Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 10.10.2018 Exécuté par Xavier Delphine (12-10-2018 22:15:33) Exécuté depuis C:\Users\Xavier Delphine\Desktop Windows 10 Home Version 1803 17134.345 (X64) (2018-05-26 17:47:27) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2303106090-3853597377-481782751-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2303106090-3853597377-481782751-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2303106090-3853597377-481782751-1002 - Limited - Enabled) Invité (S-1-5-21-2303106090-3853597377-481782751-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2303106090-3853597377-481782751-504 - Limited - Disabled) Xavier Delphine (S-1-5-21-2303106090-3853597377-481782751-1001 - Administrator - Enabled) => C:\Users\Xavier Delphine ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - ) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.) Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated) Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media) Apple Application Support (32 bits) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Assistant de connexion Windows Live (HKLM-x32\...\{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}) (Version: 5.000.818.6 - Microsoft Corporation) ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.9 - ASUS) ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK) ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS) ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.35 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.) ATI AVIVO64 Codecs (HKLM\...\{489F2C5A-83B9-79D5-714C-1DEF32A898E5}) (Version: 10.12.0.00122 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{D0528577-31BF-2ABC-D7FC-E443EBF8B40A}) (Version: 3.0.758.0 - ATI Technologies, Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS) Boingo Wi-Fi (HKLM-x32\...\{B653A2EC-D816-4498-A4FD-651047AB9DC9}) (Version: 1.7.0048 - Boingo Wireless, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) ccc-core-static (HKLM-x32\...\{394B8A28-0984-B687-DC3D-600A83E3D8AB}) (Version: 2010.0122.858.16002 - ATI) Hidden Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.18.65 - Conexant) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dream Day Wedding Married in Manhattan (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version: - Oberon Media) ELAN Touchpad 15.9.5.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.9.5.3 - ELAN Microelectronic Corp.) Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION) EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION) Espace Ombrage 3D 4.12b (HKLM-x32\...\Espace Ombrage 3D_is1) (Version: 4.12b - Espace Ombrage) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS) Freemake Video Converter version 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation) Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Game Park Console (HKLM-x32\...\{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1) (Version: 6.2.0.2 - Oberon Media, Inc.) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd) iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel® Remote Keyboard (HKLM\...\Remote Keyboard) (Version: 1.5.1.0 - Intel Corporation) iTunes (HKLM\...\{07A7CE9A-1131-4B53-BB1D-5B7F35970DF7}) (Version: 12.9.0.167 - Apple Inc.) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.) K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version: - ) Léa passion vétérinaire – au Zoo (HKLM-x32\...\Léa passion vétérinaire – au Zoo) (Version: 1.0.0.0 - Legacy Games) Microsoft Office Professionnel Plus 2013 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 15.0.4997.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 62.0.3 (x64 fr) (HKLM\...\Mozilla Firefox 62.0.3 (x64 fr)) (Version: 62.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla) Mozilla Thunderbird 45.8.0 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 fr)) (Version: 45.8.0 - Mozilla) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4997.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4997.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-040C-0000-0000000FF1CE}) (Version: 15.0.4997.1000 - Microsoft Corporation) Hidden Piggly FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version: - Oberon Media) Pulse Application Launcher (HKLM-x32\...\{3912EF73-8702-4608-A3DC-04D67DC65453}) (Version: 8.2.1025 - Pulse Secure, LLC) Pulse Secure Setup Client (HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\Pulse_Setup_Client) (Version: 8.2.7.1025 - Pulse Secure, LLC) Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC) Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC) Pulse Secure Terminal Services Client (HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\Pulse_Term_Services) (Version: 8.2.7.55673 - Pulse Secure, LLC) QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.) Smileyville FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version: - Oberon Media) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer) USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.205 - Sonix) VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{67D0313C-4F15-437D-9A2D-C1564088A26A}) (Version: 14.0.8050.1202 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS) WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.15 - ASUS) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) ContextMenuHandlers1-x32: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation) ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-12-02] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal) ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Pas de fichier ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov) ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-12-02] (Alexander Roshal) ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {01C995FF-D178-4E7B-AC4A-9E950006A207} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {0837D897-84CB-4E30-A8DD-807937A81DFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {0A03FB82-E589-4AD7-BE75-C6FB00009A1C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION Task: {0F1FC558-90E6-41AA-8D37-4FBE69053762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {148318FC-5974-4508-A415-B3AFD16E5DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1F60A406-3ED1-4D0C-B67C-93279B7FDFEE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {29308477-8F7E-4D4F-92D5-F1534E61B6F5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2BA56F0A-9B19-4480-93F2-CC5D16C058F4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {2E676C1A-88CF-40DA-B1A7-F8364B82365A} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {31505A50-924F-456B-B4F6-6D90352CF64C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-10-12] (Microsoft Corporation) Task: {35BA8E64-449D-45FA-BFFA-0A58AB45958D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-07] (Microsoft Corporation) Task: {3B4EF446-501E-4D87-BC0C-EB312BF10167} - System32\Tasks\{900CBA63-79C5-81C7-3B8F-57F27EE2437D} => C:\WINDOWS\SysWOW64\JrKOL.exe [2017-09-29] (Microsoft Corporation) <==== ATTENTION Task: {3C9616B2-742C-4820-AFAE-F3D2459E9677} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3D966D87-5FE5-4FBC-8E90-DB0F48E454DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3E3E65EA-6693-4ACC-947D-206853F50D65} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3FEC98B5-24DC-48FB-B952-7BF19F40777B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated) Task: {42145BE5-4059-431F-919A-1A381C5966DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {424CDEBE-A1ED-4388-BFE6-26D2E4FC5A3F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {4E5BC6E9-EF37-4779-BC94-3638BD925081} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {502DBD9A-62FF-4357-A876-DCC946AC8048} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {564D71C7-0B88-4D5E-B70C-488370D46D30} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {5CA64D5D-C7BF-47FD-AC59-50375474C17C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-07] (Microsoft Corporation) Task: {5E9DCE49-654B-477D-81B1-9EFCCF0EEB7E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {6359E633-E753-44E6-987E-B90D377CE593} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6705941B-BC37-4374-89FC-F556892B43B1} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {6F2B6119-0723-4DC3-A6F5-7B440284F9D6} - System32\Tasks\{EFC68ACD-4D5C-62EB-B3BA-FE05588BE238} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://sidited.net/cl/?guid=z0gi2jw96knhk8bx4atkw1xdikgc44bt&prid=1&pid=4_1375_10 Task: {6FECF9BE-AED8-4627-80ED-91FF5361960F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {739592F5-4C02-4F04-B1AC-FCD4732C8647} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-07] (Microsoft Corporation) Task: {773492A6-4F08-4DAF-9C1B-778BC17ACAED} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {78588675-6CF3-4E50-B5B1-1EC34EAA2F6B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {847BDD5A-9B8B-4E0A-B759-4183E334280A} - \ASUSControlDeck -> Pas de fichier <==== ATTENTION Task: {89E6CABC-F903-4D47-9132-ACF13653171E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation) Task: {8BBE72E1-4390-48FC-AED5-6B3D76DF80C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-07] (Microsoft Corporation) Task: {9ABCCD4C-8DBE-49A2-9A8C-0DD7D0D7040F} - System32\Tasks\StartRemoteKeyboardService => sc start RemoteKeyboard Task: {A41B2DB6-ED0B-4C31-9836-94AAA1E7667D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B0F968C2-63CD-443C-9853-E000E75054B1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {B273519B-5044-430F-BD8E-22E2C615A793} - System32\Tasks\{562F848E-D43D-8CE0-424C-546E38069929} => C:\Users\Xavier Delphine\AppData\Roaming\oIZQYofbm.exe <==== ATTENTION Task: {B6F873EF-598E-4966-BD62-407A275120B5} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {B9729CD9-EDF2-429E-81FC-4CF010EF8629} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {BA1384F6-B6B0-4E46-9518-E49BB403906D} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-05] () Task: {BB0C8532-0FC3-40DC-ADFE-5654A2D0A28A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {C19C36AF-2E5E-4E4E-83E2-5403472240B6} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS) Task: {C21C4860-8407-4E1B-B8A7-58915F49316E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {C4BCC5B9-7791-43E8-894D-ADE237E400DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.) Task: {C60FEF0F-7114-4FB3-A7AF-A3D86B7A760B} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-04-09] (ATK) Task: {C778374C-94FE-41B0-B705-5FC952201AC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {DD548504-31EE-43FF-A573-1E9BCB56DC76} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {DDF08C4E-543B-4594-B182-B459D6E709AB} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {DE627672-F981-4922-8F3B-34747456A098} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {E4681234-CEAC-47BB-8D5A-74E749E86910} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {E959E007-A71C-4952-8EA8-22DE146D6227} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F0496437-71B1-4E96-9E9C-3BC2F52CDE46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F0EF5E66-682C-4706-A092-334F70DB51B5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation) Task: {F127D249-B007-4172-9703-18C2CC9EA37F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {F75EE194-9780-49EB-815C-FFA3AF938328} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION Task: {FACB8164-0888-403B-B4E6-7F59329EA90F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FBC8485F-A585-489F-8E2C-C65FEABC1BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {FC4F3E81-9BD6-49E8-AD0F-CD406C8E2ADB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {FFEE4F98-789F-4BC5-9EBF-91D4AC658C46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2014-12-23 