Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 24-10-2020 Exécuté par DEVOIT (29-10-2020 10:13:19) Exécuté depuis C:\Users\DEVOIT\Desktop Windows 10 Home Version 2004 19041.572 (X64) (2020-06-12 09:20:33) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-1480822012-3730852323-4279579607-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1480822012-3730852323-4279579607-503 - Limited - Disabled) DEVOIT (S-1-5-21-1480822012-3730852323-4279579607-1001 - Administrator - Enabled) => C:\Users\DEVOIT Gilda (S-1-5-21-1480822012-3730852323-4279579607-1002 - Administrator - Enabled) => C:\Users\Gilda.DESKTOP-G2MP6BN Invité (S-1-5-21-1480822012-3730852323-4279579607-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1480822012-3730852323-4279579607-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 4K Video Downloader 4.11 (HKLM\...\{2DC070EE-D256-4564-BC7C-A78085F22080}) (Version: 4.11.3.3420 - Open Media LLC) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe) ALTools Update (HKLM-x32\...\ALUpdate_is1) (Version: v11.4 - ESTsoft Corp.) ALZip 8.51 (HKLM-x32\...\ALZip_is1) (Version: v8.51 - ESTsoft Corp.) AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Assassin's Creed(R) III v1.02 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.02 - Ubisoft) Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden eMule (HKLM-x32\...\eMule) (Version: - ) ESET NOD32 Antivirus (HKLM\...\{D6885DDE-4632-4640-A3BB-13C9F02CE81C}) (Version: 8.0.312.0 - ESET, spol s r. o.) Express Rip - Extracteur de CD (HKLM-x32\...\ExpressRip) (Version: 3.01 - NCH Software) Free Video Joiner (HKLM-x32\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version: - FreeVideoJoiner.com) Glary Utilities 5.33 (HKLM-x32\...\Glary Utilities 5) (Version: 5.33.0.53 - Glarysoft Ltd) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC) HP Support Assistant (HKLM-x32\...\{33A0B67A-CF04-4F31-B3D0-EEEEDEF7078E}) (Version: 8.8.34.31 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{7688CE6A-FA45-43F5-AA96-5B45B3AE5BC7}) (Version: 12.18.34.21 - HP Inc.) Icecream Ebook Reader version 5.20 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.20 - Icecream Apps) Intel(R) Computing Improvement Program (HKLM\...\{9C2782AC-55D3-4A41-889C-34A51A2CEB67}) (Version: 2.4.05982 - Intel Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.14.0.1 - QFX Software Corporation) Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes) Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.51 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.93 - ) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040C-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Professionnel Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0006 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Modifier PDF V2.3 (HKLM-x32\...\Modifier PDF_is1) (Version: - hxxp://www.ModifierPDF.net) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 81.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 81.0.2 (x64 fr)) (Version: 81.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla) Nero 7 Premium (HKLM-x32\...\{F14B8ECC-BDA0-4987-9201-D7B7DBE11036}) (Version: 7.02.0936 - Nero AG) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery) PhotoFiltre (HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\PhotoFiltre) (Version: - ) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) PL-2303 USB-to-Serial (HKLM-x32\...\{A9111573-EF12-4D80-A5B9-55F620D5BCA1}) (Version: 1.00.000 - Prolific Technology INC) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Revo Uninstaller 2.1.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 - VS Revo Group, Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Unity Web Player (HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\UnityWebPlayer) (Version: 5.2.5f1 - Unity Technologies ApS) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) USB Video/Audio Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - Nom de votre société) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: - ) Wargaming.net Game Center (HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\Wargaming.net Game Center) (Version: 20.6.1.2382 - Wargaming.net) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) World of Tanks EU (HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net) ZikiTranslator 1.5.0a (HKLM-x32\...