Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20-04-2020 Exécuté par Jacques (22-04-2020 16:26:43) Exécuté depuis C:\Users\Jacques\.config\Desktop\Downloads Windows 10 Pro Version 1909 18363.778 (X64) (2019-10-14 15:44:05) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-1111560133-920679801-2475410666-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1111560133-920679801-2475410666-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1111560133-920679801-2475410666-1002 - Limited - Enabled) Invité (S-1-5-21-1111560133-920679801-2475410666-501 - Limited - Disabled) Jacques (S-1-5-21-1111560133-920679801-2475410666-1000 - Administrator - Enabled) => C:\Users\Jacques WDAGUtilityAccount (S-1-5-21-1111560133-920679801-2475410666-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\uTorrent) (Version: 3.5.5.45231 - BitTorrent Inc.) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe) AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Antidote 9 (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB6}) (Version: 9.04.3427 - Druide informatique inc.) Apple Application Support (64 bits) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform) Cybereason RansomFree 2.4.2.0 (HKLM-x32\...\{2A15E1FB-A1F5-4F11-B033-D8DB1E37C1E9}) (Version: 2.4.2.0 - Cybereason Inc.) CyberGhost 7 (HKLM\...\CyberGhost 7) (Version: 7.3.8.4951 - CyberGhost S.A.) doPDF (HKLM\...\{F64C7477-8040-4993-9554-EC22AE7FA2C0}) (Version: 8.9.951 - Softland) Hidden Dup Detector (HKLM-x32\...\DupDetector) (Version: - ) eMule (HKLM-x32\...\eMule) (Version: - ) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Folder Marker Free (HKLM\...\Folder Marker Free_is1) (Version: 4.3 - ArcticLine Software) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC) Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden HP Deskjet 2050 J510 series Aide (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard) HP Support Solutions Framework (HKLM-x32\...\{446AA6E0-104D-40FB-A18A-A3431AED2F14}) (Version: 12.12.32.3 - HP Inc.) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2.1 - IObit) IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan) iTunes (HKLM\...\{A4D80761-AAC2-4DD7-A695-1ABE5196C5A5}) (Version: 12.8.0.150 - Apple Inc.) Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LockHunter 3.2, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd) Logiciel de base du périphérique HP Deskjet 2050 J510 series (HKLM\...\{B7F83103-C83C-4081-B9B7-50FC6A6F929E}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) Manager (HKLM-x32\...\{2D00EBC4-DD22-4F5B-9BA1-F98ED2C6FCF2}) (Version: 5.0.15.31893 - 2017 pdfforge GmbH. All rights reserved) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{b3c7f59f-dc40-4be9-829c-77dd292978ea}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{4549ceb8-695a-42eb-a183-4820d542a15f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) MonPoids (HKLM-x32\...\{866037A8-60F8-4B26-9904-6EBEF8C7CF1C}) (Version: 2.0 - MLSofts) Mozilla Firefox 75.0 (x64 fr) (HKLM\...\Mozilla Firefox 75.0 (x64 fr)) (Version: 75.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{9F60F614-829C-4DE0-8671-C977529A0CAE}) (Version: 8.9.951 - Softland) novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{D175C46B-DDC1-49B2-95C4-93825A97E718}) (Version: 8.9.951 - Softland) novaPDF 8 Printer Driver (HKLM\...\{C5275556-5365-45C5-9586-1F6D56CD4BB4}) (Version: 8.9.951 - Softland) Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.1.1 - Duodian Technology Co. Ltd.) NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA Pilote graphique 440.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 440.97 - NVIDIA Corporation) OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation) Paint XP version 1.1 (HKLM-x32\...\{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1) (Version: 1.1 - MSPAINTXP.COM) Panneau de configuration NVIDIA 440.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 440.97 - NVIDIA Corporation) Hidden PaperScan 3 Free Edition (HKLM-x32\...\{E95A81E1-D6DC-4DD1-8B74-4E5CA71512BB}) (Version: 3.0.52 - ORPALIS) PowerpointImageExtractor (HKLM-x32\...\PowerpointImageExtractor_is1) (Version: V 1.2b (hxxp://alainlecomte.free.fr/Download.htm) - ) Pretty Good Solitaire version 15.20.1 (HKLM-x32\...\Pretty Good Solitaire_is1) (Version: 15.20.1 - Goodsol Development Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.) Remnant From The Ashes (HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\Remnant From The Ashes) (Version: - HOODLUM) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Scd2 (HKLM-x32\...\ST5UNST #1) (Version: - ) SlimCleaner (HKLM-x32\...