Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 13-05-2021 Exécuté par HYPER DISCOUNT (14-05-2021 09:12:00) Exécuté depuis C:\Users\HYPER DISCOUNT\Desktop\Nouveau dossier Windows 10 Home Version 2004 19041.928 (X64) (2020-11-06 18:10:00) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3331395947-3643601650-1224951885-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3331395947-3643601650-1224951885-503 - Limited - Disabled) HYPER DISCOUNT (S-1-5-21-3331395947-3643601650-1224951885-1002 - Administrator - Enabled) => C:\Users\HYPER DISCOUNT Invité (S-1-5-21-3331395947-3643601650-1224951885-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3331395947-3643601650-1224951885-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\uTorrent) (Version: 3.5.5.45608 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe) Aloha TriPeaks (HKLM-x32\...\WTA-d0c5851d-9fd4-4add-8c38-61f8e67b834e) (Version: 2.2.0.98 - WildTangent) Hidden AMD Catalyst Install Manager (HKLM\...\{9E2BF31C-7E39-C549-8AFE-56C3B927BD91}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.) Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation) Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.) Bejeweled 3 (HKLM-x32\...\WTA-a7c0f112-dc81-4dbe-95a8-4b220c8006de) (Version: 2.2.0.98 - WildTangent) Hidden BitTorrent (HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\BitTorrent) (Version: 7.10.5.45597 - BitTorrent Inc.) Build-a-lot (HKLM-x32\...\WTA-7f930e35-6190-4080-b076-838b87ced60f) (Version: 2.2.0.98 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform) Cisco Webex Meetings (HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\ActiveTouchMeetingClient) (Version: 40.6.1 - Cisco Webex LLC) ConsoleAir (HKLM-x32\...\{07C94F28-E840-AC19-4FB2-85CBE55F8DEA}) (Version: 116.010.10 - UNKNOWN) Hidden ConsoleAir (HKLM-x32\...\ConsoleAir) (Version: 116.010.10 - UNKNOWN) Cradle of Rome 2 (HKLM-x32\...\WTA-209136dd-bdb5-468e-a77c-551c42e44073) (Version: 2.2.0.98 - WildTangent) Hidden Crazy Chicken Soccer (HKLM-x32\...\WTA-1df3f257-21ea-437e-af84-583767002433) (Version: 2.2.0.110 - WildTangent) Hidden CrystalDiskInfo 8.11.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.11.2 - Crystal Dew World) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) Emergency 4 (HKLM-x32\...\{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}) (Version: 1.00.000 - ) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Étude pour l'amélioration du produit HP ENVY 4500 series (HKLM\...\{CBCCA175-DA19-424B-9D9F-5343140C884F}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) Étude pour l'amélioration du produit HP Officejet Pro X576dw MFP (HKLM\...\{D184E71F-09C1-4DA9-84B2-B3770672C4CC}) (Version: 32.0.90.45518 - Hewlett-Packard Co.) Farm Frenzy (HKLM-x32\...\WTA-ba006774-9d13-4b4f-8154-ee1f657eab17) (Version: 2.2.0.98 - WildTangent) Hidden Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC) Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-994a2467-bac7-4893-b3f7-9e560ca2e532) (Version: 2.2.0.110 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{F2481209-98FE-4943-8903-90D19E1B7062}) (Version: 1.2.0.0 - Hewlett-Packard) HP ENVY 4500 series Aide (HKLM-x32\...\{BAF28CCD-121D-4C6C-B29D-4F7B51B2D1B4}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Quick Start (HKLM-x32\...\{B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}) (Version: 1.0.4660.30220 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.8.34.31 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{93A048EC-70FB-4BB2-8335-00654AC8E4C1}) (Version: 12.18.34.21 - HP Inc.) HP System Event Utility (HKLM-x32\...\{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}) (Version: 1.0.4 - Hewlett-Packard Company) HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Jewel Match 3 (HKLM-x32\...\WTA-cc32eed1-ccae-4e40-b406-c853c18eabe8) (Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest II (HKLM-x32\...\WTA-467a473f-38f6-4334-9a12-6635e2d48d3c) (Version: 2.2.0.97 - WildTangent) Hidden Les Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts) Logiciel de base du périphérique HP ENVY 4500 series (HKLM\...\{9A9B64A8-A9E8-4588-B924-D1898D3E6355}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) Mahjongg Artifacts (HKLM-x32\...\WTA-93118ab8-b97b-4d7e-8b03-e206617275f2) (Version: 2.2.0.110 - WildTangent) Hidden Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation) Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Module de compatibilité pour Microsoft Office System 2007 (HKLM-x32\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 64.0 (x64 fr) (HKLM\...\Mozilla Firefox 64.0 (x64 fr)) (Version: 64.