Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Exécuté par Bernard (02-01-2020 11:14:24)
Exécuté depuis C:\Users\Bernard\Desktop
Windows 10 Home Version 1909 18363.535 (X64) (2019-11-24 06:07:11)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-1058073385-1422926871-3706185334-500 - Administrator - Disabled)
Bernard (S-1-5-21-1058073385-1422926871-3706185334-1000 - Administrator - Enabled) => C:\Users\Bernard
DefaultAccount (S-1-5-21-1058073385-1422926871-3706185334-503 - Limited - Disabled)
Invité (S-1-5-21-1058073385-1422926871-3706185334-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1058073385-1422926871-3706185334-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
Acronis True Image for Crucial (HKLM-x32\...\{4D4DA0E0-00C7-4AC5-9665-D3DBAF0767BE}) (Version: 23.0.21500 - Acronis)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Analyseur et SDK MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Bel Atout 3.84 (HKLM-x32\...\BelAtoutFr_is1) (Version: - Vincent Brévart)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Comptes et Budget - AlauxSoft version 8.0.2 (HKLM\...\{0ACD9966-D0FC-45D5-B2B5-2D5B2BEF99FE}_is1) (Version: 8.0.2 - ALAUX MICHEL JEAN)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Crucial Storage Executive (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\Crucial Storage Executive 5.05.082019.02) (Version: 5.05.082019.02 - Crucial)
CrystalDiskInfo 8.3.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.3.2 - Crystal Dew World)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
DiRT 3 (HKLM-x32\...\{434D0FA0-1558-4D8E-AC3D-BD1000008200}) (Version: 1.0.0000.130 - Codemasters) Hidden
DiRT 3 (HKLM-x32\...\{434D0FA0-AB8C-497F-B30A-7A1000038201}) (Version: 1.0.0003.130 - Codemasters) Hidden
DiRT 3 (HKLM-x32\...\GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}) (Version: 1.0.0000.130 - Codemasters)
Disable Nvidia Telemetry 1.1.0.16 (HKLM-x32\...\Disable Nvidia Telemetry) (Version: 1.1.0.16 - Nate Shoffner)
DriversCloud.com (64 bits) (HKLM\...\{8C7451C7-6D39-4DF6-9441-B4C593AF020C}) (Version: 10.0.10.0 - Cybelsoft)
Eaton UPS Companion v1.02 (HKLM-x32\...\Eaton UPSCompanion) (Version: v1.02.013 build - Eaton)
Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON PX720WD Series Manuel (HKLM-x32\...\EPSON PX720WD Series Manual) (Version: - )
EPSON PX720WD Series Printer Uninstall (HKLM\...\EPSON PX720WD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FAHClient (HKLM-x32\...\FAHClient) (Version: 7.5.1 - Folding@home.org)
Flight Simulator X (HKLM-x32\...\RTMshadow_{3A1EE107-F79B-49FA-83CF-94169E63F25A}) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.0.29455 - Foxit Software Inc.)
FoxTarot version 5.1 (HKLM-x32\...\{DF3DD8E3-BD6C-4D57-B20D-3FED6D36716F}_is1) (Version: 5.1 - Fabrice RENARD)
Guide réseau pour EPSON PX720WD Series (HKLM-x32\...\EPSON PX720WD Series Network Guide) (Version: - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Hekasoft Backup & Restore 0.85 (HKLM\...\{PBR27112011-M1447-7KS6-C3E2-1X8374W715U4}_is1) (Version: 0.85 - Hekasoft)
ImageMagick 7.0.8-45 Q16 (64-bit) (2019-05-13) (HKLM\...\ImageMagick 7.0.8 Q16 (64-bit)_is1) (Version: 7.0.8 - ImageMagick Studio LLC)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation)
LibreOffice 6.3 Help Pack (French) (HKLM\...\{97A1757B-F68C-4607-8755-23849EFEE002}) (Version: 6.3.4.2 - The Document Foundation)
LibreOffice 6.3.4.2 (HKLM\...\{191F4D69-B671-4163-BB01-901B89A20D04}) (Version: 6.3.4.2 - The Document Foundation)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.126 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{3A1EE107-F79B-49FA-83CF-94169E63F25A}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Money (HKLM-x32\...\Money2005b) (Version: 14 - Microsoft)
Microsoft Office « Démarrer en un clic » 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Français (HKLM-x32\...\{90140011-0066-040C-0000-0000000FF1CE}) (Version: 14.0.7230.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Molotov (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\Molotov) (Version: 4.2.2 - Molotov)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 71.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 71.0 (x86 fr)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0 - Mozilla)
Mozilla Thunderbird 68.3.1 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 68.3.1 (x86 fr)) (Version: 68.3.1 - Mozilla)
NETGEAR WNA3100M N300 Wireless USB Adapter (HKLM-x32\...\{D3580358-0F78-402A-BE53-2E9D06383E04}) (Version: 1.0.0.25 - NETGEAR)
Network Activity Indicator for Windows 7 - 8.1 (HKLM-x32\...\NetworkIndicator_is1) (Version: 1.7 - ITSamples.com)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.2 - Notepad++ Team)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Pilote graphique 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
PhotoFiltre (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\PhotoFiltre) (Version: - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Service Pack 1 de Flight Simulator X (HKLM-x32\...\SP1shadow_{3A1EE107-F79B-49FA-83CF-94169E63F25A}) (Version: - )
Skype version 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\Spotify) (Version: 1.0.99.250.g936eab8d - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 9.2.12.0 - 2BrightSparks)
TagScanner 6.1.1 (64-bit) (HKLM\...\TagScanner_is1) (Version: - Sergey Serkov)
TP-Link TL-WN823N (HKLM-x32\...\{CE194A8D-C8DF-47EB-AB04-5A54CDC1C5BD}) (Version: 2.1.0 - TP-Link)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-Link Wireless Adapter WPS Tool (HKLM-x32\...\{685EFF87-B126-49E4-8213-70C56625C5B5}) (Version: 1.0.0.1 - TP-Link)
Virtua Tennis 4 (HKLM-x32\...\{53450FA2-F4B6-48C4-805B-751000018201}) (Version: 1.0.0001.130 - Sega) Hidden
Virtua Tennis 4™ (HKLM-x32\...\{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA) Hidden
Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhoCrashed 6.65 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XnViewMP 0.94.2 (HKLM\...\XnViewMP_is1) (Version: 0.94.2 - Gougelet Pierre-e)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1661.1.0_x86__kgqvnymyfvs32 [2019-12-30] (king.com)
