Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 24.10.2018 Exécuté par Utilisateur (26-10-2018 22:19:47) Exécuté depuis C:\Users\Utilisateur\Desktop Windows 10 Enterprise Version 1803 17134.345 (X64) (2018-05-21 22:44:57) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-1135970487-826229317-1366789239-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1135970487-826229317-1366789239-503 - Limited - Disabled) Invité (S-1-5-21-1135970487-826229317-1366789239-501 - Limited - Disabled) Utilisateur (S-1-5-21-1135970487-826229317-1366789239-1001 - Administrator - Enabled) => C:\Users\Utilisateur WDAGUtilityAccount (S-1-5-21-1135970487-826229317-1366789239-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe CS6 Master Collection Patch 64bit (HKLM-x32\...\Adobe CS6 Master Collection Patch 64bit) (Version: - ) Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.) Application Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22395 - Microsoft Corporation) BitTorrent (HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\BitTorrent) (Version: 7.10.4.44633 - BitTorrent Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0232 - Disc Soft Ltd) Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 59.4.93 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION) EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation) Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.10.0.1016 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\{11B73856-A062-4E6B-A80E-A3F380BBAB65}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) LibreOffice 5.3.3.2 (HKLM-x32\...\{C7C4A0C6-8483-4065-851D-CBE5DC17D046}) (Version: 5.3.3.2 - The Document Foundation) Life Is Strange Episode 1-5 (HKLM-x32\...\{59B6CAE2-7D66-4571-B938-6A5713937221}_is1) (Version: 1.0.8623.0 - Square Enix) LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.) Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mises à jour NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden Mozilla Firefox 63.0 (x64 fr) (HKLM\...\Mozilla Firefox 63.0 (x64 fr)) (Version: 63.0 - Mozilla) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.4.1 - Notepad++ Team) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.16 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA Pilote graphique 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Panneau de configuration NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden PhotoFiltre (HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\PhotoFiltre) (Version: - ) Robert Correcteur 2.1.1 x64 (HKLM\...\{3E4F7E16-BF9B-43EB-AE92-F3A0C15787C1}) (Version: 2.11.800 - Diagonal) RomStation (HKLM-x32\...\{223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1) (Version: - RomStation) Spotify (HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\Spotify) (Version: 1.0.82.447.g975ad224 - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.6.0.8 - GOG.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Tablette Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.29-6 - Wacom Technology Corp.) Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts) Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version: - Microsoft) UpdateAssistant (HKLM\...\{E1D7CB46-BAE9-4D58-99C4-582332B1755A}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN) WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-05-18] () ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {01194716-5AF7-4B2E-A08B-037100155438} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation) Task: {0C02310A-1EB2-4B3F-98C7-FCDD2B15A4D0} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-02] (Dropbox, Inc.) Task: {0FAEDECF-F76D-4EEE-94F0-C1344275C84B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-02] (Dropbox, Inc.) Task: {14B421FD-0EE2-4F3D-86F5-1784A06551B7} - System32\Tasks\S-1-5-21-1135970487-826229317-1366789239-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation) Task: {16E43E8E-9B58-4BB6-9005-D944224A6C15} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe Task: {1F824ECD-90A0-45EC-B46B-C38CA029642D} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation) Task: {2CC3B993-BCF6-417E-AB01-FE457CE0DEDB} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {2CDDE5CD-AFE8-43A2-9D3B-E5A31AF2296D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-12] (NVIDIA Corporation) Task: {4D62E98F-64F5-4DF1-8069-749E0CCAE891} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-26] (Microsoft Corporation) Task: {4EF19793-895A-48C7-A95C-5FE9B39DC90B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-26] (Microsoft Corporation) Task: {4FA89CAA-31A4-4354-B174-205B0D92EDB1} - System32\Tasks\{7526871C-25BE-434D-AED6-94B5498FE0EC} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNAVI.EXE" -d C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3 -c /ST /P "EPSON XP-205 207 Series" Task: {5AF98EDD-900B-401C-A32E-F65CC233CFB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-26] (Microsoft Corporation) Task: {5BABCC09-2171-4409-AABA-E966A14DF1C9} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2017-11-08] (Intel(R) Corporation) Task: {5EF1507B-0674-4202-AE59-70FBA47CEE81} - System32\Tasks\AviraSystemSpeedupRemoval => %comspec% [Argument = /C rmdir "C:\Program Files (x86)\Avira\System Speedup" /S /Q & schtasks /Delete /F /TN AviraSystemSpeedupRemoval] Task: {609A19ED-FAC5-4CDB-A1CB-04D5B3A76B3E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6B6DE730-499C-46AE-991B-C152D30E4D65} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation) Task: {745A0EDE-6B8D-4E2C-88E7-F6D129F13EAC} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe Task: {75AE003D-4D22-42DC-87D7-5A9938488A53} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe Task: {75B91C3F-F799-4CA9-87B4-D05002BB5839} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {77836F59-F7A7-4956-A381-67C818B6CE1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {79FB0016-559C-4B32-A6AD-CFCA4B25ED43} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-26] (Microsoft Corporation) Task: {7F61B346-97C3-428E-8876-D332BF2CE00B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation) Task: {805B48FB-9DA1-47EE-BFFC-8B9C17C79025} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-09] (Adobe Systems Incorporated) Task: {90C52906-24CB-4E68-949D-51BFB2D8489B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-17] (AVAST Software) Task: {955E02BE-5E25-427D-A004-9A3F2A1618DA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-12] (NVIDIA Corporation) Task: {A0B39C29-5C5F-4B33-BD1F-E2601617CC75} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated) Task: {AA7FE810-FB19-4314-B37D-9D23F9848B17} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated) Task: {AD6D3E0D-4A46-4171-BFAC-B780136BAE28} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation) Task: {BEEA7C3A-1EA9-48CB-8AE4-B5CFE5B79472} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation) Task: {C48D50E5-71A9-48D8-B7C1-3DA9AECBDEC3} - \Microsoft\Windows\WindowsUpdate\sih -> Pas de fichier <==== ATTENTION Task: {D8E956FC-408B-4CAF-B8D6-BEE16F2EA3B2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {DCF131F1-033B-49F5-97D2-250DA190979B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-15] (Google Inc.) Task: {EC317E5F-329D-491E-BD9D-E5444B4861BC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation) Task: {ECD9E6BF-F7AC-498E-B967-8EC267ABF3FF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-12] (NVIDIA Corporation) Task: {F1432F64-A4DF-4A16-8EAD-8EAEC8A9BC24} - System32\Tasks\Avira Safe Shopping Updater => C:\Program Files (x86)\Avira\Safe Shopping\\Updater\Updater.exe Task: {F5CDC60B-EED3-46F1-8513-7A9AAAAE4072} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-15] (Google Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2018-05-24 20:47 - 2018-10-02 07:35 - 000154152 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2018-10-10 21:48 - 2018-09-12 13:42 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2017-05-18 02:05 - 2017-05-18 02:05 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2018-04-19 18:48 - 2018-04-03 19:04 - 002288072 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2018-10-09 22:49 - 2018-09-20 05:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-24 00:30 - 2018-10-24 00:31 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-10-24 00:30 - 2018-10-24 00:31 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-10-04 22:26 - 2018-10-04 22:26 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-10-24 00:30 - 2018-10-24 00:30 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-10-24 00:30 - 2018-10-24 00:30 - 010978304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2018-10-24 00:30 - 2018-10-24 00:31 - 002810368 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\skypert.dll 2018-10-24 00:30 - 2018-10-24 00:31 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-10-10 21:48 - 2018-09-12 13:42 - 101252136 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2018-10-10 21:48 - 2018-09-12 13:42 - 004619816 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libglesv2.dll 2018-10-10 21:48 - 2018-09-12 13:42 - 000108584 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libegl.dll 2018-10-24 00:30 - 2018-10-24 00:30 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-10-24 00:30 - 2018-10-24 