\{588EF616-BA04-4023-B4DE-F8B3EB5F472F}) (Version: 4.1.0 - ) Hidden Sniper Ghost Warrior Contracts (HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\Sniper Ghost Warrior Contracts) (Version: - HOODLUM) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.) Spybot Identity Monitor (HKLM-x32\...\{DEE2C8BC-083E-48D8-A934-7B547D87E85C}_is1) (Version: 3.3 - Safer-Networking Ltd.) STASIS (HKLM-x32\...\1439548178_is1) (Version: 1.09.1 - GOG.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stela (HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\Stela) (Version: - HOODLUM) Stellarium 0.18.2 (HKLM\...\Stellarium_is1) (Version: 0.18.2 - Stellarium team) SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Terminator Resistance (HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\Terminator Resistance) (Version: - HOODLUM) The Story of Henry Bishop (HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\The Story of Henry Bishop) (Version: - HOODLUM) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) WhatsApp (HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\WhatsApp) (Version: 0.4.1302 - WhatsApp) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.60 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) XnView 2.43 (HKLM-x32\...\XnView_is1) (Version: 2.43 - Gougelet Pierre-e) Yahoo! Powered (HKLM-x32\...\{E1410981-B1C1-D801-0041-A881D0C17B01}) (Version: - ) <==== ATTENTION Packages: ========= Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-15] (Microsoft Corporation) Diagnostic Data Viewer -> C:\Program Files\WindowsApps\Microsoft.DiagnosticDataViewer_3.1904.10632.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-14] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-14] (Microsoft Corporation) [MS Ad] Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_1.9.1911.0_x86__8wekyb3d8bbwe [2019-12-19] (Microsoft Studios) [MS Ad] Monsoons -> C:\Program Files\WindowsApps\Microsoft.Monsoons_1.0.0.0_neutral__8wekyb3d8bbwe [2020-04-08] (Microsoft Corporation) National Geographic Safari PREMIUM -> C:\Program Files\WindowsApps\Microsoft.NationalGeographicSafariPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-04-13] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-11] (Netflix, Inc.) Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.160.0_x64__jb41c8remg0x2 [2020-03-14] (Polarr) Sketchable -> C:\Program Files\WindowsApps\SiliconBendersLLC.Sketchable_5.0.19.0_x64__r2kxzpx527qgj [2020-04-03] (Silicon Benders LLC) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.930.0_x64__cv1g1gvanyjgm [2020-02-22] (WhatsApp Inc.) WinZip Microsoft Store Edition -> C:\Program Files\WindowsApps\WinZipComputing.WinZipDesktopSubscription_24.0.14091.0_x64__3ykzqggjzj4z0 [2020-04-07] (WinZip Computing) [Startup Task] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\ChromeHTML: -> <==== ATTENTION CustomCLSID: HKU\S-1-5-21-1111560133-920679801-2475410666-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1111560133-920679801-2475410666-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1111560133-920679801-2475410666-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1111560133-920679801-2475410666-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1111560133-920679801-2475410666-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1111560133-920679801-2475410666-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1111560133-920679801-2475410666-1000_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-1111560133-920679801-2475410666-1000_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-1111560133-920679801-2475410666-1000_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [Fichier non signé] ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier ContextMenuHandlers1: [LockHunterShellExt] -> [CC]{0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => -> Pas de fichier ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> Pas de fichier ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers1: [SlimShellExt] -> {5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF} => -> Pas de fichier ContextMenuHandlers1: [UnLockerMenu] -> [CC]{410BF280-86EF-4E0F-8279-EC5848546AD3} => -> Pas de fichier ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Pas de fichier ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier ContextMenuHandlers2: [LockHunterShellExt] -> [CC]{0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => -> Pas de fichier ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers3: [SlimShellExt] -> {5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF} => -> Pas de fichier ContextMenuHandlers4: [LockHunterShellExt] -> [CC]{0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => -> Pas de