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.6.23362.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation)
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-12-30] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-30] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2020-01-01] (Spotify AB) [Startup Task]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2019-09-26] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2019-09-26] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2019-09-26] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2019-09-26] (Acronis International GmbH -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvshext.dll [2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Modules chargés (Avec liste blanche) =============
2018-10-14 00:20 - 2018-10-14 00:20 - 000142336 _____ () [Fichier non signé] C:\Program Files (x86)\Eaton\UPSCompanion\bin\mserial.dll
2018-10-14 00:20 - 2018-10-14 00:20 - 001051648 _____ () [Fichier non signé] C:\Program Files (x86)\Eaton\UPSCompanion\bin\msocket.dll
2018-10-14 00:20 - 2018-10-14 00:20 - 000221184 _____ () [Fichier non signé] C:\Program Files (x86)\Eaton\UPSCompanion\bin\musb.dll
2020-01-02 03:00 - 2020-01-02 03:00 - 000032040 _____ (ASUSTeK Computer Inc. -> ) [Fichier non signé] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-10-13 17:16 - 2014-08-25 04:49 - 000074240 ____R (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-12-15 12:23 - 2012-02-14 19:37 - 000594432 ____N (Realtek Semiconductor Corp. ) [Fichier non signé] C:\WINDOWS\system32\Rtlihvs.dll
2018-10-14 05:13 - 2010-09-13 14:00 - 000558592 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\WINDOWS\System32\enppmon.dll
2018-10-14 05:13 - 2008-06-18 10:49 - 000250880 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\WINDOWS\System32\enpres.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
==================== Association (Avec liste blanche) =================
==================== Internet Explorer sites de confiance/sensibles ==========
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\ImageMagick-7.0.8-Q16;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files\Crucial\Crucial Storage Executive
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\Control Panel\Desktop\\Wallpaper -> c:\users\bernard\appdata\roaming\microsoft\windows photo viewer\papier peint de la visionneuse de photos windows.jpg
DNS Servers: 80.67.169.12 - 80.67.169.40
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier)
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: Protocole RMCAST (multidiffusion fiable) -> ms_rmcast (enabled)
Wi-Fi 2: Protocole RMCAST (multidiffusion fiable) -> ms_rmcast (enabled)
Wi-Fi 3: Protocole RMCAST (multidiffusion fiable) -> ms_rmcast (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
MSCONFIG\startupfolder: C:^Users^Bernard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Folding@home.lnk => C:\Windows\pss\Folding@home.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Bernard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Enregistrement du produit.lnk => C:\Windows\pss\Logitech . Enregistrement du produit.lnk.Startup
MSCONFIG\startupreg: appnhost => C:\Users\Bernard\AppData\Local\Mixesoft\AppNHost\appnhost.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Epson Stylus Photo PX720WD(Réseau) => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE /FU "D:\Temp\E_S8E3B.tmp" /EF "HKCU"
MSCONFIG\startupreg: EPSONE0F3D1 (Epson Stylus Photo PX720WD) => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE /FU "D:\Temp\E_S1913.tmp" /EF "HKCU"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\StartupApproved\StartupFolder: => "Folding@home.lnk"
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\StartupApproved\StartupFolder: => "Logitech . Enregistrement du produit.lnk"
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\StartupApproved\Run: => "WPSTool"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{71CBA8C2-75BD-4C47-9747-72CF8F0BC910}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe () [Fichier non signé]
FirewallRules: [TCP Query User{6287B69E-DA0A-4F4C-9CE2-25972D349B7C}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe () [Fichier non signé]
FirewallRules: [{4430F3FD-AA2D-4F49-992B-BD12C16A33A8}] => (Block) %ProgramFiles% (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe Pas de fichier
FirewallRules: [{4EBF0EFA-1777-4DFD-BE5C-BDF9A94C93CD}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe (Codemasters Software Company Limited -> Codemasters Software Company Limited)
FirewallRules: [{E82EA45A-6C45-40D6-B661-58BCD75345C3}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe (Codemasters Software Company Limited -> Codemasters Software Company Limited)
FirewallRules: [{819FF1F7-E01F-4A0B-A9C6-2399675FDAD6}] => (Allow) C:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe (Sega Europe Limited -> SEGA)
FirewallRules: [{358945C9-3559-446A-B627-BC42B231601B}] => (Allow) C:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe (Sega Europe Limited -> SEGA)
FirewallRules: [{21D82987-54B9-4B8B-9710-EAAA869DB931}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{5C958075-5D5A-4D53-8F13-89C2E0C9D5EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{A6775410-5E95-4259-B58C-4A4059716D19}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{44276673-CDD9-4A00-9785-98BAE7964150}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C27F4610-B54F-4566-B75D-B27FA12D2F28}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FD6DE8D0-50CE-4B36-ACBC-4FE01AB6A33A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D7D6EC68-6AC4-456C-A906-D4797D2C1E67}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5BF5D94-9C42-4BA5-B8E4-76AE503211F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{38AD1E18-844B-4429-8995-C2853E485342}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{70451617-0EDB-4149-8EDA-042A13085864}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{FB043C62-3CA3-4481-9B84-31BB6BD999B6}] => (Allow) C:\Program Files (x86)\epson\escndv\escndv.exe (SEIKO EPSON CORP.) [Fichier non signé]
