Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 11-11-2020 Exécuté par Emilien (11-11-2020 19:47:58) Exécuté depuis C:\Users\Emilien\Desktop Windows 10 Home Version 1909 18363.1198 (X64) (2019-12-10 21:26:00) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2271197561-787030956-1827864597-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2271197561-787030956-1827864597-503 - Limited - Disabled) Emilien (S-1-5-21-2271197561-787030956-1827864597-1002 - Administrator - Enabled) => C:\Users\Emilien Invité (S-1-5-21-2271197561-787030956-1827864597-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2271197561-787030956-1827864597-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Pare-feu McAfee (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-2271197561-787030956-1827864597-1002\...\uTorrent) (Version: 3.5.5.45790 - BitTorrent Inc.) Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12.0.1 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated) AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2020.0505.1151.21339 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.) Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software) Belgium e-ID middleware 4.4.27 (build 4277) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A74277}) (Version: 4.4.4277 - Belgian Government) BOILING POINT (HKLM-x32\...\{58AC967F-CE64-4065-AF54-FA66BAF31FE8}) (Version: 1.00.000 - ) Connective Signing Plugins (HKLM-x32\...\{F0440DC9-339E-4B34-827D-E10C7F130DE5}) (Version: 2.0.6.351 - Connective) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.193 - Google LLC) HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.320 - Huawei Technologies Co., Ltd.) HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.) HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.11.0 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.) HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.) HP PC Hardware Diagnostics Windows (HKLM-x32\...\{4A7EC41D-6D26-4174-82CD-FE60D9D2C151}) (Version: 1.4.0.0 - HP Inc) HP Support Solutions Framework (HKLM-x32\...\{1D488BAD-A0A4-42FB-8EB4-E6245A29B113}) (Version: 12.8.37.11 - HP Inc.) HP System Event Utility (HKLM-x32\...\{2282C4AC-ADFD-4CB7-962E-D700F62024E6}) (Version: 1.4.27 - HP Inc.) Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.63 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - ) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation) Mozilla Firefox 82.0.3 (x64 fr) (HKLM\...\Mozilla Firefox 82.0.3 (x64 fr)) (Version: 82.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla) OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Uw bedrijfsnaam) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Pirates of the Caribbean (HKLM-x32\...\{D8CD2C74-A263-4A97-9346-1A39CEC49A05}) (Version: - ) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.83 - REALTEK Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.108 - REALTEK Semiconductor Corp.) S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) VdhCoApp 1.4.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-2271197561-787030956-1827864597-1002\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Packages: ========= HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.464.0_x86__v10z8vjag6ke6 [2019-12-10] (HP Inc.) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.) Solitaire Français -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.20.87.0_x64__kx24dqmazqk8j [2020-09-19] (Random Salad Games LLC) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0 [2020-11-06] (Spotify AB) [Startup Task] Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-21] (Synaptics Incorporated) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2043.22.0_x64__cv1g1gvanyjgm [2020-11-06] (WhatsApp Inc.) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-22] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-22] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-02] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-29] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-05-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-02] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2019-12-04 03:47 - 2019-12-04 03:47 - 000017920 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 003598336 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2020-10-15 13:11 - 2020-10-15 13:11 - 000138240 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\1e99dc3200d7d7a2c2342c2d61b558c7\Interop.IWshRuntimeLibrary.ni.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 001441280 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2020-05-05 10:49 - 2020-05-05 10:49 - 005999104 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 006413824 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 001141760 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 000339968 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 004143104 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 003840000 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 000173568 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 001039872 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 000211456 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 000332800 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 000113152 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 000349184 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 