Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 18-01-2020 Exécuté par Alexandre (21-01-2020 10:30:22) Exécuté depuis C:\Users\Alexandre\Desktop Windows 10 Home Version 1903 18362.592 (X64) (2020-01-18 07:13:28) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3889166263-466318981-1515235395-500 - Administrator - Disabled) Alexandre (S-1-5-21-3889166263-466318981-1515235395-1000 - Administrator - Enabled) => C:\Users\Alexandre DefaultAccount (S-1-5-21-3889166263-466318981-1515235395-503 - Limited - Disabled) Invité (S-1-5-21-3889166263-466318981-1515235395-501 - Limited - Disabled) postgres (S-1-5-21-3889166263-466318981-1515235395-1001 - Limited - Enabled) => C:\Users\postgres WDAGUtilityAccount (S-1-5-21-3889166263-466318981-1515235395-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) . . (HKLM\...\{9C40698F-A953-4658-AFF2-F7BB385A3910}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{870E5275-5457-4BBC-98C9-BFF4B70AA5D3}) (Version: 3.1.0.12 - Intel) Hidden µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) 64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe) AMD Catalyst Install Manager (HKLM\...\{A70B905D-2E57-66A0-3BFE-66B8E71E0C70}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.) Arena 3.5 (HKLM-x32\...\Arena 3.5_is1) (Version: - ) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation) Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 9.2.0.4 - Auslogics Labs Pty Ltd) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 79.1.2.43 - Auteurs de Brave) BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden C4400 (HKLM-x32\...\{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) ChessBase 13 64-bit (HKLM\...\{DC2A2AB5-1DFB-4DFA-889A-2735543DC636}) (Version: 13.1.0.0 - ChessBase) ChessPartner 6.0.4 (HKLM-x32\...\{576D6401-956E-498B-9199-6AB60B3969B3}) (Version: 6.0.4.0 - Lokasoft) Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.) CyberGhost 6 (HKLM\...\CyberGhost 6) (Version: 6.5.2.3457 - CyberGhost S.A.) Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden f.lux (HKU\S-1-5-21-3889166263-466318981-1515235395-1000\...\Flux) (Version: - f.lux Software LLC) Feed Notifier 2.6 (HKLM-x32\...\{6091F327-2B13-4193-A6F1-4B2271613A74}_is1) (Version: - Michael Fogleman) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{2550a40e-aac6-4d21-9361-744d33bec573}) (Version: 3.1.0.12 - Intel) Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation) JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.) Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: - Logitech) Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.126 - Logitech) Ludi (HKLM-x32\...\Ludi) (Version: - ) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) MemPlus version 1.3.2 (HKLM-x32\...\{C43E5DBC-6F22-47D8-8DF3-29295FEC0AE7}_is1) (Version: 1.3.2 - CodeDead) Microsoft Office XP Professional avec FrontPage (HKLM-x32\...\{9028040C-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3889166263-466318981-1515235395-1000\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Module de compatibilité pour Microsoft Office System 2007 (HKLM-x32\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Mozilla Firefox 72.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 72.0.1 (x64 fr)) (Version: 72.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla) Mozilla Thunderbird 68.4.1 (x64 fr) (HKLM\...\Mozilla Thunderbird 68.4.1 (x64 fr)) (Version: 68.4.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NordVPN (HKLM-x32\...\{E3DED72F-A99E-478A-8469-987E04377D8F}) (Version: 6.26.8 - NordVPN) Hidden NordVPN (HKLM-x32\...\NordVPN 6.26.8) (Version: 6.26.8 - NordVPN) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com) OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation) ownCloud (HKLM-x32\...\{86B6BD46-23B1-4EFA-8648-20F1213244C5}) (Version: 2.6.0.12644 - ownCloud GmbH) Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security) PlayChess (HKLM\...\PlayChess) (Version: - ChessBase GmbH) PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - ) PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group) PostgreSQL 9.2 (HKLM\...\PostgreSQL 9.2) (Version: 9.2 - PostgreSQL Global Development Group) PS_AIO_03_C4400_Software_Min (HKLM-x32\...\{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden RarmaRadio 2.71.6 (HKLM-x32\...\RarmaRadio_is1) (Version: - RaimerSoft) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.) Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.) Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden Skype version 8.53 (HKLM-x32\...\Skype_is1) (Version: 8.53 - Skype Technologies S.A.) SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.1.3937 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.) UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F94A5095-E4DD-4ED8-AB0B-BFAC62176F8C}) (Version: 2.49.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN) VT Hash Check 1.60 (HKLM-x32\...\{1E579B65-503B-4184-B481-5138124BEE1D}_is1) (Version: 1.60 - Boredom Software) Waterfox Classic 56.3 (x64 en-US) (HKLM\...\Waterfox Classic 56.3 (x64 en-US)) (Version: 56.3 - Waterfox Ltd) WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital) WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden Winamax (HKLM-x32\...\Winamax 3.10.0) (Version: 3.10.0 - Winamax) Winamax (HKLM-x32\...\Winamax 3.6.2) (Version: 3.6.2 - Winamax) Winamax (HKLM-x32\...\Winamax 3.6.3) (Version: 3.6.3 - Winamax) Winamax (HKLM-x32\...\Winamax 3.7.0) (Version: 3.7.0 - Winamax) Winamax (HKLM-x32\...\Winamax 3.8.0) (Version: 3.8.0 - Winamax) Winamax (HKLM-x32\...\Winamax 3.9.0) (Version: 3.9.0 - Winamax) Winamax (HKLM-x32\...\Winamax 4.2.0) (Version: 4.2.0 - Winamax) Winamax (HKLM-x32\...\Winamax 4.2.3) (Version: 4.2.3 - Winamax) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) Packages: ========= Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.7.0_x86__kgqvnymyfvs32 [2020-01-08] (king.com) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-17] (Microsoft Corporation) Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_4.18.11.0_x86__q7m17pa7q8kj0 [2019-12-31] (Deezer SA) Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.6.0.10_x86__h6adky7gbf63m [2019-12-31] (Gameloft.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2019-12-31] (Spotify AB) [Startup Task] Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-11] (Twitter Inc.) WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2018-03-07] (Microsoft Corporation) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-11-08] (ownCloud GmbH) [Fichier non signé] ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-11-08] (ownCloud GmbH) [Fichier non signé] ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-11-08] (ownCloud GmbH) [Fichier non signé] ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-11-08] (ownCloud GmbH) [Fichier non signé] ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-11-08] (ownCloud GmbH) [Fichier non signé] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\ownCloud\shellext_x64\OCContextMenu.dll [2019-11-08] (ownCloud GmbH) [Fichier non signé] ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-11-16] (Advanced Micro Devices, Inc.) [Fichier non signé] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\Alexandre\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Mes sites Web sur MSN\target.lnk -> hxxp://fr.msnusers.co ShortcutWithArgument: C:\Users\Alexandre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Apps\Logitech Support + Download.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=dcjkdjdjemgngabaklecjjofdlhglodc ShortcutWithArgument: C:\Users\Alexandre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Alexandre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Modules chargés (Avec liste blanche) ============= 2019-10-16 05:32 - 2019-10-16 05:32 - 000262656 _____ () [Fichier non signé] C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll 2012-11-16 16:04 - 2012-11-16 16:04 - 000837632 _____ (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll 2012-11-16 16:04 - 2012-11-16 16:04 - 000004608 _____ (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamfra.dll 2009-09-20 10:01 - 2009-09-20 10:01 - 000538112 _____ (Hewlett-Packard Co.) [Fichier non signé] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll 2009-09-20 10:01 - 2009-09-20 10:01 - 000032768 _____ (Hewlett-Packard Co.) [Fichier non signé] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc 2009-09-20 10:01 - 2009-09-20 10:01 - 000274432 _____ (Hewlett-Packard Co.) [Fichier non signé] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll 2009-05-21 20:21 - 2009-05-21 20:21 - 000248832 _____ (Hewlett-Packard Co.) [Fichier non signé] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll 2009-09-20 12:24 - 2009-09-20 12:24 - 000213504 _____ (Hewlett-Packard Co.) [Fichier non