FirewallRules: [{B275C04B-FF7A-408A-8F25-8F7590851F7B}] => (Allow) C:\Program Files (x86)\epson\escndv\escndv.exe (SEIKO EPSON CORP.) [Fichier non signé]
FirewallRules: [{5BE70536-4843-4C7A-896E-52EE6F6DAC68}] => (Allow) C:\Program Files (x86)\epson\escndv\escndv.exe (SEIKO EPSON CORP.) [Fichier non signé]
FirewallRules: [{08667CD3-DDEB-47D3-944C-BB1832063BFB}] => (Allow) C:\Program Files (x86)\epson\escndv\escndv.exe (SEIKO EPSON CORP.) [Fichier non signé]
FirewallRules: [{982F7707-0F32-4BA7-879E-97A0FC1C744F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BCB468C1-C129-4578-8D3D-C2D9EEE6120B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{AD3B5FF3-DEF0-48AF-99E9-670F7614198F}C:\users\bernard\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Allow) C:\users\bernard\appdata\local\programs\opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{30B9DDF7-ED70-43EB-8DFE-C07E523DDC44}C:\users\bernard\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Allow) C:\users\bernard\appdata\local\programs\opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{82F94E61-ADB1-4E73-A168-663B17F6696D}] => (Allow) C:\Users\Bernard\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{395C6B5D-6A94-467B-8727-597FAE21E06C}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{118FDFAB-D519-4945-B6CA-0623F5C8F06B}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{A2F29348-6869-41E0-A326-ACE9DA2FD91B}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{741860B1-1F87-442B-B1C6-D30126AE056C}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{D86099A6-E737-403B-BDD1-7603AB079720}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{85A11876-9856-4E56-B91B-F8B9F9DCA24A}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{0933F46F-7F46-479D-8B55-659A08A8640D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{AC6482B0-5EAE-4A34-A481-E51FE7313BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{C744380B-0B52-4863-8502-D7D0D3C7A6F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{98657B70-486D-4B70-9DBA-4D5B0DCEBD1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{5657E089-C5DB-41CE-9AAD-B4310F73B005}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{C02C150C-6E50-48AE-919C-33B57AE925D7}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{125F89F3-A986-4F12-AA9D-11056A775E00}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{F51D7B88-C12C-4119-B51B-6985C5135740}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{973C35F9-9651-4072-A7A3-38E4FE945568}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{F48BD61E-B7B6-479C-A17B-5C5616132744}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{D6C5EDCB-C0B1-420F-9801-9EBF88F40947}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{936F903D-27BB-4FD5-8773-BD4DAD25832C}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{EAB29D17-B513-4947-99A5-F3DB71841F62}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{B10BAD1A-F5FF-409C-BA8A-8A5E6504DC93}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{0076344B-03BE-4AA4-BFB0-098943D1BEBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{330F4961-011E-461A-A779-E8FA1C4D1522}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{591A53C4-5C34-462C-8C22-F251BB997ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9EC2D266-D892-4389-8754-9C7BC5222947}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{6D8C274D-44D0-4895-B362-076439AE8DA4}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{69292069-CDB0-4E80-8B22-9DC51E1F9AA4}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{56A382DC-425F-45D7-A56B-9A592CB67A93}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{EC5B11D2-4A35-42D3-B363-4A5476B038A9}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7540325D-81CF-486C-81B7-364CDC307B6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45B47AC5-3E90-4C64-8C55-F040F8F53CC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED347704-AEEB-40EC-B81D-4D5A3B61F7A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F2D53D2B-1E8F-46A7-B8A4-40B28E4DA652}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15F1CE2B-4311-4BDC-BDEC-96FAD3D16234}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{363E267F-7AAE-4C5A-B3EC-61022D8E1EC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E80A27C9-EE83-4831-9E6E-CAEF061CC0B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{926B0D0B-031A-4060-ACDF-50FECD92FE34}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Points de restauration =========================
30-12-2019 16:58:53 Revo Uninstaller's restore point - CrystalDiskInfo 8.0.0
31-12-2019 08:22:44 Sauvegarde Windows
01-01-2020 07:52:57 Sauvegarde Windows
01-01-2020 15:49:06 Sauvegarde Windows
01-01-2020 17:43:24 Sauvegarde Windows
01-01-2020 17:47:32 Sauvegarde Windows
01-01-2020 17:49:22 Sauvegarde Windows
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (01/02/2020 03:14:06 AM) (Source: C:\Program Files (x86)\FAHClient\FAHClient.exe) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/02/2020 12:52:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.
.
Error: (01/02/2020 12:52:01 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]
Error: (01/02/2020 12:52:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.
.
Error: (01/02/2020 12:52:01 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]
Error: (01/01/2020 05:47:47 PM) (Source: WAS-LA) (EventID: 7005) (User: )
Description: Le protocole 'net.pipe' de l'adaptateur de l'écouteur a tenté de communiquer avec le service d'activation des processus Windows et a échoué. L'adaptateur de l'écouteur est désormais en mauvais état. Cause : cela peut résulter de problèmes liés au manque de mémoire ou à des défaillances entre le service d'activation des processus Windows et l'adaptateur de l'écouteur. Solution : pour résoudre ce problème, arrêtez successivement l'adaptateur de l'écouteur et le service d'activation des processus Windows, relancez ce dernier, puis redémarrez l'adaptateur de l'écouteur.