00:30 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-10-24 00:30 - 2018-10-24 00:30 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-09-26 12:17 - 2017-09-26 12:17 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-10-24 00:30 - 2018-10-24 00:30 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll 2018-09-20 20:19 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll 2018-09-20 20:19 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll 2018-10-26 22:07 - 2018-10-26 22:07 - 003172736 _____ () C:\Users\Utilisateur\Downloads\ZHPDiag3.exe 2015-09-19 04:27 - 2015-09-19 04:27 - 000293440 _____ () C:\Program Files\Microsoft Office\Office16\IEAWSDC.DLL 2018-10-10 21:48 - 2018-09-12 13:42 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-11-22 18:18 - 2017-11-22 18:18 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2018-10-26 19:42 - 2018-10-26 19:42 - 000540336 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.10671\ortp.dll 2018-10-26 19:42 - 2018-10-26 19:42 - 085481960 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.10671\libcef.dll 2018-10-26 19:42 - 2018-10-26 19:42 - 000089600 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.10671\libEGL.dll 2018-10-26 19:42 - 2018-10-26 19:42 - 003841536 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.10671\libGLESv2.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-10-30 09:24 - 2018-10-07 12:11 - 000002753 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-1135970487-826229317-1366789239-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Utilisateur\Pictures\1806519_original.jpg DNS Servers: 89.2.0.1 - 89.2.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Le Pare-feu is disabled. ==================== MSCONFIG/TASK MANAGER éléments désactivés == Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé. HKLM\...\StartupApproved\StartupFolder: => "Le Robert Correcteur.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "MouseDriver" HKLM\...\StartupApproved\Run32: => "RzWizard" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter" HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger" HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\StartupApproved\Run: => "BitTorrent" HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\StartupApproved\Run: => "Chromium" HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-1135970487-826229317-1366789239-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{AE9588B2-89BF-4D59-90C2-5B1F1D3C0D84}C:\program files (x86)\blizzard app\battle.net.exe] => (Allow) C:\program files (x86)\blizzard app\battle.net.exe FirewallRules: [TCP Query User{0EFC738B-0E3C-4F6B-AA08-41D4B9C18C08}C:\program files (x86)\blizzard app\battle.net.exe] => (Allow) C:\program files (x86)\blizzard app\battle.net.exe FirewallRules: [UDP Query User{E118E5D2-6202-4078-A670-B6E41040ED53}E:\programmes\overwatch\overwatch\overwatch.exe] => (Allow) E:\programmes\overwatch\overwatch\overwatch.exe FirewallRules: [TCP Query User{F9E15E0F-8445-4B14-92C2-7BD3F4E23056}E:\programmes\overwatch\overwatch\overwatch.exe] => (Allow) E:\programmes\overwatch\overwatch\overwatch.exe FirewallRules: [{4B6D3F03-9785-4957-BC45-97831EF1831F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5F660227-2EDF-4E5F-BB3E-C6E12FFACEF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CB5CB1A6-FCD6-48FA-B45A-ED8ADD1D09E9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{F7614A75-6849-4D4F-8BEC-C58231F5F5E2}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{B66C99ED-A3A2-44C6-B275-5BD6D6AAD6B7}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{9C1A6E84-0941-4317-8A33-9FAE6050E085}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [TCP Query User{9E900594-1059-49D4-80E8-98F71B0D15FD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{1BE517B8-3BD9-4812-8AF8-9DBCD7B45826}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{7BE0D932-3BEB-4CE8-9B6E-47DE447FE293}] => (Allow) C:\Users\Utilisateur\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{B5B427EE-5AA6-49DC-9F18-D79322E46DCF}] => (Allow) C:\Users\Utilisateur\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{FB792678-79E0-4833-9E3A-DFBB5FCEFA07}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe FirewallRules: [{7505AA39-C038-4D61-AC88-47B1C92A0128}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe FirewallRules: [TCP Query User{CCA0378B-95F4-4510-AEFD-969A56E3C6CA}C:\gog games\empire earth gold edition\empire earth - the art of conquest\ee-aoc.exe] => (Allow) C:\gog games\empire earth gold edition\empire earth - the art of conquest\ee-aoc.exe FirewallRules: [UDP Query User{BA2B82E5-5641-40D6-BC44-26EF16977448}C:\gog