC641}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4BB74623-94FE-4B57-A3EF-4C88CB2C90C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F9FCF23D-7809-4C75-A136-7C7FE7DE219B}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{4CA42252-0E0F-4BC3-B10D-34B380630089}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [TCP Query User{B9A15A14-7EE4-4BCF-AB36-345D2567D1C3}E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{AC83DDF5-F8FC-44E3-B627-B8D914D4606B}E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe FirewallRules: [{BD8C1739-F48E-4327-BB69-92215A6EA934}] => (Block) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe FirewallRules: [{8994E5FD-3274-4323-933E-A487F5F1445F}] => (Block) E:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe FirewallRules: [{1791D131-1FAE-4C13-8F46-21D34375A295}] => (Block) C:\Windows\explorer.exe FirewallRules: [TCP Query User{CEF4DCDB-4E60-47C2-85CB-6E7CED1B4554}E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe FirewallRules: [UDP Query User{C8D902AA-7C91-4C57-BD69-CCFCA28C7F1E}E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) E:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe FirewallRules: [TCP Query User{9A74CDD8-7B0C-4012-BAB3-7530AF31CFB2}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{8D6B8810-5EDE-4906-A703-DA55DA9A505E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{17310C27-7D9B-4837-AF13-F55B167D64A8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{3037C3F5-06E4-45F9-8C5A-4792FD666AE1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{39C3D995-BB79-4279-A6A3-347490D83C6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{EE3537BE-B96F-4FC8-A093-E7C787444582}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [TCP Query User{F9797BAA-D9EB-4ECB-A88F-AF9A9B3CA7E9}E:\program files\matlab\r2017a\bin\win64\matlab.exe] => (Allow) E:\program files\matlab\r2017a\bin\win64\matlab.exe FirewallRules: [UDP Query User{9C0F4983-6C7F-456B-BB4C-7A539B7849B3}E:\program files\matlab\r2017a\bin\win64\matlab.exe] => (Allow) E:\program files\matlab\r2017a\bin\win64\matlab.exe FirewallRules: [{B5E36C50-FFFF-42EF-86A2-28D086363435}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BrutalLegend\BrutalLegend.exe FirewallRules: [{3A48CAA9-1CEA-484C-AF10-FA8B9A13CEA8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BrutalLegend\BrutalLegend.exe FirewallRules: [{B8707A6E-7896-4D01-A518-E5A209666D42}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{DECB881E-9353-48D7-B421-2DA8A2947F77}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B4A25CEB-AABA-40B8-8789-7093A9D6C776}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{54DE71A0-5D85-46D5-B91E-88E0AE3D9BEE}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{E1DC0F6D-3B79-4E1C-A1DD-8D7CAC1C1E6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{52C3A29C-D10C-419F-80AD-6BEF4C016CEF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{7BAC59F5-565A-4A25-A2D4-96465EFD7195}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{06E0FC55-9055-420C-A5BE-75026774CB3D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{470D51A6-DC59-4E0B-ABBC-39F38761385B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{BA11A040-55D8-46BE-90F8-9E81E18E92F7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe FirewallRules: [{C6453BDD-5949-447D-8CA0-6AFE652FF3D7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe FirewallRules: [{0D180CC7-F7AF-4F1C-957A-E985CA566941}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe FirewallRules: [{75313528-0FD9-41A8-B1F3-41A8DE081F8D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe FirewallRules: [{AF6B383F-EFFF-40F6-9755-3C56695C9DBA}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe FirewallRules: [{AA921351-34CE-400B-8F3F-84D0262F2001}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe FirewallRules: [{3EB90671-F4F2-40B8-9DCE-48E4DD3CD35B}] => (Allow) LPort=1688 FirewallRules: [{59A71822-3B48-4B88-A80D-0AA631889669}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe FirewallRules: [{D0CD19A1-330C-4C12-B4D9-C3569D67DCDC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe FirewallRules: [{60DBD3CA-1716-4823-A420-4CF611DD9164}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe ==================== Points de restauration ========================= 27-01-2018 11:41:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 02-02-2018 17:59:03 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 08-02-2018 22:16:00 Windows Update 15-02-2018 22:48:55 Point de contrôle planifié ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Clavier standard PS/2 Description: Clavier standard PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Claviers standard) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Souris Microsoft PS/2 Description: Souris Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (02/08/2018 07:47:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante uTorrent.exe, version : 2.2.1.25110, horodatage : 0x4d78393f Nom du module défaillant : GDI32.dll, version : 10.0.16299.15, horodatage : 0xbf7b6630 Code d’exception : 0xc000041d Décalage d’erreur : 0x00005b36 ID du processus défaillant : 0x23a4 Heure de début de l’application défaillante : 0x01d3a053fa631324 Chemin d’accès de l’application défaillante : E:\Program Files (x86)\uTorrent\uTorrent.