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla) OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Nom de votre société) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-8d053f6d-2560-4cb3-b6cb-a39dda14b42c) (Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (HKLM-x32\...\WTA-8c327e63-3ef7-4d6b-994c-50cdfc875140) (Version: 2.2.0.97 - WildTangent) Hidden Polar FlowSync version 3.0.0.1337 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 3.0.0.1337 - Polar Electro Oy) PowerLed 2.86.2 (HKLM-x32\...\PowerLed_is1) (Version: - TF-TOP) Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-5cefe255-323b-479a-9c25-412e9a489604) (Version: 2.2.0.98 - WildTangent) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6856 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.) Royal Envoy 2 Collector's Edition (HKLM-x32\...\WTA-642efdf6-77c5-4759-a3cc-f1d16570099e) (Version: 3.0.2.32 - WildTangent) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.45 - Synaptics Incorporated) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer) TomTom HOME (HKLM-x32\...\{30E6FC43-C31F-4968-9A06-AA38E3C3CF73}) (Version: 2.10.1 - Nom de votre société) Trinklit Supreme (HKLM-x32\...\WTA-09b6862e-e1ff-47f1-a679-d69830619ca4) (Version: 2.2.0.98 - WildTangent) Hidden Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden Vacation Quest™ - Australia (HKLM-x32\...\WTA-05ade148-a0fb-4ac4-91a6-4005f0d5d9be) (Version: 3.0.2.32 - WildTangent) Hidden Virtual Families (HKLM-x32\...\WTA-3e124ac8-880b-4166-8d11-23d070757145) (Version: 2.2.0.98 - WildTangent) Hidden Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN) Web Companion (HKLM-x32\...\{dcfa1680-f991-47ba-bde3-e6441763727c}) (Version: 4.9.2182.4042 - Lavasoft) Wedding Dash (HKLM-x32\...\WTA-b1219470-28fe-4a90-9b31-432b0374f20d) (Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.5 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Xilisoft MP4 Convertisseur (HKLM-x32\...\Xilisoft MP4 Convertisseur) (Version: 7.8.21.20170920 - Xilisoft) Youda Jewel Shop (HKLM-x32\...\WTA-f96d421f-a44b-47a2-bcbc-f59d613968cb) (Version: 3.0.2.32 - WildTangent) Hidden Zoom (HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\ZoomUMX) (Version: 5.4.7 (59784.1220) - Zoom Video Communications, Inc.) Zuma's Revenge (HKLM-x32\...\WTA-9a41d4f2-8ad7-4131-ad3e-d82e520937b9) (Version: 2.2.0.98 - WildTangent) Hidden Packages: ========= Bien démarrer avec Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-04-16] (Hewlett-Packard Company) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.3.30.0_x86__kgqvnymyfvs32 [2021-03-23] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.192.300.0_x86__kgqvnymyfvs32 [2021-04-30] (king.com) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-09] (Microsoft Corporation) Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.9.13.0_x86__h6adky7gbf63m [2021-04-28] (Gameloft SE) Drawboard PDF -> C:\Program Files\WindowsApps\Drawboard.DrawboardPDF_5.36.3.0_x64__gqbn7fs4pywxm [2021-05-06] (Drawboard) eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2021-04-08] (eBay, Inc) Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.312.1.0_neutral__8xx8rvfyw5nnt [2021-03-25] (Facebook Inc) HP Games -> C:\Program Files\WindowsApps\AD2F1837.HPGames_1.0.0.50_neutral__v10z8vjag6ke6 [2013-04-11] (Hewlett-Packard Company) HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-05-05] (Hewlett-Packard Company) HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2021-04-08] (Hewlett-Packard Company) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_126.2.222.0_x64__v10z8vjag6ke6 [2021-04-12] (HP Inc.) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-04-08] (Facebook Inc) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4213.0_x64__8wekyb3d8bbwe [2021-04-28] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.22101.0_x64__8wekyb3d8bbwe [2021-04-30] (Microsoft Studios) MSN Cuisine & Vins -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation) [MS Ad] MSN Santé & Forme -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] MSN Voyage -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.) Norton Studio -> C:\Program Files\WindowsApps\SymantecCorporation.NortonStudio_2.2.0.0_x86__v68kp9n051hdp [2018-04-20] (Symantec Corporation) Paradise Bay -> C:\Program Files\WindowsApps\king.com.ParadiseBay_3.9.0.0_x86__kgqvnymyfvs32 [2018-12-15] (king.com) Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2021-04-08] (Snapfish) TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.7.0_x64__6bhtb546zcxnj [2021-04-08] (TuneIn) [MS Ad] YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2015-04-16] (CYBERLINKCOM CORP) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\HYPER DISCOUNT\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC) CustomCLSID: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com) ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\HYPER DISCOUNT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ==================== Modules chargés (Avec liste blanche) ============= 2014-07-04 21:33 - 2014-07-04 21:33 - 000127488 _____ () [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2021-02-13 20:56 - 2021-02-13 20:56 - 004388864 _____ (HP Inc.) