Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 12-11-2017 03 Exécuté par Session utilisateur (15-11-2017 11:40:19) Exécuté depuis C:\Users\Session utilisateur\Downloads Windows 10 Home Version 1703 15063.674 (X64) (2017-05-22 11:58:54) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2651518865-2266862775-2130082318-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2651518865-2266862775-2130082318-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2651518865-2266862775-2130082318-1005 - Limited - Enabled) Invité (S-1-5-21-2651518865-2266862775-2130082318-501 - Limited - Disabled) Session utilisateur (S-1-5-21-2651518865-2266862775-2130082318-1001 - Administrator - Enabled) => C:\Users\Session utilisateur ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated) Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated) Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_1_0) (Version: 21.1.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated) Adobe Reader X (10.1.0) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden Apple Application Support (64 bits) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation) AVS Audio Converter 8.3.1 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.3.1.572 - Online Media Technologies Ltd.) AVS Audio Editor 8.2.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.2.1.513 - Online Media Technologies Ltd.) AVS Disc Creator 5.2.7 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.7.541 - Online Media Technologies Ltd.) AVS Document Converter 3.1.1 (HKLM-x32\...\AVS Document Converter_is1) (Version: 3.1.1.245 - Online Media Technologies Ltd.) AVS Image Converter 4.1.1 (HKLM-x32\...\AVS Image Converter_is1) (Version: 4.1.1.285 - Online Media Technologies Ltd.) AVS Media Player 4.3.3 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.3.3.117 - Online Media Technologies Ltd.) AVS Photo Editor 2.3.5 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.5.151 - Online Media Technologies Ltd.) AVS Registry Cleaner 3.0.4 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 3.0.4.274 - Online Media Technologies Ltd.) AVS Video Converter 9.4.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.4.1.594 - Online Media Technologies Ltd.) AVS Video Editor 7.4.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.4.1.281 - Online Media Technologies Ltd.) AVS Video ReMaker 5.0.3 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 5.0.3.178 - Online Media Technologies Ltd.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform) Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited) Creative Music Server (HKLM-x32\...\Music Server) (Version: 1.01 - Creative Technology Limited) Curse (HKLM-x32\...\{F36ED29E-33E1-48AB-95DA-2498AD41A9A0}) (Version: 6.0.0.0 - Curse) Discord (HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\Discord) (Version: 0.0.298 - Discord Inc.) DisplayFusion 9.0 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.0.0.0 - Binary Fortress Software) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited) Enregistreur intelligent Creative (HKLM-x32\...\Smart Recorder) (Version: 2.20 - Creative Technology Limited) Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION) EPSON SX525WD Series Manuel (HKLM-x32\...\EPSON SX525WD Series Manual) (Version: - ) EPSON SX525WD Series Printer Uninstall (HKLM\...\EPSON SX525WD Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION) EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.62 - Google Inc.) Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Guide réseau pour EPSON SX525WD Series (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version: - ) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.) IncrediMail (HKLM-x32\...\{5C083736-2916-4D06-BCE9-4F981EA53AEC}) (Version: 6.6.0.5328 - IncrediMail) Hidden IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5328 - IncrediMail Ltd.) iTunes (HKLM\...\{27F29B96-1914-4F48-BD76-07E98D7832C6}) (Version: 12.7.1.14 - Apple Inc.) ma Livebox (HKLM-x32\...\ma Livebox) (Version: 3.4.8.0 - Orange) Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft Office Famille et Étudiant 2016 - fr-fr (HKLM\...\HomeStudentRetail - fr-fr) (Version: 16.0.8625.2121 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) NVIDIA Pilote 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA Pilote graphique 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Orange Inside (HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\Orange Inside) (Version: 2.1.1.0 - Orange) Orange update (HKLM-x32\...\OrangeUpdateManager) (Version: 2.3.0.6 - Orange) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141667}) (Version: 4.0.19 - dotPDN LLC) Panneau de configuration NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.721 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.) Sound Blaster Z-Series (HKLM-x32\...\{4C6CD3EB-BC0F-4B59-B20C-26BD766166E1}) (Version: 1.01.08 - Creative Technology Limited) Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer) Twitch (HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Ulead Photo Express 3.0 SE (HKLM-x32\...\Ulead Photo Express 3.0 SE) (Version: - ) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F11A61274E55}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc.) ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {013A0A10-6B96-4EDE-9622-7D32AF79F85D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] () Task: {0315350B-DA96-4383-A163-8DCB30DB74CD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-11-14] (Adobe Systems Incorporated) Task: {217BF25D-E2D9-417A-BC71-F705F4CAA205} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated) Task: {40E2E850-08A9-4796-9DAD-26A9C782172D} - System32\Tasks\maLivebox => C:\Program Files (x86)\Orange\ma Livebox\maLivebox.exe [2017-02-07] (Orange) Task: {660F0D71-277E-4C5F-94A0-6BAB0A08D9EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd) Task: {66A96FC4-F770-4DBB-A39C-914466D874AC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd) Task: {66F28D84-6007-4215-99C6-3A39C01C78CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-28] (Google Inc.) Task: {75518F11-720D-4359-9EB1-5E6232A34FF9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation) Task: {7C2E274A-3E18-4922-8F3F-CBD9AA191EA4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.) Task: {834C07BF-6FED-4C67-896D-81C64EBC92C8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] () Task: {AC367F85-5264-45AA-88BD-24664ADA5B60} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-41H3FO7-Session utilisateur => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {C973E0A0-7172-41E6-A0E6-2EF10A61BA0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation) Task: {CC8C80FE-EB90-4B5C-88C4-A67C5EEAC606} - System32\Tasks\Microsoft\Windows\orangeinside => C:\Users\Session [Argument = utilisateur\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe] Task: {EE3C1605-2A30-4829-BDAB-1D5CF2F58A5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-28] (Google Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\Session utilisateur\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_odc_shortcut ShortcutWithArgument: C:\Users\Session utilisateur\AppData\Local\Microsoft\Windows\FileHistory\Data\133\C\Users\Session utilisateur\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_livebox_shortcut ShortcutWithArgument: C:\Users\Session utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://r.orange.fr/r/Oodc_IEshortcut_oi_v2?ref=O_OI_defaultPage_IE_odc_shortcut ShortcutWithArgument: C:\Users\Session utilisateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_odc_shortcut ShortcutWithArgument: C:\Users\Session utilisateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_odc_shortcut ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_odc_shortcut ==================== Modules chargés (Avec liste blanche) ============== 2016-10-05 18:17 - 2016-10-05 18:17 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-07-19 23:09 - 2017-07-19 23:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2014-09-15 10:01 - 2014-09-15 10:01 - 001970544 _____ () C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe 2017-10-15 08:52 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-10-15 08:52 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-05-22 12:47 - 2017-05-01 21:51 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-08-14 02:48 - 2017-08-14 02:48 - 000491600 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll 2017-03-18 21:59 - 2017-03-20 07:15 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-10-18 11:53 - 2017-10-17 09:08 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libglesv2.dll 2017-10-18 11:53 - 2017-10-17 09:08 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libegl.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 000182784 _____ () C:\Program Files (x86)\Orange\ma Livebox\dedicarz\ProxyDetection.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 000157184 _____ () C:\Program Files (x86)\Orange\ma Livebox\dedicarz\pupnp.dll 2014-09-15 10:01 - 2014-09-15 10:01 - 000549888 _____ () C:\Program Files (x86)\Orange\ma Livebox\dedicarz\netsnmp.dll 2017-09-14 09:11 - 2017-09-14 09:11 - 004889072 _____ () c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000013312 _____ () C:\Program Files (x86)\Orange\ma Livebox\dist\rt\bin\jetvm\jvm.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000073216 _____ () C:\Program Files (x86)\Orange\ma Livebox\dist\rt\bin\java.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000067072 _____ () C:\Program Files (x86)\Orange\ma Livebox\dist\rt\bin\zip.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000132608 _____ () C:\Program Files (x86)\Orange\ma Livebox\dist\NetworkAPI.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000019456 _____ () C:\Program Files (x86)\Orange\ma Livebox\dist\NetWPSAPI.dll 2017-02-07 12:52 - 2017-02-07 12:52 - 000151552 _____ () C:\Program Files (x86)\Orange\ma Livebox\dist\Tools.DLL ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Il y a 7936 plus de sites. IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\123simsen.com -> www.123simsen.com Il y a 7936 plus de sites. ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-10-30 08:24 - 2017-10-21 11:37 - 000454512 ____R C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Il y a 15600 plus de lignes. ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Session utilisateur\AppData\Local\DisplayFusion\Wallpaper_1.png DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "WindowsDefender" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "SDTray" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "LifeCam" HKLM\...\StartupApproved\Run32: => "EEventManager" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\StartupFolder: => "Curse.lnk" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "IncrediMail" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "Epson Stylus SX525WD" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "CCleaner" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "EPSON6A3353 (Epson Stylus SX525WD)" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-2651518865-2266862775-2130082318-1001\...