Error: (01/01/2020 05:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.
.
Error: (01/01/2020 05:47:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]
Erreurs système:
=============
Error: (01/01/2020 05:44:30 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: AUTORITE NT)
Description: Le gestionnaire de filtres n’a pas réussi à s’attacher au volume « \Device\HarddiskVolume14 ». Ce volume ne sera pas disponible pour le filtrage avant un redémarrage. L’état final était 0xc03a001c.
Error: (01/01/2020 05:44:30 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: AUTORITE NT)
Description: Le gestionnaire de filtres n’a pas réussi à s’attacher au volume « \Device\HarddiskVolume14 ». Ce volume ne sera pas disponible pour le filtrage avant un redémarrage. L’état final était 0xc03a001c.
Error: (01/01/2020 05:40:42 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: AUTORITE NT)
Description: Le gestionnaire de filtres n’a pas réussi à s’attacher au volume « \Device\HarddiskVolume12 ». Ce volume ne sera pas disponible pour le filtrage avant un redémarrage. L’état final était 0xc03a001c.
Error: (01/01/2020 05:40:42 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: AUTORITE NT)
Description: Le gestionnaire de filtres n’a pas réussi à s’attacher au volume « \Device\HarddiskVolume12 ». Ce volume ne sera pas disponible pour le filtrage avant un redémarrage. L’état final était 0xc03a001c.
Error: (01/01/2020 02:25:32 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Les clichés instantanés du volume S: ont été annulés car le cliché instantané du volume n’a pas pu s’agrandir.
Error: (01/01/2020 10:59:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Samsung RAPID Mode Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (01/01/2020 05:32:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Installer s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.
Error: (12/31/2019 08:21:10 AM) (Source: volsnap) (EventID: 16) (User: )
Description: Les clichés instantanés du volume H: ont été abandonnés car le volume H:, qui contient un cliché instantané du volume pour ce cliché instantané, a dû être démonté.
Windows Defender:
===================================
Date: 2020-01-01 18:27:18.560
Description:
L'accès contrôlé aux dossiers a empêché C:\Program Files (x86)\HD Tune\HDTune.exe de modifier la mémoire.
Heure de détection : 2020-01-01T17:27:18.559Z
Utilisateur : I7-ASUS\Bernard
Chemin d'accès : \Device\Harddisk0\DR0
Nom du processus : C:\Program Files (x86)\HD Tune\HDTune.exe
Version de la veille de sécurité : 1.307.1530.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
Date: 2020-01-01 15:45:26.954
Description:
L'accès contrôlé aux dossiers a empêché C:\Windows\explorer.exe de modifier la mémoire.
Heure de détection : 2020-01-01T14:45:26.953Z
Utilisateur : I7-ASUS\Bernard
Chemin d'accès : \Device\HarddiskVolume8
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : 1.307.1508.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
Date: 2020-01-01 07:00:31.915
Description:
L'apport de modification par C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe à %userprofile%\Documents a été bloqué par l'Accès contrôlé aux dossiers.
Heure de la détection : 2020-01-01T06:00:31.914Z
Utilisateur : I7-ASUS\Bernard
Chemin d'accès : %userprofile%\Documents
Nom du processus : C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe
Version de la veille de sécurité : 1.307.1500.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
Date: 2020-01-01 05:21:24.496
Description:
L'apport de modification par C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe à %userprofile%\Documents a été bloqué par l'Accès contrôlé aux dossiers.
Heure de la détection : 2020-01-01T04:21:24.496Z
Utilisateur : AUTORITE NT\Système
Chemin d'accès : %userprofile%\Documents
Nom du processus : C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
Version de la veille de sécurité : 1.307.1491.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
Date: 2019-12-30 11:59:58.770
Description:
L'accès contrôlé aux dossiers a empêché C:\Windows\System32\svchost.exe de modifier la mémoire.