games\empire earth gold edition\empire earth - the art of conquest\ee-aoc.exe] => (Allow) C:\gog games\empire earth gold edition\empire earth - the art of conquest\ee-aoc.exe FirewallRules: [TCP Query User{1274BAD9-AECA-4F56-BB40-6D83AEFEE36A}C:\gog games\empire earth gold edition\empire earth\empire earth.exe] => (Block) C:\gog games\empire earth gold edition\empire earth\empire earth.exe FirewallRules: [UDP Query User{B4FBBE53-8C17-4C42-A00D-5B3027590D97}C:\gog games\empire earth gold edition\empire earth\empire earth.exe] => (Block) C:\gog games\empire earth gold edition\empire earth\empire earth.exe FirewallRules: [{2E757E24-A714-4649-86CD-E78D0B439401}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A9A563A7-6725-41AA-8B30-720C92338964}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{04E1194A-A7EC-41B2-8795-CEBDFF10825D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{7D7B1B5E-588B-4EB1-B703-A6110411A2AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{C6EFF20A-7FE4-4C2B-9306-09241A769669}C:\users\utilisateur\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\utilisateur\appdata\local\programs\lnv\stremio-4\node.exe FirewallRules: [UDP Query User{9E5AA1C5-26C5-4533-801C-AF669BAA1C2D}C:\users\utilisateur\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\utilisateur\appdata\local\programs\lnv\stremio-4\node.exe FirewallRules: [{9889F0B1-8758-4FC3-BF2F-EC6F63AA4881}] => (Block) C:\users\utilisateur\appdata\local\programs\lnv\stremio-4\node.exe FirewallRules: [{647CDB47-151D-4431-B942-63F7EC8D53AF}] => (Block) C:\users\utilisateur\appdata\local\programs\lnv\stremio-4\node.exe FirewallRules: [TCP Query User{109CFD3B-CA50-4455-9A1D-1BDCD8808420}E:\jeux vidéos\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) E:\jeux vidéos\starcraft ii\versions\base60321\sc2_x64.exe FirewallRules: [UDP Query User{B3669AFD-3610-42E6-90DC-AA38B788F3DA}E:\jeux vidéos\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) E:\jeux vidéos\starcraft ii\versions\base60321\sc2_x64.exe FirewallRules: [TCP Query User{B0EF55FA-7A8E-4126-A3E6-049693C3868A}C:\users\utilisateur\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\utilisateur\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{3451D0EB-DE8E-47B6-BF90-D971EFEEAC2F}C:\users\utilisateur\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\utilisateur\appdata\roaming\spotify\spotify.exe FirewallRules: [{AFE413EB-BF3F-4524-A613-C551915B4E4B}] => (Block) C:\users\utilisateur\appdata\roaming\spotify\spotify.exe FirewallRules: [{BA31DA85-8CF7-40C3-B3A0-5E10FA3D8A56}] => (Block) C:\users\utilisateur\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{2574954E-0EEF-42A2-9BA0-5D68AF80E177}E:\jeux vidéos\hearthstone\hearthstone.exe] => (Allow) E:\jeux vidéos\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{4C786CD2-22AC-4F22-8E95-C08DFFC98AF6}E:\jeux vidéos\hearthstone\hearthstone.exe] => (Allow) E:\jeux vidéos\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{26E45F6D-3DDB-4A8B-8548-EAD71B798AC7}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{27F040EF-65DA-46DB-9137-5784D88B9880}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{5A73975B-C3E2-4BBE-9FD8-2DFA644D07D8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{C6DF7698-2004-4A23-8E25-B4A9FB789B89}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{B3B69A19-4CD7-410F-A733-CFFFFDF46F42}C:\users\utilisateur\appdata\local\championify\app-2.1.3\championify.exe] => (Allow) C:\users\utilisateur\appdata\local\championify\app-2.1.3\championify.exe FirewallRules: [UDP Query User{3A2BB325-40D4-4608-974A-EE828BA02C08}C:\users\utilisateur\appdata\local\championify\app-2.1.3\championify.exe] => (Allow) C:\users\utilisateur\appdata\local\championify\app-2.1.3\championify.exe FirewallRules: [TCP Query User{F8FCCB3C-0D42-4F6F-92E9-4D5764672989}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe FirewallRules: [UDP Query User{F3D4091F-075D-431B-BAD2-AFA359DAD655}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe FirewallRules: [{5678672D-5A6D-4799-8FA6-81D854BD8021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe FirewallRules: [{003101A6-75CB-4F50-A379-F83D279D5994}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe FirewallRules: [TCP Query User{4ABF9F21-065E-4CF8-941D-68426A1C86E3}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe FirewallRules: [UDP Query User{EAEA3E48-064F-417A-919C-E96F726736DD}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe FirewallRules: [{1991B6DB-BBD5-4A4A-85AC-0017CD31E32D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe FirewallRules: [{A9954FDB-C573-45B3-94B1-97F164AF1B27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe FirewallRules: [TCP Query User{709911CC-B6D0-4F9F-A99D-2B6354A1CE19}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe FirewallRules: [UDP Query User{6BF8482D-4834-4551-B9C3-F1A9F6C49B37}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe FirewallRules: [TCP Query User{7A679530-FDF8-4D2D-A54C-A78ED9971555}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe FirewallRules: [UDP Query User{7970DC96-8C70-410D-A02B-27EFC9110992}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe FirewallRules: [TCP Query User{E10CC3ED-74B4-43DE-85D9-AA6D29688F2A}E:\jeux vidéos\hearthstone\hearthstone.exe] => (Allow) E:\jeux vidéos\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{A45A65A2-1179-4B6C-91F7-AD155463E25E}E:\jeux vidéos\hearthstone\hearthstone.exe] => (Allow) E:\jeux vidéos\hearthstone\hearthstone.exe FirewallRules: [{6DA1E2A5-0AC2-47BD-B3CA-4B2DA82E8946}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{8485F94E-702F-4361-88A5-F14C337B1E13}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{90FA8D48-CEDF-498F-83A8-A8C84AD872A3}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{51DB35D4-745D-4AEA-AAD1-5FDA43AD24FA}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe FirewallRules: [UDP Query User{4A28D8D6-348E-4168-BE18-3CB0390DCDE0}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe FirewallRules: [{2FB6ACB4-504E-43F4-8DC2-DD5E5A602157}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{1118F899-3CDF-4F3A-8220-0638F811894F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{FE26012B-EEF7-4568-ACFC-89E85F83638A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{153AFE7F-E5EB-41CE-BE09-49DA4B902347}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{0545AA52-4849-4CD0-BB4C-5A846458615E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{541F5D1F-8E56-4B8E-9EA1-C8868B21023C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [TCP Query User{B41B7C2D-1BE7-4188-9819-6AB4BAE25788}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Block) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe FirewallRules: [UDP Query User{644C1EAF-7A89-4517-A7FA-98F0F52C3925}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Block) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe FirewallRules: [TCP Query User{90CE5DD0-C070-42F6-9734-6F74DC223DFE}C:\users\utilisateur\desktop\v1.05b_raft_win64\v1.05b_raft_win64.exe] => (Allow) C:\users\utilisateur\desktop\v1.05b_raft_win64\v1.05b_raft_win64.exe FirewallRules: [UDP Query User{CD8F7022-06C6-4D09-B4D1-AE2B22524F2C}C:\users\utilisateur\desktop\v1.05b_raft_win64\v1.05b_raft_win64.exe] => (Allow) C:\users\utilisateur\desktop\v1.05b_raft_win64\v1.05b_raft_win64.exe FirewallRules: [TCP Query User{56B6AB83-4209-4CDE-AB9E-3451846350EC}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe FirewallRules: [UDP Query User{E168EB72-5521-44EF-BB00-5BA57B82BB8C}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe FirewallRules: [{98D7556D-510A-4AFC-91DD-CDB5E46E0BE3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D14AD9CF-70B3-471E-966D-C68DC19F2633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe FirewallRules: [{B30F3E23-DB0B-4DFD-8F32-10B920A1C546}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe FirewallRules: [{A894E205-8493-47A8-AF33-F17EA40F0A6E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{91B5EE5D-98E1-4A33-A03A-675FC9399AD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F97C9513-E0FF-4BE7-9B8C-965B397FF1AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{8314961A-1F0E-4EC5-91A3-937847BDF845}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{0341B331-2307-41C2-96EA-9B439D165BEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{38EB094C-41A0-43C1-B514-A3C081E964AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{48BE521F-8E2B-4F56-8F7D-1A43F53FBA0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{F88A8E15-887B-455E-85B9-2424E7A2DE1C}E:\programmes\overwatch\hearthstone\hearthstone.exe] => (Allow) E:\programmes\overwatch\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{4F449169-0F54-4F95-9F1B-E3F8EAA05E44}E:\programmes\overwatch\hearthstone\hearthstone.exe] => (Allow) E:\programmes\overwatch\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{191DFAC5-F7BF-48E3-B193-7C3BFC4F6A6C}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe FirewallRules: [UDP Query User{CAB91C4D-E0FA-4E2F-B3B4-567747A501DA}E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) E:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe ==================== Points de restauration ========================= ATTENTION: La Restauration système est désactivée ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: LogMeIn Hamachi Virtual Ethernet Adapter Description: LogMeIn Hamachi Virtual Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: LogMeIn Inc. Service: Hamachi Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (10/26/2018 07:40:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Spotify.exe, version : 1.0.82.447, horodatage : 0x5b101db7 Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.319, horodatage : 0x5ea0e53d Code d’exception : 0xc0000005 Décalage d’erreur : 0x000f6480 ID du processus défaillant : 0x31b8 Heure de début de l’application défaillante : 0x01d46d5309a0b421 Chemin d’accès de l’application défaillante : C:\Users\Utilisateur\AppData\Roaming\Spotify\Spotify.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : dcc6b2e5-d7e4-4565-b8d1-9aa39936321d Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/26/2018 07:40:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Spotify.exe, version : 1.0.82.447, horodatage : 0x5b101db7 Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.319, horodatage : 0x5ea0e53d Code d’exception : 0xc0000005 Décalage d’erreur : 0x000f6480 ID du processus défaillant : 0x6a0 Heure de début de l’application défaillante : 0x01d46d5307ad14a0 Chemin d’accès de l’application défaillante : C:\Users\Utilisateur\AppData\Roaming\Spotify\Spotify.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 7abaa8c4-01e5-44f0-84c7-e638a4f111c3 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/26/2018 07:34:44 PM) (Source: AviraOptimizerHost) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/26/2018 07:33:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable Error: (10/26/2018 07:32:45 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (10/26/2018 07:31:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante RzWizard.exe, version : 1.0.6.1000, horodatage : 0x56f20403 Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.319, horodatage : 0x5ea0e53d Code d’exception : 0xe0434352 Décalage d’erreur : 0x001117d2 ID du processus défaillant : 0x1914 Heure de début de l’application défaillante : 0x01d46d51ca9e239a Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 5463885d-2fde-462d-8760-8347b812d499 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/26/2018 07:31:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : RzWizard.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Xml.XmlException à System.Xml.XmlTextReaderImpl.Throw(System.Exception) à System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[]) à System.Xml.XmlTextReaderImpl.ParseText(Int32 ByRef, Int32 ByRef, Int32 ByRef) à System.Xml.XmlTextReaderImpl.ParseText() à System.Xml.XmlTextReaderImpl.ParseElementContent() à System.Xml.XmlTextReaderImpl.Read() à System.Xml.XmlTextReader.Read() à System.Configuration.XmlUtil.StrictReadToNextElement(System.Configuration.ExceptionAction) à System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) à System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) à System.Configuration.BaseConfigurationRecord.ScanSections(System.Configuration.XmlUtil) à System.Configuration.BaseConfigurationRecord.InitConfigFromFile() Informations sur l'exception : System.Configuration.ConfigurationErrorsException à System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean) à System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(System.Configuration.ConfigurationSchemaErrors) à System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors() à System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs) Informations sur l'exception : System.Configuration.ConfigurationErrorsException à System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs) à System.Configuration.Internal.InternalConfigRoot.OnConfigRemoved(System.Configuration.Internal.InternalConfigEventArgs) à System.Configuration.Internal.InternalConfigRoot.RemoveConfigImpl(System.String, System.Configuration.BaseConfigurationRecord) à System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef) à System.Configuration.BaseConfigurationRecord.GetSection(System.String) à System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String) à System.Configuration.ConfigurationManager.GetSection(System.String) à System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean) à System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection) à System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider) à System.Configuration.SettingsBase.GetPropertyValueByName(System.String) à System.Configuration.SettingsBase.get_Item(System.String) à System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String) à System.Configuration.ApplicationSettingsBase.get_Item(System.String) à Razer.UpdateNInstallManagerUI.Properties.Settings.get_PopupWay() à Razer.UpdateNInstallManagerUI.MiniInstallerUI.MiniInstallerUI_Controller() à Razer.UpdateNInstallManagerUI.MiniInstallerUI..ctor(Boolean) à Razer.MiniInstaller.MiniInstallerVIewModel..ctor() à Razer.MiniInstaller.App.OnStartup(System.Windows.StartupEventArgs) à System.Windows.Application.