\StartupApproved\Run: => "iCloudPhotos" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{D803C411-931A-4145-8585-EC34079219F4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{5A1C57D1-6026-4434-9BF5-92718ACC2B1F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{E3855B33-2038-488C-B5A1-E8070C2AFBC9}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [TCP Query User{D7148EA0-F902-49EB-817D-F2CC2CBCE2FA}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{0AE567FE-196C-4C46-9B7B-4095F44F050B}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{699390D7-88CB-4F4A-963A-3E5F61069731}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{99E8ABBF-62A4-4990-B854-CC5B7D414724}] => (Allow) C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe FirewallRules: [{70A4A817-C872-43DE-A57C-1F06B084FFE4}] => (Allow) C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe FirewallRules: [{B4EBBCDA-8D30-4A59-BE1C-CB08C7DD784A}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\PluginLivebox.exe FirewallRules: [{801E4DE8-7C0C-44A4-AF6B-075988A86AC2}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\PluginLivebox.exe FirewallRules: [{FC6F6762-7F25-46E8-B06F-A5DFCECD8EA2}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\LiveboxManager.exe FirewallRules: [{90076E19-C47A-49DE-801A-6C3189C42674}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\LiveboxManager.exe FirewallRules: [{57217034-9B6E-4C04-ABE1-78886241C9C4}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe FirewallRules: [{25F98356-F01C-4222-9E68-E5EC94AEE819}] => (Allow) C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe FirewallRules: [{76A62DB1-536F-46A8-A322-4B6BC376F0D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1B80B4BA-2D28-4505-BBDE-D70870077A62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{341AA9D5-62E8-442F-8BB1-A0D9FCC7BA9B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{31989FE7-918B-4943-A27C-77282CAE777F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{A2115341-9F08-4CC7-BDF1-7DD80EA6581D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{A8D840DF-27A5-4615-AC12-CDD9F003FBB4}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{C80A96CF-63DB-4995-AFBF-64A1EB36A8BC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{11E13036-ABDE-4236-A2D8-2D938CB82E69}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{584DAEED-69B0-41DB-A073-3D57565E4FB6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{116A6374-F53B-460E-829C-FD19794F524C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [UDP Query User{1B582F3D-252B-44E0-8B24-B84EF6B102FB}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [TCP Query User{4BABB367-502F-4474-BDE1-9420A4705CC4}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{CE61A95E-F125-43B2-969B-4BAF94147521}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4F9191D8-8183-4857-B969-58F5801AAEE8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C6E11ABC-C6C7-4BDC-B2C3-EEC2DB0441DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3B268EAB-4329-43AA-B056-FA51D4DA2C9D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D2FAAEEA-4513-4A14-B597-C837024A9820}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe FirewallRules: [{69FC0021-C9C6-4589-87C3-AB13D1E903E3}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe FirewallRules: [{592956CD-7818-4AC2-91DB-DD107C497659}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe FirewallRules: [{789FB797-38A1-4EEF-9141-9F21E4CDCC89}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe FirewallRules: [{B04E4874-DFFC-4106-9423-40B001D0FF29}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe FirewallRules: [{ECDE1A84-4E50-4377-B57D-7393042492A0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe FirewallRules: [{919DA357-2913-40FC-B0E2-9685F907EC62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{D211091E-420B-4975-9538-144F48700677}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DCB73E16-9B2C-4A9B-8292-904118584BCD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{227AB9D9-6235-41B7-845C-33A5B00704C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [TCP Query User{93594FF6-6EEF-450A-A7C8-1E6FF80AEF7A}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{CE4F2CE3-B0FA-4E67-8E53-6FB53A02266C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{C2683602-D9E3-458D-9E81-67D7C36D8FD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{236C220C-F9A9-448D-B01F-1732560DDE65}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{25304998-D682-4417-84F4-2561317C5693}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{073249FE-3BEE-4646-86B6-5C26EA4464B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{57D5C721-8349-4BBF-8EC0-DA2A8C072E43}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{3064C852-CACD-4F70-A343-94F32657A9E5}] => (Allow) C:\Program Files\iTunes\iTunes.exe ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (11/15/2017 11:40:11 AM) (Source: VSS) (EventID: 12289) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur inattendue CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy78\,0x80000000,0x00000003,...). hr = 0x80070001, Fonction incorrecte. . Opération : Traitement de PreFinalCommitSnapshots Contexte : Contexte d’exécution: System Provider Error: (11/15/2017 11:38:33 AM) (Source: VSS) (EventID: 12289) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur inattendue CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy77\,0x80000000,0x00000003,...). hr = 