signé] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll 2009-09-20 12:24 - 2009-09-20 12:24 - 000133120 _____ (Hewlett-Packard Co.) [Fichier non signé] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll 2009-09-20 12:24 - 2009-09-20 12:24 - 000049664 _____ (Hewlett-Packard Co.) [Fichier non signé] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll 2009-05-21 20:05 - 2009-05-21 20:05 - 000326144 _____ (Hewlett-Packard Co.) [Fichier non signé] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll 2009-09-20 12:36 - 2009-09-20 12:36 - 000150528 _____ (Hewlett-Packard Co.) [Fichier non signé] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll 2009-09-20 12:36 - 2009-09-20 12:36 - 000048128 _____ (Hewlett-Packard Co.) [Fichier non signé] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc 2009-09-20 12:36 - 2009-09-20 12:36 - 000205824 _____ (Hewlett-Packard Co.) [Fichier non signé] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll 2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [Fichier non signé] c:\windows\system32\hpzinw12.dll 2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [Fichier non signé] c:\windows\system32\hpzipm12.dll 2009-06-16 08:58 - 2009-06-16 08:58 - 000028672 _____ (Memeo) [Fichier non signé] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll 2009-07-11 22:14 - 2009-07-11 22:14 - 001655296 _____ (Microsoft Corporation) [Fichier non signé] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL 2019-11-08 05:54 - 2019-11-08 05:54 - 001097728 _____ (ownCloud GmbH) [Fichier non signé] C:\Program Files (x86)\ownCloud\shellext_x64\OCContextMenu.dll 2019-11-08 05:54 - 2019-11-08 05:54 - 001804800 _____ (ownCloud GmbH) [Fichier non signé] C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\WINDOWS\system32\LdaCx2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\LogiLDA.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTNUninst64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rt64win7.sys:$CmdTcID [64] ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer sites de confiance/sensibles ========== ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2009-07-14 03:34 - 2020-01-21 10:16 - 000001306 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3889166263-466318981-1515235395-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk" HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk" HKLM\...\StartupApproved\StartupFolder: => "WDSmartWare.lnk" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "AMD AVT" HKLM\...\StartupApproved\Run32: => "AMD AVT" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "JMB36X IDE Setup" HKU\S-1-5-21-3889166263-466318981-1515235395-1000\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk" HKU\S-1-5-21-3889166263-466318981-1515235395-1000\...\StartupApproved\StartupFolder: => "Feed Notifier.lnk" HKU\S-1-5-21-3889166263-466318981-1515235395-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3889166263-466318981-1515235395-1000\...\StartupApproved\Run: => "f.lux" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{253D740F-171C-4D5B-A367-CDC01EA4692E}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{596C7D0F-41F6-4DB9-B931-B75D5418B615}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6C06A5DA-10E6-4A98-B975-39C0B4100579}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8367BD49-E7CB-4B13-992F-3EB8DB3B1FF2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{CC04F43D-E393-4F3A-90A1-7CC1EBB877B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{611A003A-D418-4433-8453-88CDA988603E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{83449059-1B54-4B32-9E6C-DCB4D55C2CA1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{9D55A939-98CD-4D8A-9F8A-BE804D1248C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{5EDD27CB-9880-47B4-AFB1-08B0CF5561B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BB12745A-0E38-4391-A2E9-26F39D8D1DDC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CFE8C8E3-162C-4A5C-B7DD-A47C4C5838BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D97ADA9E-5EAC-4554-A42E-285839020DC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{10C30CB2-3F9D-4848-98B6-857E26125E46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B3D44152-0CBC-4E71-8FC2-84654E639FDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1F93AC75-AB3D-4DF8-BB4F-B724B765F51F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B6E0B0A7-3E1D-4185-8E50-55D5499BDC55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7CFBA64C-A08B-4BA6-9E36-A6EE6CDF6B91}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2A0E3619-CE45-49AB-9E16-C29C9B4BDAE1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{06BAE83D-325C-461A-9AEF-37BDC5AD1B0E}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation) FirewallRules: [{CA6A8ADD-2127-46F7-AD50-F7A5D7974A95}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation) FirewallRules: [{F2E21462-2A02-4326-BD78-457533752D20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{83D9C2B8-E61A-40AA-9D6A-98FDD765AFBF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C63F5C87-352E-4400-90D7-CC18F70A56BC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E2D9B236-3A8B-42C6-80A1-13738D91F5DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{DE0DB79B-9C80-4C1B-B764-005F85C4C219}] => (Allow) C:\Users\Alexandre\AppData\Local\Ludi\LCCheckers\LCCheckers.exe (Ludi) [Fichier non signé] FirewallRules: [{3DA76279-042D-4933-8540-842639A72D92}] => (Allow) C:\Users\Alexandre\AppData\Local\Ludi\LCCheckers\LCCheckers.exe (Ludi) [Fichier non signé] FirewallRules: [{91C461F6-1100-493B-B014-0783F766F129}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [{A9C45E85-2A1D-44DA-8C2A-8C0CD49FEF6C}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [{E9CB346E-3560-43B2-8516-F55100A08307}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{25579234-2733-429F-90DA-815812E33296}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{CDFC5A1C-9D95-4F81-AAEA-868F4305982B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [Fichier non signé] FirewallRules: [{664E03BA-EC88-430F-9AF0-7DE18892B9FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [Fichier non signé] FirewallRules: [{E706CD4A-58DB-49FD-B470-ABC3BDEDC2A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [Fichier non signé] FirewallRules: [{4951D554-E589-45EE-88D3-ED86922B250B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [Fichier non signé] FirewallRules: [{C42E49C2-0028-4A97-8633-67A375FB9BE9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [Fichier non signé] FirewallRules: [{DFD4C812-C527-41E1-B7C4-17ADE23D46FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [Fichier non signé] FirewallRules: [{6F579551-5F9E-4E0C-8624-ABB6235A59B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [Fichier non signé] FirewallRules: [{435C2801-BCCA-4A08-99C8-22A40D1BF531}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [Fichier non signé] FirewallRules: [{CB3B5A36-D1DC-4AC9-B67B-003448E5D513}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [Fichier non signé] FirewallRules: [TCP Query User{E41360CD-96CA-4DA1-B61D-07A0FAC8A125}C:\program files (x86)\lokasoft\chesspartner6.0\timeseal\timestamp.exe] => (Allow) C:\program files (x86)\lokasoft\chesspartner6.0\timeseal\timestamp.exe () [Fichier non signé] FirewallRules: [UDP Query User{D7B2428B-4828-47BE-BB05-F9948DD08A28}C:\program files (x86)\lokasoft\chesspartner6.0\timeseal\timestamp.exe] => (Allow) C:\program files (x86)\lokasoft\chesspartner6.0\timeseal\timestamp.exe () [Fichier non signé] FirewallRules: [{FC2A866A-A67B-4332-964E-157281DD2855}] => (Block) C:\program files (x86)\lokasoft\chesspartner6.0\timeseal\timestamp.exe () [Fichier non signé] FirewallRules: [{9F927104-AC90-4C70-97E2-E57463357A5B}] => (Block) C:\program files (x86)\lokasoft\chesspartner6.0\timeseal\timestamp.exe () [Fichier non signé] FirewallRules: [TCP Query User{1CAB8628-BAD7-42E0-A4D6-94F2FE68D55E}F:\chess\timestamp.exe] => (Allow) F:\chess\timestamp.exe () [Fichier non signé] FirewallRules: [UDP Query User{27D95E6F-EE7E-49D8-9266-4084819212B4}F:\chess\timestamp.exe] => (Allow) F:\chess\timestamp.exe () [Fichier non signé] FirewallRules: [{0F2534F0-9171-4BEF-9249-91DE28BABC4B}] => (Block) F:\chess\timestamp.exe () [Fichier non signé] FirewallRules: [{37D79B8C-8079-4D17-9DC4-C61897527DB2}] => (Block) F:\chess\timestamp.exe () [Fichier non signé] FirewallRules: [TCP Query User{EE41B35F-B63A-4A21-A369-9A818243B087}C:\program files (x86)\arena\timestamp.exe] => (Allow) C:\program files (x86)\arena\timestamp.exe () [Fichier non signé] FirewallRules: [UDP Query User{6D3DC68E-361A-4166-8BF9-F2DEC8C59DC2}C:\program files (x86)\arena\timestamp.exe] => (Allow) C:\program files (x86)\arena\timestamp.exe () [Fichier non signé] FirewallRules: [{142C8470-C4C1-453E-8042-A28932762ACE}] => (Block) C:\program files (x86)\arena\timestamp.exe () [Fichier non