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\GDI32.dll ID de rapport : 47017ba1-fada-4c66-8baa-22cdf3e075ed Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/08/2018 06:38:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante setup.tmp, version : 51.1052.0.0, horodatage : 0x506a75b5 Nom du module défaillant : botva2.dll_unloaded, version : 0.9.7.151, horodatage : 0x2a425e19 Code d’exception : 0xc000041d Décalage d’erreur : 0x00005514 ID du processus défaillant : 0x3a94 Heure de début de l’application défaillante : 0x01d3a1013bc17909 Chemin d’accès de l’application défaillante : C:\Users\Maugan\AppData\Local\Temp\is-QIS07.tmp\setup.tmp Chemin d’accès du module défaillant: botva2.dll ID de rapport : 7258b269-fef9-4716-a342-0c9c8079df33 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/08/2018 06:38:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante setup.tmp, version : 51.1052.0.0, horodatage : 0x506a75b5 Nom du module défaillant : botva2.dll_unloaded, version : 0.9.7.151, horodatage : 0x2a425e19 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00005514 ID du processus défaillant : 0x3a94 Heure de début de l’application défaillante : 0x01d3a1013bc17909 Chemin d’accès de l’application défaillante : C:\Users\Maugan\AppData\Local\Temp\is-QIS07.tmp\setup.tmp Chemin d’accès du module défaillant: botva2.dll ID de rapport : 2a8415e2-5611-4949-a0f3-fb2edd45888c Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/07/2018 09:39:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x80004005 Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/07/2018 09:39:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x80004005 Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/07/2018 09:39:14 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x80004005 Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (02/04/2018 01:58:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante uTorrent.exe, version : 2.2.1.25110, horodatage : 0x4d78393f Nom du module défaillant : GDI32.dll, version : 10.0.16299.15, horodatage : 0xbf7b6630 Code d’exception : 0xc000041d Décalage d’erreur : 0x00005b36 ID du processus défaillant : 0x4e4 Heure de début de l’application défaillante : 0x01d39d54ca61505b Chemin d’accès de l’application défaillante : E:\Program Files (x86)\uTorrent\uTorrent.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\GDI32.dll ID de rapport : 5a68dc73-a585-4955-a7c4-e315ca651e92 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/04/2018 12:09:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x80004005 Arguments de la ligne de commande : RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent Erreurs système: ============= Error: (02/17/2018 12:49:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service TeamViewer 12 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 2000 millisecondes : Redémarrer le service. Error: (02/16/2018 10:05:07 PM) (Source: DCOM) (EventID: 10016) (User: PC-MAUGAN) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID PC-MAUGAN\Maugan de l’utilisateur (S-1-5-21-18911686-2275477452-3199720197-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (02/08/2018 11:23:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Update Orchestrator Service s’est arrêté avec l’erreur : Cette opération s’est terminée car le délai d’attente a expiré. Error: (02/01/2018 11:16:51 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 10:47:49 le ‎01/‎02/‎2018 n’était pas prévu. Error: (01/20/2018 02:43:22 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/20/2018 02:33:14 PM) (Source: DCOM) (EventID: 10010) (User: PC-MAUGAN) Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/20/2018 02:33:14 PM) (Source: DCOM) (EventID: 10010) (User: PC-MAUGAN) Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/20/2018 02:21:16 PM) (Source: DCOM) (EventID: 10001) (User: PC-MAUGAN) Description: Impossible de démarrer un serveur DCOM : Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca en tant que Non disponible/Non disponible. L’erreur « 