\ZikiTranslator) (Version: 1.5.0a - Edukate Software) Packages: ========= Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.16.0_x64__pwbj9vvecjh7j [2020-09-08] (Amazon Development Centre (London) Ltd) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-29] (Microsoft Corporation) Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-08-17] (Microsoft Corporation) Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation) Garmin Connect Mobile -> C:\Program Files\WindowsApps\Garmin.GarminConnectMobile_3.24.1.0_x64__xpnz26pswwvpm [2019-04-26] (GARMIN INTERNATIONAL INC) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-26] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-26] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad] Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-06-09] (Adobe Systems Incorporated) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1480822012-3730852323-4279579607-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => Pas de fichier ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier ContextMenuHandlers1: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> Pas de fichier ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Pas de fichier ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2015-01-28] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-03-30] (Glarysoft Ltd -> Glarysoft Ltd) ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => C:\WINDOWS\SysWOW64\ISCM64.dll -> Pas de fichier ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll -> Pas de fichier ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> Pas de fichier ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2015-01-28] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-03-30] (Glarysoft Ltd -> Glarysoft Ltd) ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> ) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Pas de fichier ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier ContextMenuHandlers4: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> Pas de fichier ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll -> Pas de fichier ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> Pas de fichier ContextMenuHandlers6: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> Pas de fichier ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2015-01-28] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-03-30] (Glarysoft Ltd -> Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> ) ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2020-06-12 10:07 - 2020-06-12 10:07 - 008007680 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll 2015-09-24 11:43 - 2005-03-11 23:07 - 000087040 _____ () [Fichier non signé] C:\WINDOWS\System32\pdfcmnnt.dll 2020-08-03 20:23 - 2020-08-03 20:23 - 001918464 _____ (SQLite Development Team) [Fichier non signé] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2015-09-25 22:34 - 2015-09-28 19:08 - 000255488 _____ (Sysprogs OU) [Fichier non signé] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gws_rd=ssl SearchScopes: HKU\S-1-5-21-1480822012-3730852323-4279579607-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1480822012-3730852323-4279579607-1001 -> {2B79126B-542F-4795-9A07-B5DB47DFAB92} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\garmin.com -> hxxp://my.garmin.com IE trusted site: HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\localhost -> localhost ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\Control Panel\Desktop\\Wallpaper -> K:\Ancien PC DD-D\LOGICIELS\fond ecran\Vache_highland.JPG DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "SysTrayApp" HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "atwtusb" HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "PlaysTV" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "ControlCenter3" HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\StartupApproved\Run: => "GarminExpress" HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer" HKU\S-1-5-21-1480822012-3730852323-4279579607-1001\...\StartupApproved\Run: => "F16C5BF248A4469FA3184283F7A4614FAD16F7CD._service_run" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{022B43A2-CD63-4273-B7AE-E8C8CDD18809}C:\games\world_of_tanks\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{86CC9E62-6263-4CB5-A4B1-3FFA1C7157BB}C:\games\world_of_tanks\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{BCDC340D-489B-4C3E-B2C1-18CFA140B739}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{21962576-6C12-4389-82FB-1CF07A23C8C0}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{842B9B3E-5A91-40D6-AA61-C99D3D52419C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{3CAE4009-3BBA-4377-9632-1779236FE8B1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{ABE68ED3-A7E9-491C-A4F7-40D968D49B27}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{01333CEA-A99A-4843-B3DA-5BE7791D7C7A}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{A0F70F12-E609-4BD1-A98F-B8F6690ECBC3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{8D1976DC-DF77-4226-A323-1FC39842E633}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{F6F67A2C-56DA-4811-BD40-E32412E0C9FF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{B495FA5E-172D-49EC-AF02-008AB4A84876}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [UDP