11:39 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2018-04-20 08:28 - 2018-04-20 08:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2010-03-16 03:48 - 2010-03-16 03:48 - 000148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll 2018-05-26 19:19 - 2018-05-26 19:19 - 000030032 _____ () C:\WINDOWS\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll 2018-05-26 19:20 - 2018-05-26 19:20 - 000931840 _____ () C:\WINDOWS\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll 2015-04-13 15:55 - 2015-04-13 15:55 - 000821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe 2018-10-12 18:50 - 2018-09-20 05:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-08-10 21:38 - 2018-08-10 21:41 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-08-10 21:38 - 2018-08-10 21:41 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-08-10 21:38 - 2018-08-10 21:41 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-08-10 21:38 - 2018-08-10 21:41 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll 2018-09-19 19:29 - 2018-09-19 19:31 - 035124736 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-09-19 19:29 - 2018-09-19 19:31 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-09-19 19:29 - 2018-09-19 19:30 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-09-30 16:11 - 2017-09-30 16:33 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-09-19 19:29 - 2018-09-19 19:31 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntPlat.dll 2018-09-28 17:48 - 2018-09-28 17:50 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-09-28 17:48 - 2018-09-28 17:50 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-09-30 16:14 - 2017-09-30 16:16 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-09-28 17:48 - 2018-09-28 17:50 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-09-03 19:19 - 2018-09-03 19:22 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-05-02 18:42 - 2018-05-02 18:44 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll 2018-09-03 19:19 - 2018-09-03 19:22 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-08-17 11:13 - 2018-08-17 11:21 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-08-17 11:13 - 2018-08-17 11:21 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2018-04-07 14:23 - 2018-04-07 14:26 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-09-28 17:48 - 2018-09-28 17:50 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-09-03 19:19 - 2018-09-03 19:22 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-09-28 17:48 - 2018-09-28 17:50 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-09-03 19:19 - 2018-09-03 19:22 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-08-10 21:39 - 2018-08-11 18:40 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-09-28 17:48 - 2018-09-28 17:50 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\SKU.dll 2018-09-28 17:48 - 2018-09-28 17:50 - 000048128 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImageDecoding.dll 2018-09-22 12:26 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll 2018-09-22 12:26 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll 2018-10-07 17:16 - 2018-10-07 17:17 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2018-06-18 17:22 - 2018-06-08 11:31 - 003912608 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll 2018-06-18 17:22 - 2018-06-08 11:31 - 002506680 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll 2009-11-02 23:20 - 2009-11-02 23:20 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 23:23 - 2009-11-02 23:23 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2018-08-22 22:19 - 2018-08-22 22:19 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2017-12-08 02:49 - 2017-12-08 02:49 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-12-23 21:18 - 2009-03-12 16:45 - 000135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll 2014-12-23 21:18 - 2008-11-21 14:58 - 000057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\SATWAIN.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [135] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Il y a 7896 plus de sites. IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\123simsen.com -> www.123simsen.com Il y a 7897 plus de sites. ==================== Hosts contenu: ========================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2009-07-14 04:34 - 2018-07-06 09:23 - 000452348 ____R C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Il y a 15522 plus de lignes. ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2303106090-3853597377-481782751-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé. MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" HKLM\...\StartupApproved\StartupFolder: => "FancyStart daemon.lnk" HKLM\...\StartupApproved\StartupFolder: => "SRS Premium Sound.lnk" HKLM\...\StartupApproved\Run: => "ASUS WebStorage" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "ATKMEDIA" HKLM\...\StartupApproved\Run32: => "ATKOSD2" HKLM\...\StartupApproved\Run32: => "Boingo Wi-Fi" HKLM\...\StartupApproved\Run32: => "ProductUpdater" HKLM\...\StartupApproved\Run32: => "SDTray" HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\StartupApproved\Run: => "Spybot-S&D Cleaning" HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\StartupApproved\Run: => "Chromium" HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\StartupApproved\Run: => "Egdtion" HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\StartupApproved\Run: => "Ichsoft" HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\StartupApproved\Run: => "Odics" HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-2303106090-3853597377-481782751-1001\...