Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 26-01-2022
Exécuté par berla (29-01-2022 17:07:21)
Exécuté depuis C:\Users\berla\Desktop
Microsoft Windows 10 Famille Version 21H1 19043.1466 (X64) (2020-12-16 15:17:25)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-3914082657-850623802-2874591013-500 - Administrator - Disabled)
berla (S-1-5-21-3914082657-850623802-2874591013-1001 - Administrator - Enabled) => C:\Users\berla
DefaultAccount (S-1-5-21-3914082657-850623802-2874591013-503 - Limited - Disabled)
Invité (S-1-5-21-3914082657-850623802-2874591013-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3914082657-850623802-2874591013-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
700 by Wikango (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\700 by Wikango) (Version: - )
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
Bejeweled 3 (HKLM-x32\...\WTA-36e6913f-810f-4b6a-bdb1-2e119ef84470) (Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot (HKLM-x32\...\WTA-d93554a3-217c-4a8a-b8ab-74aec342ab19) (Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-ce7aa304-2021-4859-b8e7-691cc44040bc) (Version: 3.0.2.48 - WildTangent) Hidden
CARNET (HKLM-x32\...\CARNET) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
CDBurnerXP (HKLM-x32\...\{B8473CBC-803D-4336-A360-7D0537AD78F5}) (Version: 4.5.7.6623 - Canneverbe Limited)
Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Crazy Chicken Soccer (HKLM-x32\...\WTA-c2444e17-a3ac-4ee8-8491-bf4974813ecf) (Version: 2.2.0.110 - WildTangent) Hidden
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-b79656d1-7f33-4392-bba0-174327971445) (Version: 3.0.2.59 - WildTangent) Hidden
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 1.0 - devolo AG)
dLAN Cockpit (HKLM-x32\...\{9A7172F1-66F1-603F-7E54-35EBB9F6E2EC}) (Version: 1.19.07 - devolo AG) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Funbridge2 (HKLM-x32\...\Funbridge2) (Version: 2.6.0.0 - Goto.Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
GOTO Bridge XVI (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\GOTO Bridge16) (Version: 1.0.0.0 - Goto.Games)
GOTO Bridge XVII (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\GOTO Bridge17) (Version: 1.0.0.0 - Goto.Games)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{02E639C2-2C8A-4A55-8DFF-43666B46E8F3}) (Version: 1.5.6.0 - HP Inc.)
HP Photo Creations (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\HP Photo Creations) (Version: 1.0.0.19802 - HP)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Ready Mode Technology (HKLM\...\{9F82AA39-BB14-4BD3-98EF-D4E9E3526B7D}) (Version: 1.1.70.514 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-9998d2cc-9cb0-4f13-a2f7-7a01480b5ee1) (Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 96.0.3 (x64 fr)) (Version: 96.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Olympus Workspace (HKLM-x32\...\{15204132-338C-4685-8785-85210A71F657}) (Version: 1.4.0 - Olympus Corporation)
Online Safety 2.165.4117.2687 (HKLM-x32\...\{8ED42910-5B59-44D5-88E0-0AD6BD3CA309}) (Version: 2.165.4117.2687 - F-Secure Corporation) Hidden
OpenOffice 4.1.7 (HKLM-x32\...\{A9222889-1CDA-42BD-B11B-113E7C91C1C7}) (Version: 4.17.9800 - Apache Software Foundation)
Package de pilotes Windows - Philips (SPC630) Image (07/07/2008 1.00.10.6551) (HKLM\...\63AC44233A7F75D43C2B277636D0A5A3C4FE6A9E) (Version: 07/07/2008 1.00.10.6551 - Philips)
Package de pilotes Windows - Philips CL (phaudlwr) MEDIA (06/02/2008 1.0.5.12) (HKLM\...\FEDA512DE1CA5C505592944B44643446C045502B) (Version: 06/02/2008 1.0.5.12 - Philips CL)
Package de pilotes Windows - Philips USB (07/07/2008 1.00.10.6551) (HKLM\...\AF240394FC080FA9D034CEB31B3714313893122B) (Version: 07/07/2008 1.00.10.6551 - Philips)
PDF24 Creator 10.7.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.7.1 - PDF24.org)
Philips SPC630NC Webcam (HKLM-x32\...\{54A72E28-0D5D-44E8-870F-9B7BB2D4369E}) (Version: 1.00.000 - Philips)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-60cb2294-94d8-4e96-a794-f202ba68e458) (Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-dd900e52-3072-4446-8b7c-aa643c572cc7) (Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.75 - REALTEK Semiconductor Corp.)