Query User{FD882AE0-D57A-4ADE-864C-46C7333BEBDD}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{44675CC8-3DDF-4984-A78D-D08835A7F38F}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{96B696B1-AB52-4C04-A473-19C405C784FD}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe => Pas de fichier FirewallRules: [UDP Query User{0EF2CBBB-D1AC-46C0-9B75-554B61F8F8D3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{8645F9DC-15B4-4882-9990-F1784250812F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E07C8884-C8C1-4E04-94BD-615AB8D92152}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => Pas de fichier FirewallRules: [{91FAB0BA-6659-40F6-A670-31C8C9A92BA6}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => Pas de fichier FirewallRules: [{AFF85BF1-A6FF-4A0B-AE70-7E16B550E4DA}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => Pas de fichier FirewallRules: [{EA72A7C8-9812-4155-B82D-E7EC5F67C506}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => Pas de fichier FirewallRules: [{BF837BFA-DDD4-4E76-B51A-A64AF8795019}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => Pas de fichier FirewallRules: [{5312BA86-2023-4480-B09D-A7339220698A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => Pas de fichier FirewallRules: [{201563A0-57A8-4132-A650-A1478240D68F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => Pas de fichier FirewallRules: [{3BE3B007-6388-44EF-BF12-15C60F984D19}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => Pas de fichier FirewallRules: [{26DE5D32-B7F3-4424-AEEF-40E347C60983}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => Pas de fichier FirewallRules: [{A8CB9E7F-97E0-43F1-80FA-E213680D860C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => Pas de fichier FirewallRules: [{434C7F19-9537-4F73-A20D-ABAC8AC0C4BE}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => Pas de fichier FirewallRules: [{82598CC3-DA1D-41B8-A5C3-F484CD34D2BE}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => Pas de fichier FirewallRules: [{0B31E3B7-B735-449E-AE0D-D2627617ACE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E2EA6175-C736-41E5-B5C7-D74AD9C9DE79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6CA7AFF6-02B4-42E8-9B05-5789E17E3DA0}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net) FirewallRules: [{90392A09-5335-4D5A-B5E1-20C3771F8230}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{EB7B0151-4070-418C-946B-3AC7E09E1C27}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{297D98C2-D3EB-41AC-A40F-92E5875E36A6}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{94D46100-5D7C-4CEC-BD8B-34D5AD6F8C91}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F9988BED-9783-44BF-92FF-80287BD28886}] => (Allow) LPort=2869 FirewallRules: [{BA4F19FB-787E-40C0-ACD4-84C5DC641B54}] => (Allow) LPort=1900 FirewallRules: [{D60684DB-A9B6-423A-AC87-7352A6167930}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net) FirewallRules: [{502743B3-F223-49D1-B29A-C77309F6088B}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{30C754F7-39E6-4E30-9B79-26E258109D2C}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Fichier non signé] FirewallRules: [UDP Query User{0C209E5B-C5EE-4925-81B0-84B4A375E493}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Fichier non signé] FirewallRules: [{ABA70F53-9A0D-462D-BBD7-B0479ABF9294}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => Pas de fichier FirewallRules: [{C1526535-FC79-4DA2-B152-E0C6A9924453}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => Pas de fichier FirewallRules: [{5C245F3C-3025-4409-A281-21014F70F537}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => Pas de fichier FirewallRules: [{5C8BF6E1-15B1-4F8C-B06A-FECEA85713F9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => Pas de fichier FirewallRules: [{3E9BC777-0384-4397-BB87-D18D6C43FB21}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe => Pas de fichier FirewallRules: [{62EBD4D9-9D0C-4199-90EC-4A89A30BD752}] => (Allow) C:\Games\World_of_Warships\WorldofWarships.exe => Pas de fichier FirewallRules: [TCP Query User{6817FE79-8D03-4DCA-BAEF-FDBBB844D38A}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Fichier