080959488 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 005622272 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 000463360 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 000190464 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2019-12-04 03:47 - 2019-12-04 03:47 - 002825216 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 000053760 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 000059392 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 000017408 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 000289280 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 000330752 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 000137216 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 000090112 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 000304128 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2019-12-04 03:48 - 2019-12-04 03:48 - 000017920 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2020-05-05 10:49 - 2020-05-05 10:49 - 000077824 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-2271197561-787030956-1827864597-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-2271197561-787030956-1827864597-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {52EE3F02-F783-4555-8688-E41E9CEEC2DE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {52EE3F02-F783-4555-8688-E41E9CEEC2DE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2271197561-787030956-1827864597-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Pas de fichier BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Pas de fichier (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-2271197561-787030956-1827864597-1002\...\localhost -> localhost ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-09-29 14:46 - 2020-04-26 15:15 - 000001693 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobe.activate.com 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 209.34.83.73:443 127.0.0.1 209.34.83.73:43 127.0.0.1 209.34.83.73 127.0.0.1 209.34.83.67:443 127.0.0.1 209.34.83.67:43 127.0.0.1 209.34.83.67 127.0.0.1 ood.opsource.net 127.0.0.1 CRL.VERISIGN.NET 127.0.0.1 199.7.52.190:80 127.0.0.1 199.7.52.190 127.0.0.1 adobeereg.com 127.0.0.1 OCSP.SPO1.VERISIGN.COM 127.0.0.1 199.7.54.72:80 127.0.0.1 199.7.54.72 ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2271197561-787030956-1827864597-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Emilien\Pictures\Divers\Fond d'écran\hyosung-bobber-300-moto-urbaanews.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "HPMessageService" HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKU\S-1-5-21-2271197561-787030956-1827864597-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2271197561-787030956-1827864597-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{32DDDE7D-02D1-4649-B0F3-AE726B442048}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B3928037-0E5D-4E38-A2B4-57DB14F6037A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B124F6FA-9E1C-4C79-ADF3-FC598459A5B3}] => (Allow) C:\Users\Emilien\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{26354EF7-384B-4E89-9226-EAFE9547CF61}] => (Allow) C:\Users\Emilien\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{4B432D32-C75B-406D-98E9-80127ED7AB43}] => (Allow) C:\Users\Emilien\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe => Pas de fichier FirewallRules: [{9E17AD73-06E1-4B54-BFD8-D6FDD997B1D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{150C96E5-238C-4096-A3D5-91B68C69C23D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{3A61264D-5EE6-4161-B870-E5EAD2A305E2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier FirewallRules: [{EDCD74B2-4297-4A49-8166-F875EF5E6030}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier FirewallRules: [{B75B6875-6F70-48F3-BA61-D9895A696CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks II Napoleonic Wars\engine.exe (GSC Game World -> GSC Game World) FirewallRules: [{F3A7F54D-A5C3-465C-8759-7C8EE7B4D518}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks II Napoleonic Wars\engine.exe (GSC Game World -> GSC Game World) FirewallRules: [{23C77EFE-DC37-43F4-858C-54942C58DD9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [Fichier non signé] FirewallRules: [{7A0F3FD6-6637-458C-868D-84EF207290A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.) [Fichier non signé] FirewallRules: [{7BF61F93-956F-4F36-A24A-CF91642F8EC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe () [Fichier non signé] FirewallRules: [{7FFEB859-EBB4-4814-9175-B324BBA6257B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\aamfp.exe () [Fichier non signé] FirewallRules: [{DF9F75FE-FB38-43A4-9E79-9796653240EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe () [Fichier non signé] FirewallRules: [{0C160DBC-0BA7-4479-A83E-DF61A7C0041F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Machine for Pigs\Launcher.exe () [Fichier non signé] FirewallRules: [{12018E1E-E16F-4213-881E-FF23C0F1ABFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe () [Fichier non signé] FirewallRules: [{C40C6B52-2CDE-4825-95DA-41E113C62FC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe () [Fichier non signé] FirewallRules: [{77B83E48-9CA4-4F66-967D-94018AA1BB22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe () [Fichier non signé] FirewallRules: [{B838A89B-64BA-48B1-B292-BFF2CAF3E417}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe () [Fichier non signé] FirewallRules: [{1B67D235-68B8-47BE-953C-9F61066A3816}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{CF06A231-FB06-4306-8D59-E79C79ECE83A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{6E629E80-5151-4344-B7D3-350A2C1778E1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{7B1BD668-34A1-4533-AA94-ED5E50FE8CD2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{F4EB71D2-D8A0-417A-9AF2-B3BC4DB5974E}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe () [Fichier non signé] FirewallRules: [{62CE8C0C-D69D-4D5B-8BBB-1568ECB9FBBA}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe () [Fichier non signé] FirewallRules: [{7A544C8A-BCF0-408C-8EEF-35D9566206D3}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe () [Fichier non signé] FirewallRules: [{443E25E6-8E23-441B-9148-0E9AAC5C2C6E}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe () [Fichier non signé] FirewallRules: [TCP Query User{E96739F6-9014-4603-A448-45B2D26E6BDD}C:\users\emilien\documents\partage\return to castle wolfenstein\wolfmp.exe] => (Allow) C:\users\emilien\documents\partage\return to castle wolfenstein\wolfmp.exe () [Fichier non signé] FirewallRules: [UDP Query User{201DEF0C-BF12-47D7-A5EE-77AEA499A67B}C:\users\emilien\documents\partage\return to castle wolfenstein\wolfmp.exe] => (Allow) C:\users\emilien\documents\partage\return to castle wolfenstein\wolfmp.exe () [Fichier non signé] FirewallRules: [{1E7B54C6-D9C4-4FEA-9432-5BF78FF802BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Pas de fichier FirewallRules: [{B80F8E66-986C-4D65-8E30-867F48E81851}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Pas de fichier FirewallRules: [{CA02F6A4-5BF5-420F-B7F5-728BDA251B34}] => (Block) C:\Program Files\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) FirewallRules: [{A28E6FA4-0DA8-4323-9619-43E6D0240880}] => (Block) C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe (Adobe Systems, Inc.) [Fichier non signé] FirewallRules: [TCP Query User{DA375160-2FEF-4367-9650-389991548480}C:\program files (x86)\atari\boiling point\xenus.exe] => (Allow) C:\program files (x86)\atari\boiling point\xenus.exe () [Fichier non signé] FirewallRules: [UDP Query User{BD9743C1-0DEE-4230-8FBC-A081B9E52055}C:\program files (x86)\atari\boiling point\xenus.exe] => (Allow) C:\program files (x86)\atari\boiling point\xenus.exe () [Fichier non signé] FirewallRules: [{9FA4AA25-C51D-4422-B74D-D15403FC5554}] => (Allow) C:\Users\Emilien\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{F4A741E0-3BD6-4B9D-8F6B-2CEADD0DC6CD}] => (Allow) C:\Users\Emilien\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier FirewallRules: [{D29DD4FA-AD9E-4896-804D-1215802AE0A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Fichier non signé] FirewallRules: [{ADF5EA95-718A-4873-8BAC-8D42EF69C110}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Fichier non signé] FirewallRules: [{C23DBA46-A6AD-44F9-8342-8D3D0CF03764}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{87A9413A-D04F-4C95-B737-865AB1341A7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9D6FE81B-A3A8-4E31-8902-30DDBF4C92FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9769C080-CDA3-4128-B975-9CE810FD0650}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A70AD61E-D01B-4580-A71B-4B0E263418BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3CC3BAA7-1B65-4EC3-A8C9-C97E8A804DBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3D636949-1EFF-4084-AD8A-30C8328B2274}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{463C9CCA-F961-4B9F-8FC8-CD459E243F6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B919B73D-834D-4D6F-AA3C-0678BF31B67B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{93FF50E6-9013-4140-818D-FCD9D5577B9E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A90205C1-40D1-477D-B01F-05FA7A4FE26A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F1F43D7E-333E-4578-B9D3-9710211B860E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CAB0C641-73A5-4FE7-B69C-BC40C6575838}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Points de restauration ========================= 22-10-2020 11:47:57 Point de contrôle planifié 10-11-2020 19:11:34 Point de contrôle planifié ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (11/11/2020 02:52:08 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Error: (11/11/2020 02:52:08 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] Error: (11/11/2020 02:29:52 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: AUTORITE NT) Description: La taille de la mémoire tampon obligatoire est supérieure à la taille de la mémoire tampon transmise à la fonction de collecte de la DLL Compteur extensible « C:\Windows\System32\perfts.dll » pour le service « LSM ». La taille de la mémoire tampon donnée était de 19784 et la taille obligatoire était de 28072. Error: (11/11/2020 12:51:51 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme YourPhone.exe version 1.20101.97.