fichier ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers4: [MSSE] -> [CC]{0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Pas de fichier ContextMenuHandlers4: [SlimShellExt] -> {5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF} => -> Pas de fichier ContextMenuHandlers4: [UnLockerMenu] -> [CC]{410BF280-86EF-4E0F-8279-EC5848546AD3} => -> Pas de fichier ContextMenuHandlers4: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> Pas de fichier ContextMenuHandlers4: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Pas de fichier ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Pas de fichier ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Pas de fichier ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-17] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [FMMenuExt] -> {47C91696-894C-46A1-B196-2C7CA1952F45} => C:\Program Files (x86)\Folder Marker\ShellExt64.dll [2017-04-26] (ArcticLine Software -> ArcticLine Software) ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [9216 2019-03-19] (Microsoft Windows -> Microsoft Corporation) ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\Jacques\AppData\Local\Google\Chrome\User Data Default\Lanceur d'applications Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list ShortcutWithArgument: C:\Users\Jacques\AppData\Local\Google\Chrome\User Data Default\Default\Web Applications\_crx_pjkljhegncpnkpknbcohdijeoejaedia\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia ShortcutWithArgument: C:\Users\Jacques\AppData\Local\Google\Chrome\User Data Default\Default\Web Applications\_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo ShortcutWithArgument: C:\Users\Jacques\.config\Desktop\Correcteur i.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=goidmlcekbencdciekigbbdaiilpdkli ShortcutWithArgument: C:\Users\Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Correcteur instantané de fautes d'orthographe et de grammaire – Spellboy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=goidmlcekbencdciekigbbdaiilpdkli ShortcutWithArgument: C:\Users\Jacques\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Modules chargés (Avec liste blanche) ============= 2016-12-03 17:36 - 2020-04-20 07:11 - 000030720 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2016-12-10 11:18 - 2016-12-10 11:18 - 000115200 _____ (pdfforge GmbH) [Fichier non signé] C:\WINDOWS\System32\pdfcmon.dll 2017-08-16 14:15 - 2017-08-16 14:15 - 000018944 _____ (Softland) [Fichier non signé] C:\WINDOWS\System32\novamn8.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData\TEMP:A8ADEA55 [122] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [225] ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer sites de confiance/sensibles ========== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Il y a 7943 plus de sites. IE trusted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\localhost -> localhost IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\123simsen.com -> www.123simsen.com Il y a 7947 plus de sites. ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2009-07-14 04:34 - 2020-04-20 08:26 - 000454201 ____R C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 109.94.209.70 fitgirlrepacks.co 109.94.209.70 fitgirl-repacks.cc 109.94.209.70 fitgirl-repack.com 109.94.209.70 www.fitgirlrepacks.co 109.94.209.70 www.fitgirl-repacks.cc 109.94.209.70 www.fitgirl-repack.com 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com Il y a 15617 plus de lignes. ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\Calibre2;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\ HKU\S-1-5-21-1111560133-920679801-2475410666-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jacques\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 - 10.101.0.243 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: NovaPdfServer => 2 MSCONFIG\Services: PDF Architect 4 => 3 MSCONFIG\Services: PDF Architect 4 CrashHandler => 3 MSCONFIG\Services: PDF Architect 4 Creator => 2 MSCONFIG\Services: PDF Architect 4 Manager => 2 MSCONFIG\Services: PDF Architect 5 Manager => 2 MSCONFIG\startupfolder: C:^Users^Jacques^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Alertes de surveillance de l'encre - HP Deskjet 2050 J510 series.lnk => C:\Windows\pss\Alertes de surveillance de l'encre - HP Deskjet 2050 J510 series.lnk.Startup MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start MSCONFIG\startupreg: BitTorrent => "C:\Users\Jacques\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Chromium => "c:\users\jacques\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\KeepVid\KeepVid Pro\DelayPluginI.exe MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe -update plugin MSCONFIG\startupreg: Freenet => "C:\Users\Jacques\AppData\Local\Freenet\FreenetTray.exe" MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Nouveau dossier\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe" HKLM\...