267 » s’est produite lors du démarrage de la commande : "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca Windows Defender: =================================== Date: 2018-02-08 23:20:29.297 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {5845E63E-7031-46B5-A6C8-F480188E0CD3} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2018-02-08 19:00:51.894 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nom : HackTool:MSIL/AutoKMS ID : 2147711767 Gravité : Moyenne Catégorie : Outil Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe->[lowcase_mzpe];file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe->[lowcase_mzpe];process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223 Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : PC-MAUGAN\Maugan Nom du processus : C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0 Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0 Date: 2018-02-08 19:00:51.629 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nom : HackTool:MSIL/AutoKMS ID : 2147711767 Gravité : Moyenne Catégorie : Outil Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe->[lowcase_mzpe];process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223 Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : PC-MAUGAN\Maugan Nom du processus : C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0 Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0 Date: 2018-02-08 19:00:01.744 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nom : HackTool:MSIL/AutoKMS ID : 2147711767 Gravité : Moyenne Catégorie : Outil Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223 Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : PC-MAUGAN\Maugan Nom du processus : C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0 Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0 Date: 2018-02-08 18:59:09.930 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nom : HackTool:MSIL/AutoKMS ID : 2147711767 Gravité : Moyenne Catégorie : Outil Chemin : file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.189\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\AutoPico.exe;file:_C:\Users\Maugan\AppData\Local\Temp\Rar$EXa0.798\KMSpico 10.2.0 Final + Portable\KMSpico Portable\KMSELDI.exe;process:_pid:2324,ProcessStart:131625860499712241;process:_pid:9532,ProcessStart:131625860905793223 Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : PC-MAUGAN\Maugan Nom du processus : E:\Program Files\CCleaner\CCleaner64.exe Version de la signature : AV: 1.261.885.0, AS: 1.261.885.0, NIS: 118.2.0.0 Version du moteur : AM: 1.1.14500.5, NIS: 2.1.14202.0 Date: 2018-02-07 21:52:25.063 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.261.746.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.14500.5 Code d’erreur : 0x80072ee2 Description de l’erreur : Le délai imparti à l’opération est dépassé Date: 2018-02-07 21:52:25.063 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.261.746.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Logiciel anti-espion Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.14500.5 Code d’erreur : 0x80072ee2 Description de l’erreur : Le délai imparti à l’opération est dépassé Date: 2018-02-07 21:52:25.063 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.261.746.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.14500.5 Code d’erreur : 0x80072ee2 Description de l’erreur : Le délai imparti à l’opération est dépassé Date: 2018-02-07 21:49:36.990 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.261.746.0 Source de mise à jour : Serveur Microsoft Update Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.14500.5 Code d’erreur : 0x80240022 Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions. Date: 2018-02-07 21:49:36.990 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.261.746.0 Source de mise à jour : Serveur Microsoft Update Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.14500.5 Code d’erreur : 0x80240022 Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Pourcentage de mémoire utilisée: 57% Mémoire physique - RAM - totale: 8154.53 MB Mémoire physique - RAM - disponible: 3468.62 MB Mémoire virtuelle totale: 9306.53 MB Mémoire virtuelle disponible: 2764.66 MB ==================== Lecteurs ================================ Drive c: (Disque Windows) (Fixed) (Total:223.02 GB) (Free:133.33 GB) NTFS Drive e: (Disque données) (Fixed) (Total:1862.89 GB) (Free:75.24 GB) NTFS \\?\Volume{2c053695-b4ac-4328-ae88-d452ea69feda}\ (Récupération) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS \\?\Volume{27be7878-fe3a-46ed-8393-812f78b678d8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fin de Addition.txt ============================