\StartupApproved\Run: => "iCloudPhotos" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{03B76F3B-6046-46AF-868B-E0585DA49668}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{3B6FE3C1-68E4-4E1F-9E02-85B8C512415F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{EEBEBB51-D421-4678-A97D-0D4FD31A4CA8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{CDE875F6-DDC1-48B1-A3E0-A94FD7733ABD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{190D46AD-8B77-4276-8701-63B132AEFC5D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{D83E23CD-A9CB-4234-9226-A95B53DCD2C4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{BF7E7305-78FF-4D57-974B-6A8DEEB5F5F7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{3184A640-8582-4194-907E-F441E721B759}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{BCD1BD47-3341-4D53-BE6F-AB002A885894}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{45D37D86-2F45-4428-9C85-33D0DEBC8D1E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{80BBEF6F-9AE5-4B16-95FB-6566EF01DBA7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{35EE54E2-6AD5-4791-A313-A740316D0FD2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{2C4C15E9-B5FA-4744-AE58-A18E90FE8412}] => (Allow) C:\Users\Xavier Delphine\AppData\Roaming\oIZQYofbm.exe FirewallRules: [{EF76B0E7-12C9-45D3-A0FC-4DEA6CBF1663}] => (Allow) C:\WINDOWS\SysWOW64\JrKOL.exe FirewallRules: [{B807DE11-FC0E-4A77-8DC9-A7942789348E}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe FirewallRules: [UDP Query User{77024B9F-315F-47FD-98C8-AB6ECFC6DE15}C:\users\xavier delphine\appdata\roaming\utorrent\updates\3.5.0_43916.exe] => (Allow) C:\users\xavier delphine\appdata\roaming\utorrent\updates\3.5.0_43916.exe FirewallRules: [TCP Query User{80A0A0C4-501A-4209-99E4-FEAC8DB25914}C:\users\xavier delphine\appdata\roaming\utorrent\updates\3.5.0_43916.exe] => (Allow) C:\users\xavier delphine\appdata\roaming\utorrent\updates\3.5.0_43916.exe FirewallRules: [{DD85039D-4BAE-403C-B979-50B1FCE8F752}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{6D8E5F24-463F-4647-B9AF-0E1BE45A3016}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{16854278-9EAA-47DA-94C7-02FB23CC8C7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B0A2BC3E-9464-46F2-9873-BCD3223A2116}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{82DEF1E0-B41D-4C70-9D08-C1716B48CB73}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{F901356C-B995-444F-B478-FFD76F443990}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{FEC58D3A-E837-4B19-9339-783953F9F31C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{97EB3A58-DF27-4285-93D1-99553BEB7EE0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1692978E-A16E-471C-BAE0-62630A90F04F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E8C88538-16BC-448C-B796-9A008BADB071}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A8FFA2EB-66E3-4688-A2B9-E4CFA92FFE3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{8EF51FE4-5CBA-498A-9E15-94326CCF8DE4}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{780EFD2F-383F-42A5-BBA0-8DF81E2E7274}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{6F542C74-4C07-40ED-BADB-9EE2D3805FBD}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe FirewallRules: [{5A340255-D95B-4454-B0D0-49793EA682D6}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe FirewallRules: [TCP Query User{36D8F7EB-4C29-4356-B9E0-FD881F1E474D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{13617BE3-781C-4370-9509-5AD29172D151}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{855CEF67-1EE3-4F59-80A4-912ADEDBBCF2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{656F1D9C-EF73-400C-9064-0BA79D475E70}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{ABC6CF2B-C83C-41E1-853F-7966D0CB2A34}] => (Allow) C:\Users\Xavier Delphine\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2F7E7A09-BB27-4E26-8A84-2C7792981861}] => (Allow) C:\Users\Xavier Delphine\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7AE9DE9D-F2BD-4E49-8E03-5D4D70A3B1DA}] => (Allow) C:\Program Files\Intel Corporation\Remote Keyboard\Remote Keyboard.exe FirewallRules: [{96602447-D61D-4E93-ACD8-35D74868585B}] => (Allow) C:\Program Files\Intel Corporation\Remote Keyboard\Remote Keyboard.exe FirewallRules: [{F42A29C7-31A2-4D43-8EAF-4E66D7A074FF}] => (Allow) C:\Program Files\Intel Corporation\Remote Keyboard\RemoteKeyboardService.exe FirewallRules: [{01050F72-50B7-4DAE-90B5-A86ED341089F}] => (Allow) C:\Program Files\Intel Corporation\Remote Keyboard\RemoteKeyboardService.exe FirewallRules: [{204D1CFF-8B7E-41AE-AB17-006DC1723CC7}] => (Allow) LPort=40007 FirewallRules: [{BA214633-BDB1-45B2-8B72-BBABCCED6C60}] => (Allow) LPort=40007 FirewallRules: [{48B30ECF-089A-4571-9B37-EBC2A616E8BF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{84EA14CB-2F59-4330-A785-5109F285A7EC}] => (Allow) LPort=2869 FirewallRules: [{4AD445C4-3212-4997-9314-7C606CA79EA1}] => (Allow) LPort=1900 FirewallRules: [{D8005685-9E8D-4559-8FA1-CDC50F7B9897}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\ThunderbirdPortable\msiexec64.exe FirewallRules: [{043C7237-11CA-4230-8FD0-E53C08E60BC4}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{0B1D3686-568B-4E94-9231-BF3DD273F195}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{75A46C72-7581-4C3B-8A35-DD6A048AFB7C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{675749FB-6E28-4D2A-B44A-F45A3B4AC757}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{3E99D7C4-AC34-4C7E-8F47-364F9A02BEBA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{BCE2AFC7-4767-4460-9018-6B2BC6A3C0AE}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\ThunderbirdPortable\msiexec64.exe FirewallRules: [{530680AE-46EF-4DBF-B22A-F4535406467A}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{9CF90D69-F9C1-4A66-BB5E-57C14D063C43}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{9A60748E-7C6A-40AA-A5F0-E6B942172A35}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{B6322C84-202C-43D7-BDE1-14370DF83459}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{A55E0A17-B9E3-4DB4-9C60-8AD0385AE82F}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\ThunderbirdPortable\msiexec64.exe