\StartupApproved\Run: => "AgentAntidote64" HKLM\...\StartupApproved\Run: => "AgentAntidote32" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "AgentAntidote32" HKLM\...\StartupApproved\Run32: => "SDTray" HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\StartupApproved\Run: => "Spybot-S&D Cleaning" HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-1111560133-920679801-2475410666-1000\...\StartupApproved\Run: => "Steam" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{E4B9378E-84BF-4D1B-94BC-723CBA08ADCF}] => (Allow) C:\Program Files (x86)\Steam\Nouveau dossier\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{8774E189-C0E9-4CF7-BC97-C06E50FDFA1E}] => (Allow) C:\Program Files (x86)\Steam\Nouveau dossier\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{7F33861E-535B-4607-A6F2-6C74BAA496F7}] => (Allow) C:\Program Files (x86)\Steam\Nouveau dossier\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{566E443B-2619-42F0-B064-949BA12BF92B}] => (Allow) C:\Program Files (x86)\Steam\Nouveau dossier\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{0A8E78B2-2165-4C1E-90F3-EB857581AA0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{61689AB8-B645-493E-8D0F-658DB1742821}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{327862BA-561F-4047-B1D2-9FA0C71DDF35}E:\jeux\tom clancy's ghost recon - wildlands\grw.exe] => (Allow) E:\jeux\tom clancy's ghost recon - wildlands\grw.exe (Blue Byte GmbH -> ) FirewallRules: [UDP Query User{CA37E1E6-AC63-408A-B8EE-827C2C806FD3}E:\jeux\tom clancy's ghost recon - wildlands\grw.exe] => (Allow) E:\jeux\tom clancy's ghost recon - wildlands\grw.exe (Blue Byte GmbH -> ) FirewallRules: [TCP Query User{5A3CF91D-60BB-4001-AFBF-D67496D12C8C}E:\jeux\subnautica.zero\subnauticazero\subnauticazero.exe] => (Allow) E:\jeux\subnautica.zero\subnauticazero\subnauticazero.exe () [Fichier non signé] FirewallRules: [UDP Query User{A3D37FDC-B358-40C0-B3A6-567B9D9412B7}E:\jeux\subnautica.zero\subnauticazero\subnauticazero.exe] => (Allow) E:\jeux\subnautica.zero\subnauticazero\subnauticazero.exe () [Fichier non signé] FirewallRules: [TCP Query User{60012925-9C94-4CAE-AA2F-72FAAA51286D}C:\users\jacques\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\jacques\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{410BAACF-6D11-4F78-B9B6-E9FFA319763D}C:\users\jacques\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\jacques\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{57A6CB49-A6CA-40FA-B13F-67C7B61494FB}E:\jeux\the cursed forest\bin\win_x64\tcf.exe] => (Allow) E:\jeux\the cursed forest\bin\win_x64\tcf.exe (Crytek GmbH) [Fichier non signé] FirewallRules: [UDP Query User{625DF114-F94A-4EF2-A1E5-A5C4265D242C}E:\jeux\the cursed forest\bin\win_x64\tcf.exe] => (Allow) E:\jeux\the cursed forest\bin\win_x64\tcf.exe (Crytek GmbH) [Fichier non signé] FirewallRules: [TCP Query User{7A907FD8-A835-4072-A15C-2055ED585E60}C:\users\jacques\appdata\roaming\utorrent\updates\3.5.5_45628.exe] => (Allow) C:\users\jacques\appdata\roaming\utorrent\updates\3.5.5_45628.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{C0EBFAAE-57BF-4ACC-8F22-E77AE075BD95}C:\users\jacques\appdata\roaming\utorrent\updates\3.5.5_45628.exe] => (Allow) C:\users\jacques\appdata\roaming\utorrent\updates\3.5.5_45628.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{CDCA5673-8337-41EE-A5B5-C2F1F1032D63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (04/22/2020 02:59:58 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2092,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/22/2020 02:46:11 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9728,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/22/2020 02:40:33 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (8044,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/22/2020 11:11:31 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1960,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/22/2020 09:53:38 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5984,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/22/2020 09:07:49 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1384,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/22/2020 07:36:12 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10420,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/22/2020 07:24:24 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1020,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Erreurs