non signé] FirewallRules: [UDP Query User{862C76EC-C87B-4B1F-99EE-A52F6DA0B781}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Fichier non signé] FirewallRules: [TCP Query User{E749FD5C-A8E3-45C8-ABDE-1F87941D64B1}C:\users\devoit\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\devoit\appdata\local\mycomgames\mycomgames.exe => Pas de fichier FirewallRules: [UDP Query User{18647D25-56C6-48D6-A7D9-B663154318C6}C:\users\devoit\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\devoit\appdata\local\mycomgames\mycomgames.exe => Pas de fichier FirewallRules: [{4AE3CB6E-AA93-4E8C-B7EC-735310284DC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2F88DD98-0ED6-402B-94C5-E968DE1D1033}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{E1577A76-F9A1-48F1-A7D1-14F056935DED}K:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe => Pas de fichier FirewallRules: [UDP Query User{FEF0BFB1-CD53-417A-B175-B5E1B0ABAFD4}K:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe => Pas de fichier FirewallRules: [{A1EC32B1-FCE0-4C1B-B7F6-9608D492B643}] => (Allow) C:\Users\DEVOIT\Desktop\AllShare_2.1.0.12031_10.exe => Pas de fichier FirewallRules: [{14AF7589-D635-4C01-84FA-F9F4CFB975E4}] => (Allow) C:\Users\DEVOIT\Desktop\AllShare_2.1.0.12031_10.exe => Pas de fichier FirewallRules: [{CBD5C1F1-3280-446F-8343-A7EAC3F50AF7}] => (Allow) C:\Users\DEVOIT\Desktop\AllShare_2.1.0.12031_10.exe => Pas de fichier FirewallRules: [{68D8C13C-8B4D-4D4F-B007-4E9B4482A593}] => (Allow) C:\Users\DEVOIT\Desktop\AllShare_2.1.0.12031_10.exe => Pas de fichier FirewallRules: [TCP Query User{9C1894B0-D5D5-46AF-AFC7-25567F2578A4}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe => Pas de fichier FirewallRules: [UDP Query User{BF1F9D84-1BB0-4B3F-8AF0-72B716016CB9}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe => Pas de fichier FirewallRules: [TCP Query User{D28996A8-0896-4C6D-9916-890853C54BAF}C:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{88D7AC5C-221C-4B35-A47B-F6D3958D99EB}C:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{8237C613-CFA6-4AB0-9C21-1E3F6587D4EF}] => (Allow) C:\Program Files\Bitdefender Home Scanner\hvasrv.exe => Pas de fichier FirewallRules: [TCP Query User{988C6F9E-C0F8-48D9-A827-AAF49A599B19}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{89F62474-4C64-4626-A645-5EF296181746}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{C592D40F-1525-49F8-8F96-1E907BBAB4B4}] => (Allow) C:\Program Files (x86)\EZMira\EZMira.exe => Pas de fichier FirewallRules: [{C114762F-DC42-4FC0-A50B-5E5889C35F3A}] => (Allow) C:\Program Files (x86)\EZMira\EZMira.exe => Pas de fichier FirewallRules: [{E8A026B8-201F-4C9F-8253-F5D97F302E8B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1547F7AB-420D-4530-BB4B-1EFC9A595F19}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{514B279A-86F3-4C6A-9EA1-E6779A1FF76C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1A777E51-A205-41F7-BF85-B3CF8D238C51}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{91BDC4A7-B029-4E02-9682-11534E4C4B66}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{9DF16ED2-CAD0-45DF-9DEF-4B00EE8AD0D8}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{A41237C3-1200-40AD-86DE-69F0B9192AB9}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{33213EDE-40DB-4E39-9C1E-48445EA6F840}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{497EBC0F-86BE-4FBA-AEBE-1BE29201573C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Points de restauration ========================= 26-10-2020 21:24:00 Point de contrôle planifié 27-10-2020 17:16:42 Installed HiJackThis 27-10-2020 17:26:35 Removed HiJackThis 27-10-2020 17:27:46 Removed HiJackThis 28-10-2020 18:59:00 ZHPcleaner ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (10/29/2020 10:04:23 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-G2MP6BN) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (10/29/2020 10:03:46 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-G2MP6BN) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (10/29/2020 10:03:43 AM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center n'a pas pu valider l'appelant. Erreur %1. Error: (10/28/2020 07:18:07 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center n'a pas pu valider l'appelant. Erreur %1. Error: (10/28/2020 07:16:55 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-G2MP6BN) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (10/28/2020 07:15:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme YourPhone.exe version 1.20091.83.