Heure de détection : 2019-12-30T10:59:58.770Z
Utilisateur : AUTORITE NT\Système
Chemin d'accès : \Device\HarddiskVolume1
Nom du processus : C:\Windows\System32\svchost.exe
Version de la veille de sécurité : 1.307.1401.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
CodeIntegrity:
===================================
Date: 2020-01-02 11:01:17.061
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 11:01:17.060
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:45:59.601
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:45:59.599
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:31:16.851
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:31:16.849
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:15:59.574
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:15:59.573
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. 2907 03/11/2016
Carte mère: ASUSTeK COMPUTER INC. Z97-P
Processeur: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Pourcentage de mémoire utilisée: 13%
Mémoire physique - RAM - totale: 24514.8 MB
Mémoire physique - RAM - disponible: 21205.57 MB
Mémoire virtuelle totale: 49090.8 MB
Mémoire virtuelle disponible: 45701.45 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:465.19 GB) (Free:311.04 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)]
Drive d: (Temp/Swap) (Fixed) (Total:192.34 GB) (Free:166.42 GB) NTFS
Drive e: (DATA) (Fixed) (Total:739.17 GB) (Free:686.94 GB) NTFS
\\?\Volume{ad809e40-0000-0000-0000-704c74000000}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AD809E40)
Partition 1: (Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=581 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: A42FE2B8)
Partition 1: (Active) - (Size=30 GB) - (Type=83)
Partition 2: (Not Active) - (Size=81.8 GB) - (Type=83)
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 677BEBC6)
Partition 1: (Not Active) - (Size=192.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=739.2 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt =======================
Exécuté par Bernard (02-01-2020 11:14:24)
Exécuté depuis C:\Users\Bernard\Desktop
Windows 10 Home Version 1909 18363.535 (X64) (2019-11-24 06:07:11)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-1058073385-1422926871-3706185334-500 - Administrator - Disabled)
Bernard (S-1-5-21-1058073385-1422926871-3706185334-1000 - Administrator - Enabled) => C:\Users\Bernard
DefaultAccount (S-1-5-21-1058073385-1422926871-3706185334-503 - Limited - Disabled)
Invité (S-1-5-21-1058073385-1422926871-3706185334-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1058073385-1422926871-3706185334-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
Acronis True Image for Crucial (HKLM-x32\...\{4D4DA0E0-00C7-4AC5-9665-D3DBAF0767BE}) (Version: 23.0.21500 - Acronis)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Analyseur et SDK MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Bel Atout 3.84 (HKLM-x32\...\BelAtoutFr_is1) (Version: - Vincent Brévart)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Comptes et Budget - AlauxSoft version 8.0.2 (HKLM\...\{0ACD9966-D0FC-45D5-B2B5-2D5B2BEF99FE}_is1) (Version: 8.0.2 - ALAUX MICHEL JEAN)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Crucial Storage Executive (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\Crucial Storage Executive 5.05.082019.02) (Version: 5.05.082019.02 - Crucial)
CrystalDiskInfo 8.3.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.3.2 - Crystal Dew World)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
DiRT 3 (HKLM-x32\...\{434D0FA0-1558-4D8E-AC3D-BD1000008200}) (Version: 1.0.0000.130 - Codemasters) Hidden
DiRT 3 (HKLM-x32\...\{434D0FA0-AB8C-497F-B30A-7A1000038201}) (Version: 1.0.0003.130 - Codemasters) Hidden
DiRT 3 (HKLM-x32\...\GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}) (Version: 1.0.0000.130 - Codemasters)
Disable Nvidia Telemetry 1.1.0.16 (HKLM-x32\...\Disable Nvidia Telemetry) (Version: 1.1.0.16 - Nate Shoffner)
DriversCloud.com (64 bits) (HKLM\...\{8C7451C7-6D39-4DF6-9441-B4C593AF020C}) (Version: 10.0.10.0 - Cybelsoft)
Eaton UPS Companion v1.02 (HKLM-x32\...\Eaton UPSCompanion) (Version: v1.02.013 build - Eaton)
Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON PX720WD Series Manuel (HKLM-x32\...\EPSON PX720WD Series Manual) (Version: - )
EPSON PX720WD Series Printer Uninstall (HKLM\...\EPSON PX720WD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FAHClient (HKLM-x32\...\FAHClient) (Version: 7.5.1 - Folding@home.org)
Flight Simulator X (HKLM-x32\...\RTMshadow_{3A1EE107-F79B-49FA-83CF-94169E63F25A}) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.0.29455 - Foxit Software Inc.)
FoxTarot version 5.1 (HKLM-x32\...\{DF3DD8E3-BD6C-4D57-B20D-3FED6D36716F}_is1) (Version: 5.1 - Fabrice RENARD)
Guide réseau pour EPSON PX720WD Series (HKLM-x32\...\EPSON PX720WD Series Network Guide) (Version: - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Hekasoft Backup & Restore 0.85 (HKLM\...\{PBR27112011-M1447-7KS6-C3E2-1X8374W715U4}_is1) (Version: 0.85 - Hekasoft)
ImageMagick 7.0.8-45 Q16 (64-bit) (2019-05-13) (HKLM\...\ImageMagick 7.0.8 Q16 (64-bit)_is1) (Version: 7.0.8 - ImageMagick Studio LLC)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation)
LibreOffice 6.3 Help Pack (French) (HKLM\...\{97A1757B-F68C-4607-8755-23849EFEE002}) (Version: 6.3.4.2 - The Document Foundation)
LibreOffice 6.3.4.2 (HKLM\...\{191F4D69-B671-4163-BB01-901B89A20D04}) (Version: 6.3.4.2 - The Document Foundation)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.126 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{3A1EE107-F79B-49FA-83CF-94169E63F25A}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Money (HKLM-x32\...\Money2005b) (Version: 14 - Microsoft)
Microsoft Office « Démarrer en un clic » 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Français (HKLM-x32\...\{90140011-0066-040C-0000-0000000FF1CE}) (Version: 14.0.7230.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Molotov (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\Molotov) (Version: 4.2.2 - Molotov)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 71.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 71.0 (x86 fr)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0 - Mozilla)
Mozilla Thunderbird 68.3.1 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 68.3.1 (x86 fr)) (Version: 68.3.1 - Mozilla)
NETGEAR WNA3100M N300 Wireless USB Adapter (HKLM-x32\...\{D3580358-0F78-402A-BE53-2E9D06383E04}) (Version: 1.0.0.25 - NETGEAR)
Network Activity Indicator for Windows 7 - 8.1 (HKLM-x32\...\NetworkIndicator_is1) (Version: 1.7 - ITSamples.com)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.2 - Notepad++ Team)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Pilote graphique 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