Revo Uninstaller 2.3.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.5 - VS Revo Group, Ltd.)
Runefall (HKLM-x32\...\WTA-99e33ecf-526a-480e-bbb3-24d45bf326a8) (Version: 3.0.2.126 - WildTangent) Hidden
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Skype version 8.69 (HKLM-x32\...\Skype_is1) (Version: 8.69 - Skype Technologies S.A.)
SopCast 4.0.0 (HKLM-x32\...\SopCast) (Version: 4.0.0 - www.sopcast.com)
Trinklit Supreme (HKLM-x32\...\WTA-88971590-96fc-41c0-ad36-bc10bbbde5db) (Version: 2.2.0.98 - WildTangent) Hidden
UCheck version 4.1.3.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 4.1.3.0 - Adlice Software)
Vacation Quest™ - Australia (HKLM-x32\...\WTA-596b7234-a43e-4748-b264-6ffafa6089a4) (Version: 3.0.2.59 - WildTangent) Hidden
Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Wbridge5 5.1 (HKLM-x32\...\{8374A9F4-1F0B-4839-8E44-DDD92C105711}_is1) (Version: - Yves Costel)
Wedding Dash (HKLM-x32\...\WTA-e53e3344-689a-4052-aeaf-c3bc0a94e598) (Version: 2.2.0.95 - WildTangent) Hidden
Winmail Opener 1.6 (HKLM-x32\...\Winmail Opener) (Version: 1.6 - Eolsoft)
Youda Jewel Shop (HKLM-x32\...\WTA-c16beb71-b5bf-4b5e-b1e0-4e8814550a34) (Version: 3.0.2.51 - WildTangent) Hidden
Youtube Downloader HD v. 4.2.1 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Zoom (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
Packages:
=========
1 File Viewer -> C:\Program Files\WindowsApps\14586regulars.FileViewer_1.0.4.0_x64__btadf82zgfhr6 [2022-01-16] (regulars)
123 Photos -> C:\Program Files\WindowsApps\38623ExtremeSleeper.123ImageViewerHD_2021.12.21.0_x64__2gsdpn732f8ba [2021-12-28] (mjmengji.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.210.200.0_x64__kgqvnymyfvs32 [2022-01-29] (king.com)
Classic Solitaire (Free) -> C:\Program Files\WindowsApps\470AlexeiGarbuzenko.ClassicSolitaireFree_2.3.3.0_x64__gd2qghq4jdjcm [2021-09-04] (Alexey Garbuzenko)
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-20] (Microsoft Corporation)
Dame de Pique -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.11.62.0_x64__kx24dqmazqk8j [2021-12-21] (Random Salad Games LLC)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.11.277.0_x64__rz1tebttyb220 [2022-01-20] (Dolby Laboratories)
Eurosport.com -> C:\Program Files\WindowsApps\EurosportSAS.Eurosport.com_4.1.0.0_x64__zbz8cfsntg0dj [2018-07-11] (Eurosport SAS)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-06-02] (Microsoft Corporation)
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)
Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2015-12-26] (Google Inc)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2017-04-01] (Universal Music Mobile)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-29] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-11-20] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-11] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-21] (Netflix, Inc.)
Open RAR 2.0 -> C:\Program Files\WindowsApps\9611Ostensive.OpenRAR2.0_1.2.0.0_neutral__c8k7n6ghmkqh0 [2017-09-01] (Ostensive)
Ouvreur Hotshot -> C:\Program Files\WindowsApps\29624HyperlinkHotshot.HotshotOpener_1.1.0.0_x86__vhhz8c9z5da6m [2017-09-02] (Hyperlink Hotshot)
PDF Reader - Afficher, Annoter, Partager -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.16.2.0_x64__jhretta7p24aw [2021-11-10] (Kdan Mobile Software Ltd.)
Presentation Opener -> C:\Program Files\WindowsApps\BallardAppCraftery.CraftyPresentationViewer_1.1.0.15_x86__epyrqhfctk40t [2017-11-05] (Ballard App Craftery)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-07] (Adobe Systems Incorporated)
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-17] (Snapfish)
Solitaire Français -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2021-10-08] (Random Salad Games LLC)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-14] (Twitter Inc.)