FirewallRules: [{7D5CBA0F-D620-46FF-AF80-E1AA7D3B7E79}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{4AFEBDE8-9576-4583-9369-4BD780F25152}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{FCA551AB-7586-4CA1-A8B1-11E1BCDFEC12}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\ThunderbirdPortable\msiexec64.exe FirewallRules: [{2C5550D1-E5C3-475F-922E-3835DCA84926}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{E7579F20-A1CE-4434-96D6-807A6E294420}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{5D2D582A-B9D1-4995-AEC3-107558493DCA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{44616DA7-AE9E-4E57-A6EC-DE8E65342ACE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{15367B1B-48E0-4674-8D2E-25AFF1A744ED}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\ThunderbirdPortable\msiexec64.exe FirewallRules: [{B97A0B7B-F2E2-43D7-947C-8FDD48197FAB}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{3B6F97C9-08E6-4A4F-A237-D1306A8CC626}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{6F56ED1B-5877-4B83-B61E-B33AA3473A3F}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\DiskManagement\msiexec64.exe FirewallRules: [{8210E3E0-7978-4E80-BE36-084D8B457C61}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{FA4230D3-292A-4954-A13E-77DD07E3FA7B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{A50BF9A8-0802-44F2-99A5-722592768DAA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{DFC8F7BF-1334-401C-9CBF-D58F1CFDD152}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{84F3F773-E322-4E1C-8F24-0FE4A661D32F}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\CCleaner v9.18\msiexec64.exe FirewallRules: [{6ACD1193-DA2D-47EE-8AA2-DC09318FF6CE}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{127E716D-721B-4DDD-A728-A8DEB9D3CB6B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{B41310A4-9182-4EC0-8102-387AE3F6EF94}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{3B38C4B5-F7EF-485F-9A09-313FC17CAB75}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{2876F529-264E-4880-91F5-722532205618}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\CCleaner v9.18\msiexec64.exe FirewallRules: [{B0257AF4-A04E-4F81-9D7F-1C260E78E845}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{67A1606A-EBFB-48CB-B0BC-E9BEDE223E69}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{D87F6F6A-1296-4DA5-B5A9-19C190233DEB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{DFADC3E6-7552-4B9A-9A71-5B54E2EB169B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{5207E460-4354-42A2-AABD-EE4945A932BD}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\CCleaner v9.18\msiexec64.exe FirewallRules: [{472EACFC-A3B3-46A6-A5D7-3F214EF75B98}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{B3935D84-0865-4FBF-B70F-190FBFB250BF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{5CFDD6A3-259D-476A-B8CF-ECE82E0B6B5A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{583AFE7B-4C28-4447-A671-98863A0953C9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{301B28C3-9C0D-4B8C-8BA7-2FA37EC06E33}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\plugins\msiexec64.exe FirewallRules: [{6518B3F4-63D9-4143-A9F0-480CD0EC3274}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{D75B8979-307E-4B46-BB99-8ACA972F2019}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{403FF364-7FEA-4DD5-BB79-E1652C75C03C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{3E9CD4D0-FBDD-4655-86EB-514F1A1809DF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{B72BA830-B7C1-471A-9DE5-F1C1F63308CE}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\KernelReports\msiexec64.exe FirewallRules: [{0E133D25-EF69-4372-8848-DA8227011FAF}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{B99450BB-7BA6-472E-8772-3A6F431B9035}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{46E84498-CD7D-4A6C-A033-27EA203F3B35}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{5E72D07F-E0CA-4CFA-8DF7-A250339ECAEC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{AEB96141-28F2-4E99-B49C-FB070FA0117D}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\$NtUninstallWIC$\msiexec64.exe FirewallRules: [{CCBD3B12-91C4-4CD8-A01F-8165C12C6C46}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{74CFA7D9-5D79-4C19-87DD-A9962EDB40AF}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\$NtUninstallWIC$\msiexec64.exe FirewallRules: [{5DBF5EA2-3DE9-4262-A59B-4D275E18E82E}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{85F9B655-9F39-44E7-A113-2F07B6A42C8A}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\$NtUninstallWIC$\msiexec64.exe FirewallRules: [{D04ABD20-01EF-4E71-95FA-952802842202}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{82CA9276-F4A5-4728-AA2B-738615B00EE8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{B9093F65-E7F1-4AAC-9B94-C707534F457A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{F6E0B400-61C3-4C1E-BF10-C61D3FA6C0B0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{07AB8FDC-3363-4170-AE65-3BEA666D6364}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{2921325D-E8FA-4852-A870-564DF5A267AF}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\$NtUninstallWIC$\msiexec64.exe FirewallRules: [{956D8C93-6682-4A96-A3C1-73B428ECFA9B}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{0C4BD22F-71FE-4772-A6F5-8969AA76E296}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{D31E0DDE-A1B8-426B-B8AC-19F51682DACC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{A7D9BABD-BB6D-4263-8401-31AA1F48BC61}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{250868F3-E666-4965-B681-3800A642B730}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\$NtUninstallWIC$\msiexec64.exe