PhotoFiltre (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\PhotoFiltre) (Version: - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Service Pack 1 de Flight Simulator X (HKLM-x32\...\SP1shadow_{3A1EE107-F79B-49FA-83CF-94169E63F25A}) (Version: - )
Skype version 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\Spotify) (Version: 1.0.99.250.g936eab8d - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 9.2.12.0 - 2BrightSparks)
TagScanner 6.1.1 (64-bit) (HKLM\...\TagScanner_is1) (Version: - Sergey Serkov)
TP-Link TL-WN823N (HKLM-x32\...\{CE194A8D-C8DF-47EB-AB04-5A54CDC1C5BD}) (Version: 2.1.0 - TP-Link)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-Link Wireless Adapter WPS Tool (HKLM-x32\...\{685EFF87-B126-49E4-8213-70C56625C5B5}) (Version: 1.0.0.1 - TP-Link)
Virtua Tennis 4 (HKLM-x32\...\{53450FA2-F4B6-48C4-805B-751000018201}) (Version: 1.0.0001.130 - Sega) Hidden
Virtua Tennis 4™ (HKLM-x32\...\{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA) Hidden
Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhoCrashed 6.65 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XnViewMP 0.94.2 (HKLM\...\XnViewMP_is1) (Version: 0.94.2 - Gougelet Pierre-e)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1661.1.0_x86__kgqvnymyfvs32 [2019-12-30] (king.com)
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.6.23362.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation)
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-12-30] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-30] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2020-01-01] (Spotify AB) [Startup Task]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2019-09-26] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2019-09-26] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2019-09-26] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2019-09-26] (Acronis International GmbH -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvshext.dll [2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Modules chargés (Avec liste blanche) =============
2018-10-14 00:20 - 2018-10-14 00:20 - 000142336 _____ () [Fichier non signé] C:\Program Files (x86)\Eaton\UPSCompanion\bin\mserial.dll
2018-10-14 00:20 - 2018-10-14 00:20 - 001051648 _____ () [Fichier non signé] C:\Program Files (x86)\Eaton\UPSCompanion\bin\msocket.dll
2018-10-14 00:20 - 2018-10-14 00:20 - 000221184 _____ () [Fichier non signé] C:\Program Files (x86)\Eaton\UPSCompanion\bin\musb.dll
2020-01-02 03:00 - 2020-01-02 03:00 - 000032040 _____ (ASUSTeK Computer Inc. -> ) [Fichier non signé] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-10-13 17:16 - 2014-08-25 04:49 - 000074240 ____R (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-12-15 12:23 - 2012-02-14 19:37 - 000594432 ____N (Realtek Semiconductor Corp. ) [Fichier non signé] C:\WINDOWS\system32\Rtlihvs.dll
2018-10-14 05:13 - 2010-09-13 14:00 - 000558592 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\WINDOWS\System32\enppmon.dll
2018-10-14 05:13 - 2008-06-18 10:49 - 000250880 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\WINDOWS\System32\enpres.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
==================== Association (Avec liste blanche) =================
==================== Internet Explorer sites de confiance/sensibles ==========
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\ImageMagick-7.0.8-Q16;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files\Crucial\Crucial Storage Executive
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\Control Panel\Desktop\\Wallpaper -> c:\users\bernard\appdata\roaming\microsoft\windows photo viewer\papier peint de la visionneuse de photos windows.jpg
DNS Servers: 80.67.169.12 - 80.67.169.40
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier)
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: Protocole RMCAST (multidiffusion fiable) -> ms_rmcast (enabled)
Wi-Fi 2: Protocole RMCAST (multidiffusion fiable) -> ms_rmcast (enabled)
Wi-Fi 3: Protocole RMCAST (multidiffusion fiable) -> ms_rmcast (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
MSCONFIG\startupfolder: C:^Users^Bernard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Folding@home.lnk => C:\Windows\pss\Folding@home.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Bernard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Enregistrement du produit.lnk => C:\Windows\pss\Logitech . Enregistrement du produit.lnk.Startup
MSCONFIG\startupreg: appnhost => C:\Users\Bernard\AppData\Local\Mixesoft\AppNHost\appnhost.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Epson Stylus Photo PX720WD(Réseau) => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE /FU "D:\Temp\E_S8E3B.tmp" /EF "HKCU"
MSCONFIG\startupreg: EPSONE0F3D1 (Epson Stylus Photo PX720WD) => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE /FU "D:\Temp\E_S1913.tmp" /EF "HKCU"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\StartupApproved\StartupFolder: => "Folding@home.lnk"
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\StartupApproved\StartupFolder: => "Logitech . Enregistrement du produit.lnk"
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1058073385-1422926871-3706185334-1000\...\StartupApproved\Run: => "WPSTool"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{71CBA8C2-75BD-4C47-9747-72CF8F0BC910}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe () [Fichier non signé]
FirewallRules: [TCP Query User{6287B69E-DA0A-4F4C-9CE2-25972D349B7C}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe () [Fichier non signé]
FirewallRules: [{4430F3FD-AA2D-4F49-992B-BD12C16A33A8}] => (Block) %ProgramFiles% (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe Pas de fichier
FirewallRules: [{4EBF0EFA-1777-4DFD-BE5C-BDF9A94C93CD}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe (Codemasters Software Company Limited -> Codemasters Software Company Limited)
FirewallRules: [{E82EA45A-6C45-40D6-B661-58BCD75345C3}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe (Codemasters Software Company Limited -> Codemasters Software Company Limited)
FirewallRules: [{819FF1F7-E01F-4A0B-A9C6-2399675FDAD6}] => (Allow) C:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe (Sega Europe Limited -> SEGA)
FirewallRules: [{358945C9-3559-446A-B627-BC42B231601B}] => (Allow) C:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe (Sega Europe Limited -> SEGA)