Ultra File Opener -> C:\Program Files\WindowsApps\D5BE6627.371995F5E41A5_7.2.7.0_x86__9pm2v9747qaaa [2020-09-01] (CompuClever Systems Inc.)
VCF Helper -> C:\Program Files\WindowsApps\49918ProgramFreaks.VCFHelper_1.0.0.3_neutral__d0v8kfkx2wdeg [2020-06-05] (Program Freaks)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130266.inf_amd64_e83ea833b4430f79\igfxDTCM.dll [2018-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-13] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\berla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\berla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Personne 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Modules chargés (Avec liste blanche) =============
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll => Pas de fichier
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-07-10 12:04 - 2022-01-27 19:25 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\berla\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\2014-04-05 10.18.26.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "FbNotifications"
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\StartupApproved\Run: => "OneDrive"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{BB7A4474-A57A-4209-BF19-9C0712454BA6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D98CD21-C6EE-49F6-A3B8-849FA17E29BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B022366-43E1-4EB1-A394-6BB76B10CD1F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{315DFC63-AD1F-4B82-9700-2A34D55C4596}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F9CEBDB-AFEB-4AA3-BB84-1F99FF64D2DE}] => (Allow) C:\Users\berla\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{D42E148E-2C69-4842-8427-9B425678F447}] => (Allow) C:\Users\berla\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1A5E023E-67D5-4008-84C1-EF4B1D8AF1F3}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS7055\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{7D701FCD-9A88-45CB-BE51-B69D03A7F4C2}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS7055\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{5AF7F229-0C3C-4183-8714-5FD95E3A752D}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS6504\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{16A46B9A-ACC1-4EB9-861F-42E9A0E0BDF1}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS6504\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [UDP Query User{ACD78987-F009-4450-BD21-F69F1122CC18}C:\program files (x86)\wikango\700\aulauncher.exe] => (Block) C:\program files (x86)\wikango\700\aulauncher.exe (Wikango) [Fichier non signé]
FirewallRules: [TCP Query User{27D5218C-C6B2-4123-88F6-866442B5C4CF}C:\program files (x86)\wikango\700\aulauncher.exe] => (Block) C:\program files (x86)\wikango\700\aulauncher.exe (Wikango) [Fichier non signé]
FirewallRules: [UDP Query User{963F6E75-2ADA-4A48-BE4C-62AEEEF5B022}C:\program files (x86)\wikango\700\aulauncher.exe] => (Allow) C:\program files (x86)\wikango\700\aulauncher.exe (Wikango) [Fichier non signé]
FirewallRules: [TCP Query User{29E2CBD8-1394-4126-93AD-B41852F1260E}C:\program files (x86)\wikango\700\aulauncher.exe] => (Allow) C:\program files (x86)\wikango\700\aulauncher.exe (Wikango) [Fichier non signé]
FirewallRules: [UDP Query User{537FBBFB-4592-4378-B27D-58A16537EB92}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [Fichier non signé]
FirewallRules: [TCP Query User{63007A83-C853-4097-BA90-2EC062959E60}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [Fichier non signé]
FirewallRules: [{4FB47FC7-02EC-44D7-8AB9-AAB1741FD6E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => Pas de fichier
FirewallRules: [{DF82EBDB-A75A-4214-BB97-19968005A97E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => Pas de fichier
FirewallRules: [{E60FDFF5-6647-425C-B4AD-D824F81B214D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Fichier non signé]
FirewallRules: [{72F4EC0E-BB75-4BF7-8A4E-BC745C8164C6}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Fichier non signé]
FirewallRules: [{E1362DB3-67ED-4CFC-9E13-931B3928CC79}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> )
FirewallRules: [{9BAF37B7-07BA-4BA3-BA8E-558484F92035}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> )