FirewallRules: [{7D44A613-29BD-47E3-98F0-23A5E644F8C6}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{08C9E39B-5F9B-478E-9196-58AF8EF3B432}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{15C3F0FE-AADE-4BB9-A8F6-20FC54E2D9B4}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msiexec64.exe FirewallRules: [{99B7102B-82CA-42A1-9CE3-976121107AEE}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{484A9DB5-B3E7-40AC-A11D-D278D0338FF5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{C6919818-29E8-4496-9DD0-E503A4DD8C60}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{220B6185-8EC6-4B1F-BF48-63F0C7115D06}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{C182E9F3-CE3A-44E9-BF14-C5DB6B3DC99E}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msiexec64.exe FirewallRules: [{E124E5A3-E640-486C-B75B-EE29250DD622}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{E93350A8-B4A7-4EBC-BC2C-B54AC0F20962}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{71FA1E74-1B36-4FB0-9F81-07D98D80BACC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{42617845-E910-4A9A-BC7A-F0C0242C8979}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{37A07CC0-C529-4DFC-BEB3-5302A63683F7}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\WIX Toolset 11.2\msiexec64.exe FirewallRules: [{E668C4BD-CAE5-4102-B1EC-62CBB46068D6}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{1E42C814-3067-4D03-A769-0D599BAEF10D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{479DCD5A-83A3-4046-BBF3-3F1F37E7493F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{97A12382-3B74-429E-8EE1-62D01F781B09}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{E03DAFC7-87D1-4DA2-AE9D-FBD3C5632F2A}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\HTTPERR\msiexec64.exe FirewallRules: [{0CEA2469-7151-4476-A443-182BF7CE83FE}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{72F7578B-EFA8-4679-9547-B9574D492ACA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{75F9508A-A065-4A7F-B053-FD88DC914F8D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{01EFEC6E-EEE4-41AF-BC9B-466A635188D4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{CCFBE4C2-6D87-411C-8E30-619E54509DED}] => (Allow) C:\Program Files (x86)\Common Files\NTServices\msiexec64.exe FirewallRules: [{FFB52577-AA6F-433D-A984-3530DBB77D95}] => (Allow) C:\Program Files (x86)\Common Files\NTServices\msiexec64.exe FirewallRules: [{CED74186-D6D4-4B1C-85BD-1E139CF1505A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{14C20632-F2D6-40F1-8FC8-4E397835B177}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{3F9C487E-9A21-418B-A4BE-49457D01BF26}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{B41DAADF-6027-48B8-9E02-8EB379BD99BD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{82AAD10C-D86A-4916-8D6E-16C5987F116F}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\Wow64Cache\msiexec64.exe FirewallRules: [{4819CA2C-67E4-4E12-8960-F119D9D43663}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{AFB03540-B8F0-4027-B823-32D48B760A0E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{AEEAD426-DB34-4496-9278-FC0C590014D1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{635E64A3-05CF-45F6-AAAA-8012785A885F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{882DF883-B086-4B73-A5F8-63E6D19B1CC6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{B3477A60-F629-4F69-A3AA-84DC11E15363}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\Wow64Cache\msiexec64.exe FirewallRules: [{A4858F9A-F8C1-4E0C-A2BD-FAA7510236A6}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{D3E09F31-4463-42A7-8341-BAFCF1CB72F2}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\Wow64Cache\msiexec64.exe FirewallRules: [{B4A0A6A2-3C87-46E7-B2F2-E0EA0D116ACF}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{0C4C978C-25E5-4813-A7E8-32306F81275D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{CD206B1E-B8A1-4332-9DE5-651A3A678758}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{2815DB04-0CE0-42AF-AFC4-DBDEDED24932}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{02B43CAB-AD16-4AB4-AB6E-6769B63A2942}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\Wow64Cache\msiexec64.exe FirewallRules: [{DB7D38EA-CAFD-4048-885A-FC834C242FB9}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{981C8A3C-088E-4D09-BD57-6568CC161EF6}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\ClipBoardSvc\msiexec64.exe FirewallRules: [{2E7BC8DF-EF74-40A3-B72A-091E8611F978}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{A0961FCB-B7AD-448E-8C79-62B1DA2493DF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{48AB984A-CA21-4947-8301-AE527A7EEED1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{1923BB29-4D40-43BD-9B34-AD1C73566D05}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{11F98892-ACC0-45CA-893B-8990E2D39DBD}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\UserData.db\msiexec64.exe FirewallRules: [{5DAC54F7-60AE-4006-91B5-076B4F5D6BE1}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{00BEE820-DF59-47ED-9D5F-7E9319BF7A39}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{FD876C46-07AE-4480-8DD1-C2C339B7CCB6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{13C52613-8D59-45AB-9E53-2516818950F3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{4A87499F-76AA-4231-8302-C10191224A98}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\UserData.db\msiexec64.exe FirewallRules: [{450B3AC9-0820-455A-9159-C150FD8E5F10}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{4C0F0171-F6FD-4663-A1FB-6BACDF477610}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\UserData.db\msiexec64.exe FirewallRules: [{EDF3E370-4840-4A72-8DDE-CFEADCDC9C8E}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{0866A6CC-140E-4693-9F28-BA1B59C3C47B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{0FF740E9-6F6F-4BA6-B920-75E5162EA4C9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{C1BC6630-61CF-490C-95F2-D24ECE4FBCA8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{BDFAC59E-F4B2-4ACE-9975-2246FEADF53E}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\UserData.db\msiexec64.exe FirewallRules: [{AD4DBCF4-BF5F-44FF-9AD6-4A3D77D735C8}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{4DBE351E-E16E-48C4-8544-D5C08E3AFE13}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{C5CE2B74-B031-4CAE-8ECD-9D8B71A65789}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{A1978DCD-9BA2-4ADC-BD0D-3DD93CDBC81B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{802B9E5D-74AD-464E-93CF-F544D0D272C5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C604E262-36AF-4DA5-A5E2-9C031090F399}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{9415EB57-EC1D-4CD4-9766-272DE3ADD275}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DE09E29B-6FBF-40E4-AFDA-7918CDA41497}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{3761F826-38B2-467B-B06F-A8A8C00972FC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{580D17E7-D4B7-4D06-B783-994263D4FD11}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{81C26043-98C9-4B85-B959-DFECFD32265A}] => (Allow) C:\Users\Xavier Delphine\AppData\Local\Canon Network Tool_rt\msiexec64.exe FirewallRules: [{280E55D0-8B51-4506-8A9C-138E81750CB1}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{9761B732-7C2E-475B-B92D-9B14308A66AE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{C4BBD954-2761-446F-A133-8BB44E0DA246}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{8C8328D2-F417-4CE6-90F6-7C0BFA92A1EE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{9E271DC9-5692-408A-BC29-7752E7C391B6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{7F520F0E-7781-4A2C-AE4C-10986A0AD2FA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{8E6A811A-896E-4A24-A305-8310E9AA50E8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{3CB07F15-5476-411D-AD9C-2B2DB27FE912}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{DA54CA82-C7A6-4D94-99C9-D7126F974DEC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{16C6C277-96F2-4393-AF9C-1829888FC1F2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{2709127A-1BCD-4E4B-95D9-B783EEEB350E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{F00BBAB6-E2AC-45FC-8A66-375563803659}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (10/12/2018 10:10:39 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (10/12/2018 08:26:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname XavierDelphine.local already in use; will try XavierDelphine-2.local instead Error: (10/12/2018 08:26:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 XavierDelphine.local. Addr 192.168.1.14 Error: (10/12/2018 08:26:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.14:5353 16 XavierDelphine.local. AAAA 2A01:CB18:0105:9900:2549:2702:6E55:40AB Error: (10/12/2018 08:06:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme mbam.exe version 2.3.125.0 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 1bd0 Heure de début : 01d4624ff524b9e7 Heure de fin : 4294967295 Chemin d'accès de l'application : C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe ID de rapport : d510fbc6-0831-4eef-8ee1-0e2b9137eb71 Nom complet du package défaillant : ID de l'application relative au package défaillant : Error: (10/12/2018 07:21:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme SystemSettings.exe version 10.0.17134.112 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : e60 Heure de début : 01d4624a70ba22fa Heure de fin : 4294967295 Chemin d'accès de l'application : C:\Windows\ImmersiveControlPanel\SystemSettings.exe ID de rapport : dad7a93f-485b-4180-9dda-c515890182cf Nom complet du package défaillant : windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy ID de l'application relative au package défaillant : microsoft.windows.immersivecontrolpanel Error: (10/12/2018 06:09:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname XavierDelphine.local already in use; will try XavierDelphine-2.local instead Error: (10/12/2018 06:09:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 16 XavierDelphine.local. AAAA FE80:0000:0000:0000:2549:2702:6E55:40AB Erreurs système: ============= Error: (10/12/2018 10:00:56 PM) (Source: DCOM) (EventID: 10016) (User: XavierDelphine) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID XavierDelphine\Xavier Delphine de l’utilisateur (S-1-5-21-2303106090-3853597377-481782751-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/12/2018 09:57:00 PM) (Source: DCOM) (EventID: 10016) (User: XavierDelphine) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID XavierDelphine\Xavier Delphine de l’utilisateur (S-1-5-21-2303106090-3853597377-481782751-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/12/2018 09:14:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Installer s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service. Error: (10/12/2018 09:14:17 PM) (Source: DCOM) (EventID: 10016) (User: XavierDelphine) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID XavierDelphine\Xavier Delphine de l’utilisateur (S-1-5-21-2303106090-3853597377-481782751-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (10/12/2018 09:10:54 PM) (Source: DCOM) (EventID: 10000) (User: XavierDelphine) Description: Impossible de démarrer un serveur DCOM : {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. L’erreur « 5 » s’est produite lors du démarrage de la commande : C:\Users\Xavier Delphine\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileCoAuth.exe -Embedding Error: (10/12/2018 09:02:01 PM) (Source: DCOM) (EventID: 10000) (User: XavierDelphine) Description: Impossible de démarrer un