FirewallRules: [{21D82987-54B9-4B8B-9710-EAAA869DB931}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{5C958075-5D5A-4D53-8F13-89C2E0C9D5EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{A6775410-5E95-4259-B58C-4A4059716D19}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{44276673-CDD9-4A00-9785-98BAE7964150}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C27F4610-B54F-4566-B75D-B27FA12D2F28}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FD6DE8D0-50CE-4B36-ACBC-4FE01AB6A33A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D7D6EC68-6AC4-456C-A906-D4797D2C1E67}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5BF5D94-9C42-4BA5-B8E4-76AE503211F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{38AD1E18-844B-4429-8995-C2853E485342}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{70451617-0EDB-4149-8EDA-042A13085864}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{FB043C62-3CA3-4481-9B84-31BB6BD999B6}] => (Allow) C:\Program Files (x86)\epson\escndv\escndv.exe (SEIKO EPSON CORP.) [Fichier non signé]
FirewallRules: [{B275C04B-FF7A-408A-8F25-8F7590851F7B}] => (Allow) C:\Program Files (x86)\epson\escndv\escndv.exe (SEIKO EPSON CORP.) [Fichier non signé]
FirewallRules: [{5BE70536-4843-4C7A-896E-52EE6F6DAC68}] => (Allow) C:\Program Files (x86)\epson\escndv\escndv.exe (SEIKO EPSON CORP.) [Fichier non signé]
FirewallRules: [{08667CD3-DDEB-47D3-944C-BB1832063BFB}] => (Allow) C:\Program Files (x86)\epson\escndv\escndv.exe (SEIKO EPSON CORP.) [Fichier non signé]
FirewallRules: [{982F7707-0F32-4BA7-879E-97A0FC1C744F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BCB468C1-C129-4578-8D3D-C2D9EEE6120B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{AD3B5FF3-DEF0-48AF-99E9-670F7614198F}C:\users\bernard\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Allow) C:\users\bernard\appdata\local\programs\opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{30B9DDF7-ED70-43EB-8DFE-C07E523DDC44}C:\users\bernard\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Allow) C:\users\bernard\appdata\local\programs\opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{82F94E61-ADB1-4E73-A168-663B17F6696D}] => (Allow) C:\Users\Bernard\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{395C6B5D-6A94-467B-8727-597FAE21E06C}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{118FDFAB-D519-4945-B6CA-0623F5C8F06B}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{A2F29348-6869-41E0-A326-ACE9DA2FD91B}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{741860B1-1F87-442B-B1C6-D30126AE056C}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{D86099A6-E737-403B-BDD1-7603AB079720}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{85A11876-9856-4E56-B91B-F8B9F9DCA24A}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [Fichier non signé]
FirewallRules: [{0933F46F-7F46-479D-8B55-659A08A8640D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{AC6482B0-5EAE-4A34-A481-E51FE7313BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{C744380B-0B52-4863-8502-D7D0D3C7A6F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{98657B70-486D-4B70-9DBA-4D5B0DCEBD1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [Fichier non signé]
FirewallRules: [{5657E089-C5DB-41CE-9AAD-B4310F73B005}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{C02C150C-6E50-48AE-919C-33B57AE925D7}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{125F89F3-A986-4F12-AA9D-11056A775E00}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{F51D7B88-C12C-4119-B51B-6985C5135740}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{973C35F9-9651-4072-A7A3-38E4FE945568}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{F48BD61E-B7B6-479C-A17B-5C5616132744}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{D6C5EDCB-C0B1-420F-9801-9EBF88F40947}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{936F903D-27BB-4FD5-8773-BD4DAD25832C}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{EAB29D17-B513-4947-99A5-F3DB71841F62}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{B10BAD1A-F5FF-409C-BA8A-8A5E6504DC93}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{0076344B-03BE-4AA4-BFB0-098943D1BEBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{330F4961-011E-461A-A779-E8FA1C4D1522}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{591A53C4-5C34-462C-8C22-F251BB997ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9EC2D266-D892-4389-8754-9C7BC5222947}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{6D8C274D-44D0-4895-B362-076439AE8DA4}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{69292069-CDB0-4E80-8B22-9DC51E1F9AA4}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{56A382DC-425F-45D7-A56B-9A592CB67A93}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{EC5B11D2-4A35-42D3-B363-4A5476B038A9}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7540325D-81CF-486C-81B7-364CDC307B6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45B47AC5-3E90-4C64-8C55-F040F8F53CC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED347704-AEEB-40EC-B81D-4D5A3B61F7A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F2D53D2B-1E8F-46A7-B8A4-40B28E4DA652}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15F1CE2B-4311-4BDC-BDEC-96FAD3D16234}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{363E267F-7AAE-4C5A-B3EC-61022D8E1EC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E80A27C9-EE83-4831-9E6E-CAEF061CC0B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{926B0D0B-031A-4060-ACDF-50FECD92FE34}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Points de restauration =========================
30-12-2019 16:58:53 Revo Uninstaller's restore point - CrystalDiskInfo 8.0.0
31-12-2019 08:22:44 Sauvegarde Windows
01-01-2020 07:52:57 Sauvegarde Windows
01-01-2020 15:49:06 Sauvegarde Windows
01-01-2020 17:43:24 Sauvegarde Windows
01-01-2020 17:47:32 Sauvegarde Windows
01-01-2020 17:49:22 Sauvegarde Windows
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (01/02/2020 03:14:06 AM) (Source: C:\Program Files (x86)\FAHClient\FAHClient.exe) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/02/2020 12:52:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.
.
Error: (01/02/2020 12:52:01 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]
Error: (01/02/2020 12:52:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.
.
Error: (01/02/2020 12:52:01 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]
Error: (01/01/2020 05:47:47 PM) (Source: WAS-LA) (EventID: 7005) (User: )
Description: Le protocole 'net.pipe' de l'adaptateur de l'écouteur a tenté de communiquer avec le service d'activation des processus Windows et a échoué. L'adaptateur de l'écouteur est désormais en mauvais état. Cause : cela peut résulter de problèmes liés au manque de mémoire ou à des défaillances entre le service d'activation des processus Windows et l'adaptateur de l'écouteur. Solution : pour résoudre ce problème, arrêtez successivement l'adaptateur de l'écouteur et le service d'activation des processus Windows, relancez ce dernier, puis redémarrez l'adaptateur de l'écouteur.