FirewallRules: [{98C4B967-5D29-483D-8309-CC3C336A8EDE}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS38BD\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{A53E03D8-7A18-446C-AADF-A54E36FCBB31}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS38BD\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{501F59DC-ED8B-46A9-B63F-79E4C94E1061}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0934D939-5011-4BF8-8041-37428F77F3B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A9BE6F62-AFCC-4F98-AF9F-1D8C063372AD}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS3DB7\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{9B1708F2-F270-4B41-9F5C-7975F52949FB}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS3DB7\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{9D7EED40-C869-4C2B-8421-F6E2EF3BD190}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07CD00CF-7278-440D-BE3F-678EE7B4CC81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{46F3CCE6-95C1-46D7-8400-737855E37669}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E94C0ED1-6A53-4855-8DF8-68BD522EA833}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{18B71644-40EC-4796-9BCE-2F31E9235E3C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7979B426-A4BC-42F0-A3D1-58927A5020D1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B93A9F5A-13E7-4201-AF7A-1C9205AE223A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F3C83AC-A48D-4CAB-B41E-B897DA4B4353}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD834653-D5C4-461D-B05B-170C574367A0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2FDA3C4-3CF3-4E7F-8B70-EC5D1817DABC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AC5E8F65-1D50-4B03-AA59-A8285FCE3BCA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{100F8E8B-4D85-450C-9720-0C89C5C77EC2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17182C8A-F144-4BFE-9460-7FE2A4EE4CE9}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS0F5B\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{AF79327A-A5B6-4CD9-85B5-F2A18F53A7D9}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS0F5B\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{50FFFFD6-3CB0-41CF-AF5E-0B9E0110FD40}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F5DCF5DB-DC1C-4D1A-85F8-C9B0BF8AC477}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A88C9D70-11E0-4958-B538-C6798FA64C51}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Points de restauration =========================
22-01-2022 17:34:35 ZHPcleaner
24-01-2022 19:49:06 ZHPcleaner
28-01-2022 09:47:31 Removed Darty Sécurité
29-01-2022 16:59:54 ZHPcleaner
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Service CCleaner Browser Update (ccleanerm) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service CCleaner Browser Elevation Service (CCleanerBrowserElevationService) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Service CCleaner Browser Update (ccleaner) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Tools since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Adobe Flash Player Update Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.
System Error:
Le fichier spécifié est introuvable.
.
Erreurs système:
=============
Error: (01/29/2022 11:59:55 AM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.
Error: (01/27/2022 11:24:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 11:24:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 11:24:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 11:24:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 11:24:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 09:08:33 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.
Error: (01/27/2022 08:55:51 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.
Windows Defender:
================
Date: 2022-01-29 17:00:35
Description:
L'accès contrôlé aux dossiers a empêché C:\Windows\System32\dllhost.exe de modifier la mémoire.
Heure de détection : 2022-01-29T16:00:35.939Z
Utilisateur : DESKTOP-47NC29N\berla
Chemin d'accès : \Device\HarddiskVolume3
Nom du processus : C:\Windows\System32\dllhost.exe
Version de la veille de sécurité : 1.355.2706.0
Version du moteur : 1.1.18800.4
Version du produit : 4.18.1911.3
Date: 2022-01-29 16:44:21
Description:
L'accès contrôlé aux dossiers a empêché C:\Program Files\CCleaner\CCleaner64.exe de modifier la mémoire.
Heure de détection : 2022-01-29T15:44:21.420Z
Utilisateur : DESKTOP-47NC29N\berla
Chemin d'accès : \Device\Harddisk0\DR0
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la veille de sécurité : 1.355.2706.0
Version du moteur : 1.1.18800.4
Version du produit : 4.18.1911.3
Date: 2022-01-29 14:27:57
Description:
L'accès contrôlé aux dossiers a empêché C:\Program Files\CCleaner\CCleaner64.exe de modifier la mémoire.