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\hp.supportf7f36df2d#\866b5cae1c7a6de7dcb220d31c1b07a2\hp.supportframework.localization.ni.dll 2021-02-13 20:56 - 2021-02-13 20:56 - 000067584 _____ (HP Inc.) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\HP.SupportFa45a577b#\110134d575daa18255ae841e4cadc603\HP.SupportFramework.Communicator.ni.dll 2021-02-13 20:56 - 2021-02-13 20:56 - 013281792 _____ (HP Inc.) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\HP.SupportFcb4ea9d2#\f021dd53bdb8edc45374a85978c74967\HP.SupportFramework.UI.ni.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/3 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3 HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D030220-A3BE04076F5&form=CONMHP&conlogo=CT3335795 HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/3 SearchScopes: HKLM -> {4A8D54F3-D7F7-48DC-8F7D-613E88141843} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {4A8D54F3-D7F7-48DC-8F7D-613E88141843} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E7F45278-280E-43BA-9D12-9684C1F0B44B}&mid=4477744cd57a47cda1ea0580a9946b6c-aa5dbc72d7eaa5b80fb991a86abbb8cdea805a44&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-06-17 10:25:28&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D030220-N0700A3BE04076F5&form=CONBDF&conlogo=CT3335795&q={searchTerms} SearchScopes: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002 -> {4A8D54F3-D7F7-48DC-8F7D-613E88141843} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E7F45278-280E-43BA-9D12-9684C1F0B44B}&mid=4477744cd57a47cda1ea0580a9946b6c-aa5dbc72d7eaa5b80fb991a86abbb8cdea805a44&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-06-17 10:25:28&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation) BHO: Pas de nom -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Pas de fichier BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.) Toolbar: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\webcompanion.com -> hxxp://webcompanion.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\123simsen.com -> www.123simsen.com Il y a 7942 plus de sites. ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2013-08-22 15:25 - 2018-10-27 10:07 - 000454675 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Il y a 15607 plus de lignes. ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\HYPER DISCOUNT\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "SDTray" HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\StartupApproved\Run: => "TomTomHOME.exe" HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\StartupApproved\Run: => "BitTorrent" HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\StartupApproved\Run: => "Web Companion" HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3331395947-3643601650-1224951885-1002\...\StartupApproved\Run: => "Polar FlowSync" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{8B77FE97-A678-4E5A-AA3C-8E20BF3A07D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{12F700B3-4F72-4B4C-90B1-77128E7A834D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EA5CA8EE-543E-45B0-9F4B-73DB9B550129}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0DF6E4C9-05AD-4C3B-AE0D-2E9E637164AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4215AC9C-F1E2-4830-AE3B-1C399969B928}] => (Allow) LPort=5354 FirewallRules: [{D3D47B74-105B-4118-9EDC-3DE71DA1036E}] => (Allow) LPort=5354 FirewallRules: [{18AFF4AA-F59F-4600-878C-55BB112FAEBB}] => (Allow) LPort=5354 FirewallRules: [{67042638-2C02-4E8D-BB8C-BE26866DEF78}] => (Allow) LPort=5354 FirewallRules: [{65931DE3-08D0-4C71-BA9D-B201463FBEAA}] => (Allow) C:\Users\HYPER DISCOUNT\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{0D36C083-2935-45B5-B2E9-658EAA4CFC89}] => (Allow) C:\Users\HYPER DISCOUNT\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{1C025135-EBFC-4DF6-B8AA-85B342ED9ADE}] => (Allow) C:\Users\HYPER DISCOUNT\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{3C39E673-19DC-413A-90FB-5E5F07E55815}] => (Allow) C:\Users\HYPER DISCOUNT\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{03BAB0EF-9DE2-4C12-B7F5-7B24E2C72E92}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{59E2995E-A80B-49B3-BB43-CD946C89AF00}] => (Allow) LPort=5357 FirewallRules: [{5E797D8B-5A1E-4DA8-A1B8-5A6A6B4C6EC2}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [UDP Query User{CC96083F-F867-4DD8-9659-169937C0B999}C:\program files (x86)\powerled\powerled.exe] => (Allow) C:\program