signé] FirewallRules: [{2BA39F5E-09F3-4263-BA3E-799425FC299F}] => (Block) C:\program files (x86)\arena\timestamp.exe () [Fichier non signé] FirewallRules: [TCP Query User{0E31BBAD-A311-48EA-8DA4-DB9CEAB9EB23}F:\chess\timeseal.exe] => (Allow) F:\chess\timeseal.exe () [Fichier non signé] FirewallRules: [UDP Query User{BCBA8A0F-2714-4052-A739-0D035D834734}F:\chess\timeseal.exe] => (Allow) F:\chess\timeseal.exe () [Fichier non signé] FirewallRules: [{A225510B-F721-4B26-9E55-018B2911F5EB}] => (Block) F:\chess\timeseal.exe () [Fichier non signé] FirewallRules: [{1FD01FD2-89BA-4A35-ACFB-0A5C56C15F75}] => (Block) F:\chess\timeseal.exe () [Fichier non signé] FirewallRules: [{21E7BB8A-493D-4047-874A-9E48846483D5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{08E6358E-A53B-4694-B782-D1218614B0F6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [TCP Query User{3296A2C9-EC10-4702-873D-CAE8DC734BF4}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{111E2BC4-53EE-4EA5-900B-9E282C6BAB3C}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{18FBD1CB-CE05-4F57-BA85-9BFB21254797}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{182853CA-3417-41DE-A07F-0E64A9D9E5CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{062664AC-1027-46BE-91C8-3267B522EA33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C20FBFBE-855E-48C1-8450-63FF9D57BB55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E3FBF191-1BC0-4424-869A-B195725EE5B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C8262325-8EAC-43A5-8304-2F779EE3B70B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{AC3F06AF-5F81-41E8-9C7B-9CDE3540E001}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F4799B0A-3578-479A-964C-06304B3EF452}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Points de restauration ========================= 19-01-2020 01:14:01 Windows Update ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (01/21/2020 10:17:24 AM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Échec de la configuration d'accès distant avec l'exception 'System.Reflection.TargetInvocationException: Une exception a été levée par la cible d'un appel. ---> System.Security.Principal.IdentityNotMappedException: Impossible de traduire certaines ou toutes les références d'identité. à System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) à System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) à System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Fin de la trace de la pile d'exception interne --- à System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) à System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) à System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) à System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) à System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) à System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'. à System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) à System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) à RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (01/21/2020 10:16:27 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL ». Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (01/21/2020 12:55:42 AM) (Source: COM) (EventID: 10035) (User: ) Description: Le marshaleur standard COM n'est pas parvenu à corriger la différence entre l'IID {618736E0-3C3D-11CF-810C-00AA00389B71} fourni par le serveur et l'IID {00020400-0000-0000-C000-000000000046} demandé par le client, avec le gestionnaire CLSID {00001000-0000-0000-0000-000000000902}. Le code d'erreur était 0x80010114. Error: (01/21/2020 12:55:42 AM) (Source: COM) (EventID: 10035) (User: ) Description: Le marshaleur standard COM n'est pas parvenu à corriger la différence entre l'IID {618736E0-3C3D-11CF-810C-00AA00389B71} fourni par le serveur et l'IID {00020400-0000-0000-C000-000000000046} demandé par le client, avec le gestionnaire CLSID {76F2232C-BAD3-75FE-0200-000080A67C00}. Le code d'erreur était 0x80010114. Error: (01/19/2020 02:25:56 AM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Échec de la configuration d'accès distant avec l'exception 'System.Reflection.TargetInvocationException: Une exception a été levée par la cible d'un appel. ---> System.Security.Principal.IdentityNotMappedException: Impossible de traduire certaines ou toutes les références d'identité. à System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) à