Heure de détection : 2022-01-29T13:27:57.864Z
Utilisateur : DESKTOP-47NC29N\berla
Chemin d'accès : \Device\Harddisk0\DR0
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la veille de sécurité : 1.355.2706.0
Version du moteur : 1.1.18800.4
Version du produit : 4.18.1911.3
Date: 2022-01-29 12:04:29
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {1A627107-66AA-4FC6-B443-CA2342B6E72E}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
CodeIntegrity:
===============
Date: 2022-01-28 09:30:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-01-28 09:25:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: AMI A0.12 11/10/2015
Carte mère: HP 2B47
Processeur: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Pourcentage de mémoire utilisée: 81%
Mémoire physique - RAM - totale: 3995.74 MB
Mémoire physique - RAM - disponible: 732.05 MB
Mémoire virtuelle totale: 6811.74 MB
Mémoire virtuelle disponible: 3029.48 MB
==================== Lecteurs ================================
Drive c: (Windows) (Fixed) (Total:917.12 GB) (Free:775.57 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:13.08 GB) (Free:1.68 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
\\?\Volume{e2d013e1-b82c-400e-9ae0-8b9012e65655}\ () (Fixed) (Total:0.83 GB) (Free:0.37 GB) NTFS
\\?\Volume{9df4742b-c9f7-436e-85cc-109fb165f27d}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4C8962F2)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par berla (29-01-2022 17:07:21)
Exécuté depuis C:\Users\berla\Desktop
Microsoft Windows 10 Famille Version 21H1 19043.1466 (X64) (2020-12-16 15:17:25)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-3914082657-850623802-2874591013-500 - Administrator - Disabled)
berla (S-1-5-21-3914082657-850623802-2874591013-1001 - Administrator - Enabled) => C:\Users\berla
DefaultAccount (S-1-5-21-3914082657-850623802-2874591013-503 - Limited - Disabled)
Invité (S-1-5-21-3914082657-850623802-2874591013-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3914082657-850623802-2874591013-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
700 by Wikango (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\700 by Wikango) (Version: - )
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
Bejeweled 3 (HKLM-x32\...\WTA-36e6913f-810f-4b6a-bdb1-2e119ef84470) (Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot (HKLM-x32\...\WTA-d93554a3-217c-4a8a-b8ab-74aec342ab19) (Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-ce7aa304-2021-4859-b8e7-691cc44040bc) (Version: 3.0.2.48 - WildTangent) Hidden
CARNET (HKLM-x32\...\CARNET) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
CDBurnerXP (HKLM-x32\...\{B8473CBC-803D-4336-A360-7D0537AD78F5}) (Version: 4.5.7.6623 - Canneverbe Limited)
Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Crazy Chicken Soccer (HKLM-x32\...\WTA-c2444e17-a3ac-4ee8-8491-bf4974813ecf) (Version: 2.2.0.110 - WildTangent) Hidden
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-b79656d1-7f33-4392-bba0-174327971445) (Version: 3.0.2.59 - WildTangent) Hidden
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 1.0 - devolo AG)
dLAN Cockpit (HKLM-x32\...\{9A7172F1-66F1-603F-7E54-35EBB9F6E2EC}) (Version: 1.19.07 - devolo AG) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Funbridge2 (HKLM-x32\...\Funbridge2) (Version: 2.6.0.0 - Goto.Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
GOTO Bridge XVI (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\GOTO Bridge16) (Version: 1.0.0.0 - Goto.Games)
GOTO Bridge XVII (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\GOTO Bridge17) (Version: 1.0.0.0 - Goto.Games)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{02E639C2-2C8A-4A55-8DFF-43666B46E8F3}) (Version: 1.5.6.0 - HP Inc.)
HP Photo Creations (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\HP Photo Creations) (Version: 1.0.0.19802 - HP)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Ready Mode Technology (HKLM\...\{9F82AA39-BB14-4BD3-98EF-D4E9E3526B7D}) (Version: 1.1.70.514 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-9998d2cc-9cb0-4f13-a2f7-7a01480b5ee1) (Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 96.0.3 (x64 fr)) (Version: 96.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Olympus Workspace (HKLM-x32\...\{15204132-338C-4685-8785-85210A71F657}) (Version: 1.4.0 - Olympus Corporation)
Online Safety 2.165.4117.2687 (HKLM-x32\...\{8ED42910-5B59-44D5-88E0-0AD6BD3CA309}) (Version: 2.165.4117.2687 - F-Secure Corporation) Hidden
OpenOffice 4.1.7 (HKLM-x32\...\{A9222889-1CDA-42BD-B11B-113E7C91C1C7}) (Version: 4.17.9800 - Apache Software Foundation)
Package de pilotes Windows - Philips (SPC630) Image (07/07/2008 1.00.10.6551) (HKLM\...\63AC44233A7F75D43C2B277636D0A5A3C4FE6A9E) (Version: 07/07/2008 1.00.10.6551 - Philips)
Package de pilotes Windows - Philips CL (phaudlwr) MEDIA (06/02/2008 1.0.5.12) (HKLM\...\FEDA512DE1CA5C505592944B44643446C045502B) (Version: 06/02/2008 1.0.5.12 - Philips CL)
Package de pilotes Windows - Philips USB (07/07/2008 1.00.10.6551) (HKLM\...\AF240394FC080FA9D034CEB31B3714313893122B) (Version: 07/07/2008 1.00.10.6551 - Philips)
PDF24 Creator 10.7.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.7.1 - PDF24.org)
Philips SPC630NC Webcam (HKLM-x32\...\{54A72E28-0D5D-44E8-870F-9B7BB2D4369E}) (Version: 1.00.000 - Philips)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-60cb2294-94d8-4e96-a794-f202ba68e458) (Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-dd900e52-3072-4446-8b7c-aa643c572cc7) (Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.75 - REALTEK Semiconductor Corp.)