système: ============= Error: (04/21/2020 10:32:54 PM) (Source: DCOM) (EventID: 10010) (User: Jacques-PC) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/21/2020 10:32:54 PM) (Source: DCOM) (EventID: 10010) (User: Jacques-PC) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/21/2020 10:32:54 PM) (Source: DCOM) (EventID: 10010) (User: Jacques-PC) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/21/2020 10:32:54 PM) (Source: DCOM) (EventID: 10010) (User: Jacques-PC) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/21/2020 10:32:54 PM) (Source: DCOM) (EventID: 10010) (User: Jacques-PC) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/21/2020 10:32:54 PM) (Source: DCOM) (EventID: 10010) (User: Jacques-PC) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/21/2020 10:32:53 PM) (Source: DCOM) (EventID: 10010) (User: Jacques-PC) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/21/2020 10:32:53 PM) (Source: DCOM) (EventID: 10010) (User: Jacques-PC) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Windows Defender: =================================== Date: 2020-04-19 19:04:03.500 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=SupportScam:JS/TechBrolo.D&threatid=2147723999&enterprise=0 Nom : SupportScam:JS/TechBrolo.D ID : 2147723999 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_\Device\HarddiskVolumeShadowCopy13\Users\Jacques\AppData\Local\Google\Chrome\User Data Default\Default\Cache\f_0003b4 Origine de la détection : Inconnu Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : AUTORITE NT\Système Nom du processus : C:\Windows\System32\svchost.exe Version de la veille de sécurité : AV: 1.313.1855.0, AS: 1.313.1855.0, NIS: 1.313.1855.0 Version du moteur : AM: 1.1.16900.4, NIS: 1.1.16900.4 Date: 2020-04-19 15:42:41.639 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {57711E0B-27B0-46D7-9922-42964CF81CE2} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-04-19 10:50:35.886 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {2D4C9C1F-FD08-47D2-8495-1D0C490013FD} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-04-19 10:14:37.901 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {0B7002B4-A277-407B-B768-4E8E9ABAB3F4} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-04-19 08:17:06.861 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah!MTB&threatid=2147731129&enterprise=0 Nom : Trojan:Win32/Skeeyah!MTB ID : 2147731129 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_E:\JEUX\ESSAI 2\setup.exe Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : Jacques-PC\Jacques Nom du processus : C:\Windows\explorer.exe Version de la veille de sécurité : AV: 1.313.1855.0, AS: 1.313.1855.0, NIS: 1.313.1855.0 Version du moteur : AM: 1.1.16900.4, NIS: 1.1.16900.4 CodeIntegrity: =================================== Date: 2020-04-21 15:09:27.747 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-21 15:09:27.742 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-21 15:09:27.737 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-21 15:09:27.732 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-21 15:09:27.727 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-17 06:20:31.322 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-17 06:20:31.300 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-17 06:20:31.282 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 0505 05/14/2015 Carte mère: ASUSTeK COMPUTER INC. H81-GAMER Processeur: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Pourcentage de mémoire utilisée: 83% Mémoire physique - RAM - totale: 8132.51 MB Mémoire physique - RAM - disponible: 1317.09 MB Mémoire virtuelle totale: 16324.51 MB Mémoire virtuelle disponible: 5830 MB ==================== Lecteurs ================================ Drive c: (Disque local) (Fixed) (Total:446.48 GB) (Free:249.6 GB) NTFS Drive d: (HELLZAPOPIN) (CDROM) (Total:4.81 GB) (Free:0 GB) UDF Drive e: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:313.3 GB) NTFS Drive f: (Stockage) (Fixed) (Total:931.51 GB) (Free:413.14 GB) NTFS \\?\Volume{c97cb543-b959-11e6-b6d0-806e6f6e6963}\ (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{5841cf57-0000-0000-0000-00a56f000000}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 5841CF57) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=446.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=564 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6369D0AC) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42) ========================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 2BD5329C) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================