System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) à System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Fin de la trace de la pile d'exception interne --- à System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) à System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) à System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) à System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) à System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) à System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'. à System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) à System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) à RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (01/19/2020 02:25:34 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL ». Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (01/19/2020 02:24:30 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Error: (01/19/2020 02:24:30 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] Erreurs système: ============= Error: (01/21/2020 10:23:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service TeamViewer s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 2000 millisecondes : Redémarrer le service. Error: (01/21/2020 10:16:27 AM) (Source: SNMP) (EventID: 1500) (User: ) Description: Le service SNMP a rencontré une erreur lors de l’accès à la clé de Registre SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (01/21/2020 10:16:01 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 09:44:36 le ‎21/‎01/‎2020 n’était pas prévu. Error: (01/21/2020 01:23:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80073d02 : 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic. Error: (01/19/2020 02:25:34 AM) (Source: SNMP) (EventID: 1500) (User: ) Description: Le service SNMP a rencontré une erreur lors de l’accès à la clé de Registre SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (01/19/2020 02:24:03 AM) (Source: DCOM) (EventID: 10010) (User: Fuck) Description: Le serveur Microsoft.WindowsStore_12001.1001.1.0_x64__8wekyb3d8bbwe!App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/19/2020 02:24:03 AM) (Source: DCOM) (EventID: 10010) (User: Fuck) Description: Le serveur microsoft.windowscommunicationsapps_16005.12228.20410.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/19/2020 02:24:03 AM) (Source: DCOM) (EventID: 10010) (User: Fuck) Description: Le serveur Microsoft.OneConnect_5.1911.3171.0_x64__8wekyb3d8bbwe!App.AppXe8pdgw5syxe8pgccbk3mcn5hanwamr0e.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Windows Defender: =================================== Date: 2020-01-20 21:18:58.180 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {DC2E500D-FF5F-44EA-BA03-BB5FAA1B2A85} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-01-20 20:11:35.186 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {582C4742-225A-401C-A748-076B11ADCA8B} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-01-20 19:20:16.216 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {3B2A1CD5-C46E-43A5-97D6-73C6E2871711} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-01-20 19:10:54.019 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {43049369-B61D-4046-8900-4B37493CA67C} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-01-20 18:59:29.879 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {43F94D72-BCEA-406E-8FE0-568401F1229F} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 0702 02/11/2011 Carte mère: ASUSTeK Computer INC. P8P67-M Processeur: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz Pourcentage de mémoire utilisée: 35% Mémoire physique - RAM - totale: 8173.41 MB Mémoire physique - RAM - disponible: 5271.46 MB Mémoire virtuelle totale: 10093.41 MB Mémoire virtuelle disponible: 7318.61 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:145.62 GB) (Free:56.93 GB) NTFS Drive f: (Disque local) (Fixed) (Total:784.93 GB) (Free:214.77 GB) NTFS \\?\Volume{e54e0a5c-9357-11e4-aaf9-806e6f6e6963}\ (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{4a79abce-0000-0000-0000-b06d24000000}\ () (Fixed) (Total:0.87 GB) (Free:0.42 GB) NTFS ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4A79ABCE) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=145.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=890 MB) - (Type=27) Partition 4: (Not Active) - (Size=784.9 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================