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 1284 Heure de début : 01d6b82049aaa7c7 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.97.0_x64__8wekyb3d8bbwe\YourPhone.exe ID de rapport : 17edea42-84cf-44c7-ace2-89846bf63fd7 Nom complet du package défectueux : Microsoft.YourPhone_1.20101.97.0_x64__8wekyb3d8bbwe ID de l'application relative à un package défectueux : App Type de blocage : Quiesce Error: (11/11/2020 12:45:57 PM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Le service n'a pas réussi à gérer PowerEvent. L'erreur qui s'est produite était : System.IO.IOException: Le processus ne peut pas accéder au fichier 'C:\Windows\Temp\signtool.exe', car il est en cours d'utilisation par un autre processus. à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode) à _HPCommRecovery.Tools.Signtool.ExtractSignTool() à _HPCommRecovery.Tools.Signtool.Verify(String arg) à _HPCommRecovery.HPAHAgent.CallAgent() à _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) à _HPCommRecovery.HPAHLogger.NewSession() à _HP.... Error: (11/11/2020 12:45:57 PM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Le service n'a pas réussi à gérer PowerEvent. L'erreur qui s'est produite était : System.IO.IOException: Le processus ne peut pas accéder au fichier 'C:\Windows\Temp\signtool.exe', car il est en cours d'utilisation par un autre processus. à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode) à _HPCommRecovery.Tools.Signtool.ExtractSignTool() à _HPCommRecovery.Tools.Signtool.Verify(String arg) à _HPCommRecovery.HPAHAgent.CallAgent() à _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) à _HPCommRecovery.HPAHLogger.NewSession() à _HP.... Error: (11/10/2020 01:28:26 PM) (Source: HP Comm Recovery) (EventID: 0) (User: ) Description: Le service n'a pas réussi à gérer PowerEvent. L'erreur qui s'est produite était : System.IO.IOException: Le processus ne peut pas accéder au fichier 'C:\Windows\Temp\signtool.exe', car il est en cours d'utilisation par un autre processus. à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode) à _HPCommRecovery.Tools.Signtool.ExtractSignTool() à _HPCommRecovery.Tools.Signtool.Verify(String arg) à _HPCommRecovery.HPAHAgent.CallAgent() à _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath) à _HPCommRecovery.HPAHLogger.NewSession() à _HP.... Error: (11/09/2020 10:06:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante YourPhone.exe, version : 1.20101.84.0, horodatage : 0x5f94e169 Nom du module défaillant : twinapi.appcore.dll, version : 10.0.18362.959, horodatage : 0xeeb9f7a6 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000000d65d8 ID du processus défaillant : 0x3d54 Heure de début de l’application défaillante : 0x01d6b6660911539e Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.84.0_x64__8wekyb3d8bbwe\YourPhone.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll ID de rapport : 79198cc8-9f39-406c-9ff7-5fd5be6e995d Nom complet du package défaillant : Microsoft.YourPhone_1.20101.84.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App Erreurs système: ============= Error: (11/11/2020 07:45:23 PM) (Source: DCOM) (EventID: 10010) (User: HP2) Description: Le serveur Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/11/2020 06:45:21 PM) (Source: DCOM) (EventID: 10010) (User: HP2) Description: Le serveur Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/11/2020 06:00:19 PM) (Source: DCOM) (EventID: 10010) (User: HP2) Description: Le serveur Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/11/2020 05:45:19 PM) (Source: DCOM) (EventID: 10010) (User: HP2) Description: Le serveur Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/11/2020 05:11:39 PM) (Source: DCOM) (EventID: 10010) (User: HP2) Description: Le serveur Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/11/2020 04:46:43 PM) (Source: DCOM) (EventID: 10010) (User: HP2) Description: Le serveur Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/11/2020 04:42:27 PM) (Source: DCOM) (EventID: 10010) (User: HP2) Description: Le serveur Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/11/2020 02:58:37 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Le service aswbIDSAgent ne s’est pas fermé correctement après avoir reçu une commande d’anticipation de fermeture. CodeIntegrity: =================================== Date: 2020-11-11 19:05:56.057 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-11-11 19:05:55.833 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-11-11 19:05:55.420 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-11-11 19:05:54.510 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-11-11 15:02:53.762 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-11-11 15:02:53.746 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-11-11 15:02:53.720 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-11-11 15:02:42.017 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: Insyde F.02 04/06/2018 Carte mère: HP 84AC Processeur: AMD A6-9225 RADEON R4, 5 COMPUTE CORES 2C+3G Pourcentage de mémoire utilisée: 76% Mémoire physique - RAM - totale: 7645.68 MB Mémoire physique - RAM - disponible: 1833.69 MB Mémoire virtuelle totale: 9501.68 MB Mémoire virtuelle disponible: 1993.57 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:914.97 GB) (Free:566.02 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:15.31 GB) (Free:1.79 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] \\?\Volume{0fd72f9e-2dcd-4f66-a1b2-ecbc51811e15}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.38 GB) NTFS \\?\Volume{44170156-57ce-46dd-b917-02ec076a582d}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: EF7F10EE) Partition: GPT. ==================== Fin de Addition.txt =======================