<.ctor>b__1_0(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.DispatcherOperation.InvokeImpl() à System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) à System.Windows.Threading.DispatcherOperation.Invoke() à System.Windows.Threading.Dispatcher.ProcessQueue() à System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) à MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) à MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) à System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) à System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) à System.Windows.Application.RunDispatcher(System.Object) à System.Windows.Application.RunInternal(System.Windows.Window) à System.Windows.Application.Run(System.Windows.Window) à Razer.MiniInstaller.App.Main() Error: (10/26/2018 07:31:39 PM) (Source: Avira Phantom VPN) (EventID: 0) (User: ) Description: Service cannot be started. System.TypeInitializationException: The type initializer for 'Avira.VPN.Core.SentryLogTarget' threw an exception. ---> System.NullReferenceException: Object reference not set to an instance of an object. at Avira.VPN.Core.SentryLogTarget.FindSentryRule() at Avira.VPN.Core.SentryLogTarget..cctor() --- End of inner exception stack trace --- at Avira.VPN.Core.SentryLogTarget.set_Enabled(Boolean value) at Avira.VpnService.VpnService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Erreurs système: ============= Error: (10/26/2018 09:48:34 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-77P5ORB) Description: Impossible de démarrer un serveur DCOM : {417976B7-917D-4F1E-8F14-C18FCCB0B3A8}. L’erreur « 0 » s’est produite lors du démarrage de la commande : C:\Windows\System32\coredpussvr.exe -Embedding Error: (10/26/2018 09:11:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-77P5ORB) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID DESKTOP-77P5ORB\Utilisateur de l’utilisateur (S-1-5-21-1135970487-826229317-1366789239-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/26/2018 08:48:34 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-77P5ORB) Description: Impossible de démarrer un serveur DCOM : {417976B7-917D-4F1E-8F14-C18FCCB0B3A8}. L’erreur « 298 » s’est produite lors du démarrage de la commande : C:\Windows\System32\coredpussvr.exe -Embedding Error: (10/26/2018 07:35:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-77P5ORB) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID DESKTOP-77P5ORB\Utilisateur de l’utilisateur (S-1-5-21-1135970487-826229317-1366789239-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/26/2018 07:34:07 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID Windows.SecurityCenter.WscDataProtection et l’APPID Non disponible au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/26/2018 07:34:07 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID Windows.SecurityCenter.WscDataProtection et l’APPID Non disponible au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/26/2018 07:32:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-77P5ORB) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID DESKTOP-77P5ORB\Utilisateur de l’utilisateur (S-1-5-21-1135970487-826229317-1366789239-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/26/2018 07:31:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-77P5ORB) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Windows Defender: =================================== Date: 2018-10-26 20:53:52.106 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nom : HackTool:Win32/AutoKMS ID : 2147685180 Gravité : Élevée Catégorie : Outil Chemin : file:_C:\Users\Utilisateur\Downloads\Non confirmé 956918.crdownload Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-77P5ORB\Utilisateur Nom du processus : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Version de la signature : AV: 1.279.572.0, AS: 1.279.572.0, NIS: 1.279.572.0 Version du moteur : AM: 1.1.15400.4, NIS: 1.1.15400.4 Date: 2018-10-26 20:44:35.550 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nom : HackTool:MSIL/AutoKMS ID : 2147711767 Gravité : Élevée Catégorie : Outil Chemin : file:_C:\Users\Utilisateur\AppData\Local\Temp\Rar$EXa1184.12277\download\FrostRose_v10.2.0\KMSpico Portable\AutoPico.exe; file:_C:\Users\Utilisateur\AppData\Local\Temp\Rar$EXa1184.12277\download\FrostRose_v10.2.0\KMSpico Portable\KMSELDI.exe; file:_C:\Users\UTILIS~1\AppData\Local\Temp\Rar$EXa1184.12277\download\FrostRose_v10.2.0\KMSpico Portable\AutoPico.exe; file:_C:\Users\UTILIS~1\AppData\Local\Temp\Rar$EXa1184.12277\download\FrostRose_v10.2.0\KMSpico Portable\KMSELDI.