files (x86)\powerled\powerled.exe (专业LED控制卡厂家) [Fichier non signé] FirewallRules: [TCP Query User{F93C47A0-A6D9-41F8-A814-0A9D127EEB4D}C:\program files (x86)\powerled\powerled.exe] => (Allow) C:\program files (x86)\powerled\powerled.exe (专业LED控制卡厂家) [Fichier non signé] FirewallRules: [{E687FE17-AD3C-44C3-94E6-2A06A134859A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{04FC89AE-2860-4C00-8A26-464BFD62A930}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2E340F20-AD73-4535-8A29-B0EF6C80E2CB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E83A2C84-8075-4E63-A1FD-C8D916D60ACF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{99DA602C-0D87-4CAC-AE94-AF1A6757A9D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DBC15CF3-4BC9-4412-99F0-6A5E4DCDA052}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3C4DE558-CFCE-4BBA-AB40-DCCBF225249D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5A66B8A4-0957-4E56-AB35-8FA14E8BDDA6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{57661121-5F37-4867-974F-F2D43CE9649C}C:\users\hyper discount\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\hyper discount\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{38EAEF2D-8B67-4237-9FAB-A93D80081419}C:\users\hyper discount\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\hyper discount\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{0ED73FBE-EE11-40F1-849A-21BE397C5286}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe (Hewlett-Packard Company -> Hewlett-Packard Company) FirewallRules: [{BC6205AE-730E-4516-8480-B7C360A1CDD6}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd) FirewallRules: [{24917B90-A7F1-412F-AFFC-CE4F29455D91}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd) FirewallRules: [{14736F6A-8414-4C81-8674-016F738CE503}] => (Allow) LPort=1900 FirewallRules: [{5EEC3486-B8E4-440F-8BD6-E850E16A0508}] => (Allow) LPort=2869 FirewallRules: [{566D7E81-816A-4228-8CAE-209BE55E86B9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{28661B9F-B306-4884-913E-24207BB17AF7}] => (Allow) C:\Users\HYPER DISCOUNT\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3BF8061E-4AB3-45CF-9278-EDCE635C32C9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{F670C45B-C5B3-448B-9B8E-25A97E28F12C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{88A8851D-6938-4FBC-90CC-A6CA632C9841}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{87F9BA19-F5AE-401F-8AC3-EEBA81DD2C97}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CE0261D8-6E93-490C-8CF5-8E9DA3ABBB20}] => (Allow) C:\Users\HYPER DISCOUNT\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{85067289-0BDC-45C6-844D-BFDACC0FCF2E}] => (Allow) C:\Users\HYPER DISCOUNT\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{3748D354-9A6C-4E33-AE68-82A73E5AC43E}] => (Allow) C:\Users\HYPER DISCOUNT\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{8E6360B2-ACC3-4608-9897-EEC6CBA5E125}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{179DF1C2-A939-4FC9-8CE9-11CA10F2D6D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{CE7BE9B9-1852-4749-9FE2-952BAEE73518}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{741E8397-BE2A-4DF6-98BB-99B680E8EC6A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{B09B43FE-82A7-40EF-A3AD-71DD956F660C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Points de restauration ========================= 30-04-2021 15:05:05 Point de contrôle planifié 13-05-2021 15:17:23 Point de contrôle planifié ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (05/14/2021 09:03:17 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (05/13/2021 10:47:49 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (05/13/2021 10:47:35 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (05/13/2021 09:37:55 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: HYPERDISCOUNT) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (05/13/2021 08:45:11 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: HYPERDISCOUNT) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (05/13/2021 07:26:59 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: HYPERDISCOUNT) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (05/13/2021 06:30:37 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: HYPERDISCOUNT) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (05/13/2021 05:55:27 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: HYPERDISCOUNT) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Erreurs système: ============= Error: (05/13/2021 12:40:08 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {F3B4E234-7A68-4E43-B813-E4BA55A065F6} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (05/12/2021 08:49:17 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {F3B4E234-7A68-4E43-B813-E4BA55A065F6} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (05/12/2021 