serveur DCOM : {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. L’erreur « 5 » s’est produite lors du démarrage de la commande : C:\Users\Xavier Delphine\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileCoAuth.exe -Embedding Error: (10/12/2018 09:02:01 PM) (Source: DCOM) (EventID: 10000) (User: XavierDelphine) Description: Impossible de démarrer un serveur DCOM : {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. L’erreur « 5 » s’est produite lors du démarrage de la commande : C:\Users\Xavier Delphine\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileCoAuth.exe -Embedding Error: (10/12/2018 09:00:54 PM) (Source: DCOM) (EventID: 10000) (User: XavierDelphine) Description: Impossible de démarrer un serveur DCOM : {71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}. L’erreur « 5 » s’est produite lors du démarrage de la commande : C:\Users\Xavier Delphine\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileCoAuth.exe -Embedding Windows Defender: =================================== Date: 2018-09-19 21:03:01.717 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {EA6EDA9D-59ED-45FB-A5CA-89E9FBA1D3A5} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2018-09-19 19:22:40.571 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {5500D041-A329-4A20-89FF-ED613F58947D} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : XavierDelphine\Xavier Delphine Date: 2018-08-17 16:40:42.465 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {AD5FC8FD-4EDE-4E23-866C-5CBC9B42DBDE} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2018-07-05 22:15:02.946 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Powessere.D&threatid=2147690011&enterprise=0 Nom : Behavior:Win32/Powessere.D ID : 2147690011 Gravité : Grave Catégorie : Comportement suspect Chemin : behavior:_pid:4484:50247080127395;process:_pid:4484,ProcessStart:131752922965065097 Origine de la détection : Inconnu Type de détection : Concret Source de détection : Inconnu Utilisateur : Nom du processus : C:\Program Files\RogueKiller\RogueKiller64.exe Version de la signature : AV: 1.271.548.0, AS: 1.271.548.0, NIS: 1.271.548.0 Version du moteur : AM: 1.1.15000.2, NIS: 1.1.15000.2 Date: 2018-07-05 22:14:57.871 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Powessere.D&threatid=2147690011&enterprise=0 Nom : Behavior:Win32/Powessere.D ID : 2147690011 Gravité : Grave Catégorie : Comportement suspect Chemin : behavior:_pid:4484:50247080127395;process:_pid:4484,ProcessStart:131752922965065097 Origine de la détection : Inconnu Type de détection : Concret Source de détection : Inconnu Utilisateur : Nom du processus : Unknown Version de la signature : AV: 1.271.548.0, AS: 1.271.548.0, NIS: 1.271.548.0 Version du moteur : AM: 1.1.15000.2, NIS: 1.1.15000.2 Date: 2018-10-12 20:24:57.043 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.277.1005.0 Source de mise à jour : Serveur Microsoft Update Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.15300.6 Code d’erreur : 0x8024402c Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. Date: 2018-08-25 15:40:07.670 Description: La fonctionnalité de protection en temps réel Antivirus Windows Defender a rencontré une erreur et échoué. Fonctionnalité : Sur accès Code d’erreur : 0x80004005 Description de l’erreur : Erreur non spécifiée Raison : Le pilote de filtre a ignoré l’analyse des éléments et est en mode relais. Cela peut être dû à des ressources insuffisantes. Date: 2018-08-16 14:25:13.886 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.273.1179.0 Source de mise à jour : Serveur Microsoft Update Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.15100.1 Code d’erreur : 0x80240016 Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. Date: 2018-08-11 19:02:58.304 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.273.1179.0 Source de mise à jour : Serveur Microsoft Update Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.15100.1 Code d’erreur : 0x80240016 Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. Date: 2018-07-08 17:38:42.285 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.271.660.0 Source de mise à jour : Serveur Microsoft Update Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.15000.2 Code d’erreur : 0x8024402c Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. CodeIntegrity: =================================== Date: 2018-10-12 21:19:09.842 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-12 21:19:08.346 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-12 21:19:08.341 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-12 18:09:21.822 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-12 18:09:21.798 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-07 19:49:09.226 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-07 19:49:09.218 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-07 17:06:42.336 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== Processeur: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz Pourcentage de mémoire utilisée: 55% Mémoire physique - RAM - totale: 3948.55 MB Mémoire physique - RAM - disponible: 1774.51 MB Mémoire virtuelle totale: 7916.55 MB Mémoire virtuelle disponible: 4622.74 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:115.13 GB) (Free:17.72 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)] Drive d: (Data) (Fixed) (Total:329.79 GB) (Free:92.51 GB) NTFS \\?\Volume{e0c5913d-0000-0000-0000-90aa21000000}\ () (Fixed) (Total:0.81 GB) (Free:0.34 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: E0C5913D) Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C) Partition 2: (Active) - (Size=115.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=832 MB) - (Type=27) Partition 4: (Not Active) - (Size=329.8 GB) - (Type=0F Extended) ==================== Fin de Addition.txt ============================