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-77P5ORB\Utilisateur Nom du processus : C:\Program Files (x86)\WinRAR\WinRAR.exe Version de la signature : AV: 1.279.572.0, AS: 1.279.572.0, NIS: 1.279.572.0 Version du moteur : AM: 1.1.15400.4, NIS: 1.1.15400.4 Date: 2018-10-26 20:44:14.191 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nom : HackTool:Win32/AutoKMS ID : 2147685180 Gravité : Élevée Catégorie : Outil Chemin : file:_C:\Users\Utilisateur\AppData\Local\Temp\Rar$EXa1184.12277\download\FrostRose_v10.2.0\KMSpico Install\KMSpico_setup.exe; file:_C:\Users\UTILIS~1\AppData\Local\Temp\Rar$EXa1184.12277\download\FrostRose_v10.2.0\KMSpico Install\KMSpico_setup.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-77P5ORB\Utilisateur Nom du processus : C:\Program Files (x86)\WinRAR\WinRAR.exe Version de la signature : AV: 1.279.572.0, AS: 1.279.572.0, NIS: 1.279.572.0 Version du moteur : AM: 1.1.15400.4, NIS: 1.1.15400.4 Date: 2018-10-26 20:44:11.266 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nom : HackTool:MSIL/AutoKMS ID : 2147711767 Gravité : Élevée Catégorie : Outil Chemin : file:_C:\Users\UTILIS~1\AppData\Local\Temp\Rar$EXa1184.12277\download\FrostRose_v10.2.0\KMSpico Portable\AutoPico.exe; file:_C:\Users\UTILIS~1\AppData\Local\Temp\Rar$EXa1184.12277\download\FrostRose_v10.2.0\KMSpico Portable\KMSELDI.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-77P5ORB\Utilisateur Nom du processus : C:\Program Files (x86)\WinRAR\WinRAR.exe Version de la signature : AV: 1.279.572.0, AS: 1.279.572.0, NIS: 1.279.572.0 Version du moteur : AM: 1.1.15400.4, NIS: 1.1.15400.4 Date: 2018-10-26 20:44:09.348 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nom : HackTool:MSIL/AutoKMS ID : 2147711767 Gravité : Élevée Catégorie : Outil Chemin : file:_C:\Users\UTILIS~1\AppData\Local\Temp\Rar$EXa1184.12277\download\FrostRose_v10.2.0\KMSpico Portable\AutoPico.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-77P5ORB\Utilisateur Nom du processus : C:\Program Files (x86)\WinRAR\WinRAR.exe Version de la signature : AV: 1.279.572.0, AS: 1.279.572.0, NIS: 1.279.572.0 Version du moteur : AM: 1.1.15400.4, NIS: 1.1.15400.4 CodeIntegrity: =================================== Date: 2018-09-30 12:35:19.823 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-1135970487-826229317-1366789239-1001\$RR9PA9J\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-09-30 12:35:19.807 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Recycle.Bin\S-1-5-21-1135970487-826229317-1366789239-1001\$RR9PA9J\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-12 21:58:37.882 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-12 21:58:37.866 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-12 21:48:40.101 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\SIH\bin\cbs\{843B4536-01FB-11E8-8514-705A0F491A19}\amd64_microsoft-windows-u..usnotificationuxexe_31bf3856ad364e35_10.0.15063.850_none_0919f37e782d23f6\musnotificationux.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-12 21:48:40.099 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\SIH\bin\cbs\{843B4536-01FB-11E8-8514-705A0F491A19}\amd64_microsoft-windows-u..usnotificationuxexe_31bf3856ad364e35_10.0.15063.850_none_0919f37e782d23f6\musnotificationux.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-12 21:46:33.116 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-08-12 21:46:33.099 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz Pourcentage de mémoire utilisée: 32% Mémoire physique - RAM - totale: 16309.75 MB Mémoire physique - RAM - disponible: 10979.04 MB Mémoire virtuelle totale: 21941.75 MB Mémoire virtuelle disponible: 15575.3 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:111.35 GB) (Free:31.12 GB) NTFS Drive d: (THE_GREAT_MOUSE_DETECTIVE) (CDROM) (Total:5.92 GB) (Free:0 GB) UDF Drive e: (Vénérable Gasky) (Fixed) (Total:931.51 GB) (Free:145.21 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] \\?\Volume{a40e6a57-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0 GB) (Free:0 GB) ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E088BF73) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: A40E6A57) Partition 1: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) ==================== Fin de Addition.txt ============================