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 2060 Heure de début : 01d6ad560bd5e06b Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.83.0_x64__8wekyb3d8bbwe\YourPhone.exe ID de rapport : 8d09a7f6-5645-4b6e-b16a-bdf4d56d6fb3 Nom complet du package défectueux : Microsoft.YourPhone_1.20091.83.0_x64__8wekyb3d8bbwe ID de l'application relative à un package défectueux : App Type de blocage : Quiesce Error: (10/28/2020 07:09:30 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Error: (10/28/2020 07:09:30 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] Erreurs système: ============= Error: (10/29/2020 10:03:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service IMF Service s’est terminé de façon inattendue pour la 1ème fois. Error: (10/28/2020 07:17:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Energy Server Service queencreek est en attente de démarrage. Error: (10/28/2020 07:12:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service SystemUsageReportSvc_QUEENCREEK n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (10/28/2020 07:12:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service SystemUsageReportSvc_QUEENCREEK. Error: (10/28/2020 07:08:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service IMF Service s’est terminé de façon inattendue pour la 1ème fois. Error: (10/28/2020 07:08:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Energy Server Service queencreek s’est terminé de façon inattendue pour la 2ème fois. Error: (10/28/2020 07:08:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK s’est terminé de façon inattendue pour la 1ème fois. Error: (10/28/2020 07:08:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Windows Defender: =================================== Date: 2020-10-28 18:50:07.6170000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {2D28B4BD-2C0C-49E6-A29F-299E7954D6A8} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-10-28 11:12:06.5300000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {F5D80099-1C4A-4AC6-AC44-171C47A1B9FE} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-10-26 20:57:08.4750000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {038F9896-D887-49CE-A3C4-2C8113F4A282} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-10-26 15:07:45.6680000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {6898202A-64C7-45B7-936A-95D659AB9577} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-10-23 10:31:04.1560000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {14F6C3B9-E952-494D-BD3D-9838E93BF983} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système CodeIntegrity: =================================== Date: 2020-08-01 18:46:38.2060000Z Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\WindowManagementAPI.dll because the set of per-page image hashes could not be found on the system. Date: 2020-07-26 20:40:27.1260000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\PDFCreator\PDFSpool.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\PDFCreator\PDFCreator.exe that did not meet the Store signing level requirements. Date: 2020-06-23 19:37:23.6260000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll that did not meet the Store signing level requirements. Date: 2020-06-20 21:02:01.6880000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll that did not meet the Store signing level requirements. Date: 2020-06-12 11:56:59.7070000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll that did not meet the Store signing level requirements. ==================== Infos Mémoire =========================== BIOS: AMI 8.11 10/23/2012 Carte mère: PEGATRON CORPORATION 2AD5 Processeur: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz Pourcentage de mémoire utilisée: 42% Mémoire physique - RAM - totale: 8130.12 MB Mémoire physique - RAM - disponible: 4698.07 MB Mémoire virtuelle totale: 16834.12 MB Mémoire virtuelle disponible: 13062.15 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:464.68 GB) (Free:262.27 GB) NTFS Drive k: () (Fixed) (Total:1395.58 GB) (Free:834.73 GB) NTFS \\?\Volume{d10786ca-759d-44b5-aeea-ce8c0ffdb849}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{3b02cf28-549a-4c7b-965e-b244b3957204}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS \\?\Volume{34bd4c62-8215-4962-987e-c5e1b551f3e6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 00014744) Partition: GPT. ========================================================== Disk: 1 (Size: 1397.3 GB) (Disk ID: 3082F7C6) Partition 1: (Not Active) - (Size=1395.6 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================