0x80070001, Fonction incorrecte. . Opération : Traitement de PreFinalCommitSnapshots Contexte : Contexte d’exécution: System Provider Error: (11/15/2017 11:38:21 AM) (Source: VSS) (EventID: 12289) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur inattendue CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy76\,0x80000000,0x00000003,...). hr = 0x80070001, Fonction incorrecte. . Opération : Traitement de PreFinalCommitSnapshots Contexte : Contexte d’exécution: System Provider Error: (11/14/2017 06:36:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-41H3FO7) Description: Échec de l’activation de l’application Microsoft.Getstarted_8wekyb3d8bbwe!App avec l’erreur : -2144927148 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (11/14/2017 12:00:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-41H3FO7) Description: Échec de l’activation de l’application Microsoft.WindowsStore_8wekyb3d8bbwe!App avec l’erreur : -2147024891 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (11/14/2017 11:14:22 AM) (Source: Windows Backup) (EventID: 4100) (User: ) Description: Échec de la sauvegarde car un cliché instantané n'a pu être créé. Libérez de l'espace sur le lecteur sur lequel vous effectuez une sauvegarde en supprimant des fichiers qui ne sont pas nécessaires et réessayez. Error: (11/14/2017 11:14:00 AM) (Source: VSS) (EventID: 12289) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur inattendue CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy73\,0x80000000,0x00000003,...). hr = 0x80070001, Fonction incorrecte. . Opération : Traitement de PreFinalCommitSnapshots Contexte : Contexte d’exécution: System Provider Error: (11/14/2017 11:13:50 AM) (Source: VSS) (EventID: 12289) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur inattendue CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy70\,0x80000000,0x00000003,...). hr = 0x80070001, Fonction incorrecte. . Opération : Traitement de PreFinalCommitSnapshots Contexte : Contexte d’exécution: System Provider Error: (11/14/2017 11:13:39 AM) (Source: VSS) (EventID: 12289) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur inattendue CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy67\,0x80000000,0x00000003,...). hr = 0x80070001, Fonction incorrecte. . Opération : Traitement de PreFinalCommitSnapshots Contexte : Contexte d’exécution: System Provider Error: (11/14/2017 11:13:28 AM) (Source: VSS) (EventID: 12289) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur inattendue CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy64\,0x80000000,0x00000003,...). hr = 0x80070001, Fonction incorrecte. . Opération : Traitement de PreFinalCommitSnapshots Contexte : Contexte d’exécution: System Provider Erreurs système: ============= Error: (11/15/2017 11:35:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {9E6E74C7-0E85-4D14-8851-7635E2C1C528} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/15/2017 11:35:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {9E6E74C7-0E85-4D14-8851-7635E2C1C528} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/15/2017 11:29:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {9E6E74C7-0E85-4D14-8851-7635E2C1C528} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/15/2017 11:28:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {9E6E74C7-0E85-4D14-8851-7635E2C1C528} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/15/2017 11:28:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {9E6E74C7-0E85-4D14-8851-7635E2C1C528} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/15/2017 11:27:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {9E6E74C7-0E85-4D14-8851-7635E2C1C528} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/14/2017 07:48:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/14/2017 07:48:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/14/2017 07:48:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/14/2017 07:48:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-41H3FO7) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. CodeIntegrity: =================================== Date: 2017-11-15 11:37:24.559 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-15 11:37:24.558 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-15 11:34:48.458 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-15 11:34:48.454 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-15 11:27:07.985 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-15 11:27:07.984 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-15 11:27:07.575 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-15 11:27:07.573 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-15 11:25:13.576 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-15 11:25:13.574 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== Processeur: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz Pourcentage de mémoire utilisée: 41% Mémoire physique - RAM - totale: 8138.93 MB Mémoire physique - RAM - disponible: 4726.23 MB Mémoire virtuelle totale: 10122.93 MB Mémoire virtuelle disponible: 6368.86 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:237.51 GB) (Free:64.15 GB) NTFS Drive d: (DATA) (Fixed) (Total:1863.01 GB) (Free:1350.26 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 6EB285EB) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: C2C898B0) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=237.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=480 MB) - (Type=27) ==================== Fin de Addition.txt ============================