Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 30-08-2022 Exécuté par Sara (21-09-2022 19:58:45) Exécuté depuis C:\Users\Sara\Desktop Microsoft Windows 10 Famille Version 21H2 19044.2006 (X64) (2021-11-29 22:41:37) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-2470235092-2696277341-3793261883-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2470235092-2696277341-3793261883-503 - Limited - Disabled) Invité (S-1-5-21-2470235092-2696277341-3793261883-501 - Limited - Disabled) Sara (S-1-5-21-2470235092-2696277341-3793261883-1001 - Administrator - Enabled) => C:\Users\Sara WDAGUtilityAccount (S-1-5-21-2470235092-2696277341-3793261883-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated) Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3021 - Acer Incorporated) Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated) Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3008 - Acer Incorporated) Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated) AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated) Apple Mobile Device Support (HKLM\...\{2B3CA448-5266-480F-85FA-2FCCB3C8712C}) (Version: 15.6.0.32 - Apple Inc.) Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Camtasia 2018 (HKLM\...\{D745C67F-92C3-48F6-8BD0-43267C09FE16}) (Version: 18.0.3.3747 - TechSmith Corporation) Hidden Camtasia 2018 (HKLM-x32\...\{968cb12a-bb8e-4a75-b1aa-e2338485c2d3}) (Version: 18.0.3.3747 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 6.03 - Piriform) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc) ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL (HKLM\...\Elantech) (Version: 13.6.5.2 - ELAN Microelectronic Corp.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.) Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.) Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.127 - Google LLC) Intel(R) Chipset Device Software (HKLM\...\{B685D0AD-42A8-4A39-9BFE-8C063FA9AF29}) (Version: 10.1.1.8 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{BFACB3F5-7091-429E-A6A9-59C0696B710E}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{CCCB484E-79D5-4398-9377-CA6EEB6B53AE}) (Version: 11.0.0.1158 - Intel Corporation) Hidden Intel(R) ME UninstallLegacy (HKLM\...\{DF17C0DB-76D8-4A45-B26E-674F8455B803}) (Version: 1.0.1.0 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4599 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{303C5CD6-2525-49C5-9E49-DBD92F9F63BD}) (Version: 14.5.2.1088 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{30E935B2-0DAC-455E-AC76-3C8504DC3D18}) (Version: 30.100.1519.07 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 4.5.14.210 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.14.210 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.42 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.42 - Microsoft Corporation) Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation) Microsoft Office Access MUI (French) 2007 (HKLM-x32\...\{90120000-0015-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (French) 2007 (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (French) 2007 (HKLM-x32\...\{90120000-0044-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (French) 2007 (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (French) 2007 (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2007 (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Proof (Arabic) 2007 (HKLM-x32\...\{90120000-001F-0401-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (Dutch) 2007 (HKLM-x32\...\{90120000-001F-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing (French) 2007 (HKLM-x32\...\{90120000-002C-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (French) 2007 (HKLM-x32\...\{90120000-0019-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (French) 2007 (HKLM\...\{90120000-002A-040C-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (French) 2007 (HKLM-x32\...\{90120000-006E-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Word MUI (French) 2007 (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\...\OneDriveSetup.exe) (Version: 22.176.0821.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 104.0.2 (x64 fr)) (Version: 104.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 104.0.2.8280 - Mozilla) NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - ) Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.0079 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) Rise of Kingdoms (HKLM-x32\...\{5E6D9E1D-4912-4D6D-A105-6AE76BB0F7D8}_is1) (Version: 1.0.56.16 - Chengdu Legou Technology Co.,Ltd) Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation) Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-8) (Version: 1.0.33.0 - LunarG, Inc.) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Packages: ========= Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2019-02-26] (Acer Incorporated) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.21.71.0_x64__kgqvnymyfvs32 [2022-07-24] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.227.700.0_x64__kgqvnymyfvs32 [2022-09-21] (king.com) Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_7.2.10.0_x86__h6adky7gbf63m [2022-09-15] (Gameloft SE) extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-22] (Microsoft Corporation) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2021-11-30] (Instagram) Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2019-02-26] (AMZN Mobile LLC) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-29] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-29] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-17] (Microsoft Studios) [MS Ad] Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-15] (MAGIX) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-18] (Netflix, Inc.) PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.2.1.0_x64__f5eddttrpssna [2022-01-26] (Mooii Tech) Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.543.566.0_x86__55nm5eh3cm0pr [2022-09-10] (ROBLOX Corporation) Seekers Notes®: Mystère caché -> C:\Program Files\WindowsApps\5CB722CC.SeekersNotesMysteriesofDarkwood_2.28.2.0_x86__ypk0bew5psyra [2022-09-17] (MYTONA Pte. Ltd.) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-28] (Foxit Software Incorporated -> Foxit Software Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-19] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxDTCM.dll [2017-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-19] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "RtHDVCpl" HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\...