08:32:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Service %1!s! Update (avast) n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (05/12/2021 08:32:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Service 30000!s! Update (avast). Error: (05/12/2021 08:30:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service AODDriver4.2.0 n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (05/12/2021 08:19:08 PM) (Source: DCOM) (EventID: 10005) (User: HYPERDISCOUNT) Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service WSearch avec les arguments « Non disponible » pour exécuter le serveur : {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (05/12/2021 08:19:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Search n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (05/12/2021 08:19:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Windows Search. Windows Defender: ================ Date: 2021-05-14 09:14:49 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/uTorrent_BundleInstaller&threatid=290702&enterprise=0 Nom : PUA:Win32/uTorrent_BundleInstaller ID : 290702 Gravité : Faible Catégorie : Logiciel potentiellement non désiré Chemin : file:_C:\Users\HYPER DISCOUNT\AppData\Roaming\uTorrent\uTorrent.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : HYPERDISCOUNT\HYPER DISCOUNT Nom du processus : C:\Users\HYPER DISCOUNT\Desktop\Nouveau dossier\FRST64.exe Version de la veille de sécurité : AV: 1.339.643.0, AS: 1.339.643.0, NIS: 1.339.643.0 Version du moteur : AM: 1.1.18100.6, NIS: 1.1.18100.6 Date: 2021-05-14 09:00:42 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/uTorrent_BundleInstaller&threatid=290702&enterprise=0 Nom : PUA:Win32/uTorrent_BundleInstaller ID : 290702 Gravité : Faible Catégorie : Logiciel potentiellement non désiré Chemin : file:_C:\Users\HYPER DISCOUNT\AppData\Roaming\uTorrent\uTorrent.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : HYPERDISCOUNT\HYPER DISCOUNT Nom du processus : C:\Windows\System32\RuntimeBroker.exe Version de la veille de sécurité : AV: 1.339.537.0, AS: 1.339.537.0, NIS: 1.339.537.0 Version du moteur : AM: 1.1.18100.6, NIS: 1.1.18100.6 Date: 2021-05-13 14:05:18 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=App:Utorrent_BundleInstaller&threatid=290703&enterprise=0 Nom : App:Utorrent_BundleInstaller ID : 290703 Gravité : Faible Catégorie : Logiciel potentiellement non désiré Chemin : file:_C:\Users\HYPER DISCOUNT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk; file:_C:\Users\HYPER DISCOUNT\AppData\Roaming\uTorrent\uTorrent.exe; regkey:_HKCU@S-1-5-21-3331395947-3643601650-1224951885-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; regkey:_HKCU@S-1-5-21-3331395947-3643601650-1224951885-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent; runkey:_HKCU@S-1-5-21-3331395947-3643601650-1224951885-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; uninstall:_HKCU@S-1-5-21-3331395947-3643601650-1224951885-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Système Utilisateur : AUTORITE NT\Système Nom du processus : Unknown Version de la veille de sécurité : AV: 1.339.537.0, AS: 1.339.537.0, NIS: 1.339.537.0 Version du moteur : AM: 1.1.18100.6, NIS: 1.1.18100.6 Date: 2021-05-13 12:27:14 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {23BC85D1-3ED9-449E-B813-6F2D641099C0} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2021-05-12 21:32:15 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {1922931A-241B-46E1-BB2C-8A27EB55EDE3} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2021-05-12 19:45:12 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: Insyde F.03 04/09/2013 Carte mère: Hewlett-Packard 1983 Processeur: AMD A4-5150M APU with Radeon(tm) HD Graphics Pourcentage de mémoire utilisée: 59% Mémoire physique - RAM - totale: 5341.2 MB Mémoire physique - RAM - disponible: 2139.8 MB Mémoire virtuelle totale: 6237.2 MB Mémoire virtuelle disponible: 2831.02 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:907.3 GB) (Free:687.88 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive d: (RECOVERY) (Fixed) (Total:22.03 GB) (Free:2.54 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] \\?\Volume{992a0268-0bb6-42e0-9fa4-d63f10db5b09}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.12 GB) NTFS \\?\Volume{e908ffb3-010d-4fbc-ac8a-baa3eae30ff5}\ () (Fixed) (Total:0.92 GB) (Free:0.34 GB) NTFS \\?\Volume{e9cb3baa-719c-4999-91f4-7ccf9073f00d}\ () (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS \\?\Volume{d0c3994a-3f98-4edd-8a49-2e80c80267e9}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 4176642D) Partition: GPT. ==================== Fin de Addition.txt =======================