Error: (01/01/2020 05:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.
.
Error: (01/01/2020 05:47:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]
Erreurs système:
=============
Error: (01/01/2020 05:44:30 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: AUTORITE NT)
Description: Le gestionnaire de filtres n’a pas réussi à s’attacher au volume « \Device\HarddiskVolume14 ». Ce volume ne sera pas disponible pour le filtrage avant un redémarrage. L’état final était 0xc03a001c.
Error: (01/01/2020 05:44:30 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: AUTORITE NT)
Description: Le gestionnaire de filtres n’a pas réussi à s’attacher au volume « \Device\HarddiskVolume14 ». Ce volume ne sera pas disponible pour le filtrage avant un redémarrage. L’état final était 0xc03a001c.
Error: (01/01/2020 05:40:42 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: AUTORITE NT)
Description: Le gestionnaire de filtres n’a pas réussi à s’attacher au volume « \Device\HarddiskVolume12 ». Ce volume ne sera pas disponible pour le filtrage avant un redémarrage. L’état final était 0xc03a001c.
Error: (01/01/2020 05:40:42 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: AUTORITE NT)
Description: Le gestionnaire de filtres n’a pas réussi à s’attacher au volume « \Device\HarddiskVolume12 ». Ce volume ne sera pas disponible pour le filtrage avant un redémarrage. L’état final était 0xc03a001c.
Error: (01/01/2020 02:25:32 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Les clichés instantanés du volume S: ont été annulés car le cliché instantané du volume n’a pas pu s’agrandir.
Error: (01/01/2020 10:59:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Samsung RAPID Mode Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (01/01/2020 05:32:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Installer s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.
Error: (12/31/2019 08:21:10 AM) (Source: volsnap) (EventID: 16) (User: )
Description: Les clichés instantanés du volume H: ont été abandonnés car le volume H:, qui contient un cliché instantané du volume pour ce cliché instantané, a dû être démonté.
Windows Defender:
===================================
Date: 2020-01-01 18:27:18.560
Description:
L'accès contrôlé aux dossiers a empêché C:\Program Files (x86)\HD Tune\HDTune.exe de modifier la mémoire.
Heure de détection : 2020-01-01T17:27:18.559Z
Utilisateur : I7-ASUS\Bernard
Chemin d'accès : \Device\Harddisk0\DR0
Nom du processus : C:\Program Files (x86)\HD Tune\HDTune.exe
Version de la veille de sécurité : 1.307.1530.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
Date: 2020-01-01 15:45:26.954
Description:
L'accès contrôlé aux dossiers a empêché C:\Windows\explorer.exe de modifier la mémoire.
Heure de détection : 2020-01-01T14:45:26.953Z
Utilisateur : I7-ASUS\Bernard
Chemin d'accès : \Device\HarddiskVolume8
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : 1.307.1508.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
Date: 2020-01-01 07:00:31.915
Description:
L'apport de modification par C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe à %userprofile%\Documents a été bloqué par l'Accès contrôlé aux dossiers.
Heure de la détection : 2020-01-01T06:00:31.914Z
Utilisateur : I7-ASUS\Bernard
Chemin d'accès : %userprofile%\Documents
Nom du processus : C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe
Version de la veille de sécurité : 1.307.1500.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
Date: 2020-01-01 05:21:24.496
Description:
L'apport de modification par C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe à %userprofile%\Documents a été bloqué par l'Accès contrôlé aux dossiers.
Heure de la détection : 2020-01-01T04:21:24.496Z
Utilisateur : AUTORITE NT\Système
Chemin d'accès : %userprofile%\Documents
Nom du processus : C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
Version de la veille de sécurité : 1.307.1491.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
Date: 2019-12-30 11:59:58.770
Description:
L'accès contrôlé aux dossiers a empêché C:\Windows\System32\svchost.exe de modifier la mémoire.
Heure de détection : 2019-12-30T10:59:58.770Z
Utilisateur : AUTORITE NT\Système
Chemin d'accès : \Device\HarddiskVolume1
Nom du processus : C:\Windows\System32\svchost.exe
Version de la veille de sécurité : 1.307.1401.0
Version du moteur : 1.1.16600.7
Version du produit : 4.18.1911.3
CodeIntegrity:
===================================
Date: 2020-01-02 11:01:17.061
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 11:01:17.060
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:45:59.601
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:45:59.599
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:31:16.851
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:31:16.849
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:15:59.574
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-02 10:15:59.573
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. 2907 03/11/2016
Carte mère: ASUSTeK COMPUTER INC. Z97-P
Processeur: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Pourcentage de mémoire utilisée: 13%
Mémoire physique - RAM - totale: 24514.8 MB
Mémoire physique - RAM - disponible: 21205.57 MB
Mémoire virtuelle totale: 49090.8 MB
Mémoire virtuelle disponible: 45701.45 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:465.19 GB) (Free:311.04 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)]
Drive d: (Temp/Swap) (Fixed) (Total:192.34 GB) (Free:166.42 GB) NTFS
Drive e: (DATA) (Fixed) (Total:739.17 GB) (Free:686.94 GB) NTFS
\\?\Volume{ad809e40-0000-0000-0000-704c74000000}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AD809E40)
Partition 1: (Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=581 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: A42FE2B8)
Partition 1: (Active) - (Size=30 GB) - (Type=83)
Partition 2: (Not Active) - (Size=81.8 GB) - (Type=83)
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 677BEBC6)
Partition 1: (Not Active) - (Size=192.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=739.2 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt =======================