\StartupApproved\Run: => "LDNews" HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_30DE51239BAA92A81E36F17671881104" HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_9693F1C041D6C86BCEE6418E9EE2DD8B" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{F1F74F3F-36CE-4CAA-A667-254A6BF98B78}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{7BD8B861-474D-4D46-BA0E-97EBA8D1210D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{FC98873A-32D0-4F2C-85D5-597BC35F02B1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{2DBFB848-76E9-4C47-978A-456674D0812F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{49A51D5B-2F55-450F-973E-FC9E034A33B5}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology) FirewallRules: [{90FD41C6-DD66-4C21-80FF-72910A93FF6A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology) FirewallRules: [{C98C1C8D-675F-43C4-AE96-6378DC294CB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{56EE80E8-AE1E-4ACE-8ACF-6D74E119BFB8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{76070063-8BB7-47C0-BEE7-DF9D16758AE4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [{617557FE-F27A-4C8E-BD76-23D963338F7F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [{BBC204CA-A6EA-48D6-A61F-2E5BE52A5CE5}] => (Allow) LPort=8319 FirewallRules: [{E903C06D-6A41-4255-9B4A-494C044C3014}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{D5A78AE5-8DB4-4C0B-A06A-F09029C930DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{D157A92B-103B-4E5C-884E-B0205B747C59}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{92CB215A-C2B6-48E7-8265-83DD088D505E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3682DA55-A619-4746-97D6-94128ACC7D80}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{23D7D123-55C3-4EBA-A3F3-7A54D59A97AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0FB2B0F8-6F88-45E9-9275-2DFB3F0F86A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A37EB950-B623-4BE3-A669-E15DA7390F99}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{72B6767C-78E5-413B-AA29-BB6B87AFA0E2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{16E3FF00-12F2-41B8-8B04-20A818396B68}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Points de restauration ========================= 19-09-2022 22:09:07 Removed iTunes ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (09/21/2022 07:17:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante : SecHealthUI.exe, version : 10.0.19041.1741, horodatage : 0x6f9fd520 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1949, horodatage : 0xcb12e58e Code d’exception : 0xc000027b Décalage du défaut : 0x000000000010fb62 ID processus défaillant : 0x2c74 Heure de démarrage de l’application défaillante : 0x01d8cde5cc041763 Chemin de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe Chemin du module défaillant : C:\WINDOWS\System32\KERNELBASE.dll Code de rapport : 614f57b8-f570-4417-9238-97b3e630a0a3 Nom complet de l’ensemble défaillant : Microsoft.Windows.SecHealthUI_10.0.19041.1865_neutral__cw5n1h2txyewy ID de l’application relative à l’ensemble défaillant : SecHealthUI Error: (09/20/2022 11:33:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 31266 Error: (09/20/2022 11:33:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 31266 Error: (09/20/2022 11:33:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/20/2022 11:32:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15641 Error: (09/20/2022 11:32:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15641 Error: (09/20/2022 11:32:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/20/2022 11:32:12 PM) (Source: Wlclntfy) (EventID: 4005) (User: ) Description: Le processus d’ouverture de session de Windows s’est terminé de manière inattendue. Erreurs système: ============= Error: (09/21/2022 07:41:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x80073d02 : 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (09/20/2022 07:30:16 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (09/20/2022 07:28:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Cache de police de Windows Presentation Foundation 3.0.0.0 n'a pas pu démarrer en raison de l'erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (09/20/2022 07:28:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l'attente de la connexion du service Cache de police de Windows Presentation Foundation 3.0.0.0. Error: (09/20/2022 07:28:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: Le serveur Windows.Internal.StateRepository.ApplicationExtension ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (09/20/2022 07:26:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service NcbService s'est arrêté avec l'erreur : Un périphérique attaché au système ne fonctionne pas correctement. Error: (09/20/2022 07:25:46 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 00:27:10 le ‎2022-‎09-‎20 n’était pas prévu. Error: (09/20/2022 07:24:50 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY) Description: 3221225684Une erreur irrécupérable s’est produite pendant le traitement des données de restauration. Windows Defender: ================ Date: 2022-09-17 00:25:09 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {CE33E7D3-6631-4E71-9998-9F30B244423D} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Date: 2022-09-14 22:05:20 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {75E02169-27C6-4D20-B39E-D76254D1101B} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Date: 2022-09-13 21:21:36 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {EA6AB890-0BB9-40D4-A9D3-F00BCCDFEBC7} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Date: 2022-09-12 19:35:07 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {972DF263-2790-43CA-BEF4-D96F772E229C} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Date: 2022-09-09 18:50:56 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {7CBE4E22-C79E-4B8D-AC4F-642D5B0F61AB} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Event[0]: Date: 2022-08-09 23:52:44 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.373.55.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : NT AUTHORITY\SYSTEM Version actuelle du moteur : Version précédente du moteur : 1.1.19500.2 Code d’erreur : 0x8024001e Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. CodeIntegrity: =============== Date: 2022-09-21 20:02:24 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: Insyde Corp. V1.18 05/25/2017 Carte mère: Acer Usopp_SL Processeur: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz Pourcentage de mémoire utilisée: 63% Mémoire physique - RAM - totale: 8058.59 MB Mémoire physique - RAM - disponible: 2950.89 MB Mémoire virtuelle totale: 9338.59 MB Mémoire virtuelle disponible: 4137.05 MB ==================== Lecteurs ================================ Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:864.76 GB) (Model: ST1000LM024 HN-M101MBB) NTFS \\?\Volume{591a88f0-d3fd-4953-ac81-568b84012b6d}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS \\?\Volume{7d3b7968-2826-4682-95bd-36b8fb9dce80}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: B298A182) Partition: GPT. ==================== Fin de Addition.txt =======================