Revo Uninstaller 2.3.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.5 - VS Revo Group, Ltd.)
Runefall (HKLM-x32\...\WTA-99e33ecf-526a-480e-bbb3-24d45bf326a8) (Version: 3.0.2.126 - WildTangent) Hidden
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Skype version 8.69 (HKLM-x32\...\Skype_is1) (Version: 8.69 - Skype Technologies S.A.)
SopCast 4.0.0 (HKLM-x32\...\SopCast) (Version: 4.0.0 - www.sopcast.com)
Trinklit Supreme (HKLM-x32\...\WTA-88971590-96fc-41c0-ad36-bc10bbbde5db) (Version: 2.2.0.98 - WildTangent) Hidden
UCheck version 4.1.3.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 4.1.3.0 - Adlice Software)
Vacation Quest™ - Australia (HKLM-x32\...\WTA-596b7234-a43e-4748-b264-6ffafa6089a4) (Version: 3.0.2.59 - WildTangent) Hidden
Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Wbridge5 5.1 (HKLM-x32\...\{8374A9F4-1F0B-4839-8E44-DDD92C105711}_is1) (Version: - Yves Costel)
Wedding Dash (HKLM-x32\...\WTA-e53e3344-689a-4052-aeaf-c3bc0a94e598) (Version: 2.2.0.95 - WildTangent) Hidden
Winmail Opener 1.6 (HKLM-x32\...\Winmail Opener) (Version: 1.6 - Eolsoft)
Youda Jewel Shop (HKLM-x32\...\WTA-c16beb71-b5bf-4b5e-b1e0-4e8814550a34) (Version: 3.0.2.51 - WildTangent) Hidden
Youtube Downloader HD v. 4.2.1 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Zoom (HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
Packages:
=========
1 File Viewer -> C:\Program Files\WindowsApps\14586regulars.FileViewer_1.0.4.0_x64__btadf82zgfhr6 [2022-01-16] (regulars)
123 Photos -> C:\Program Files\WindowsApps\38623ExtremeSleeper.123ImageViewerHD_2021.12.21.0_x64__2gsdpn732f8ba [2021-12-28] (mjmengji.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.210.200.0_x64__kgqvnymyfvs32 [2022-01-29] (king.com)
Classic Solitaire (Free) -> C:\Program Files\WindowsApps\470AlexeiGarbuzenko.ClassicSolitaireFree_2.3.3.0_x64__gd2qghq4jdjcm [2021-09-04] (Alexey Garbuzenko)
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-20] (Microsoft Corporation)
Dame de Pique -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.11.62.0_x64__kx24dqmazqk8j [2021-12-21] (Random Salad Games LLC)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.11.277.0_x64__rz1tebttyb220 [2022-01-20] (Dolby Laboratories)
Eurosport.com -> C:\Program Files\WindowsApps\EurosportSAS.Eurosport.com_4.1.0.0_x64__zbz8cfsntg0dj [2018-07-11] (Eurosport SAS)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-06-02] (Microsoft Corporation)
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)
Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2015-12-26] (Google Inc)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2017-04-01] (Universal Music Mobile)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-29] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-11-20] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-11] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-21] (Netflix, Inc.)
Open RAR 2.0 -> C:\Program Files\WindowsApps\9611Ostensive.OpenRAR2.0_1.2.0.0_neutral__c8k7n6ghmkqh0 [2017-09-01] (Ostensive)
Ouvreur Hotshot -> C:\Program Files\WindowsApps\29624HyperlinkHotshot.HotshotOpener_1.1.0.0_x86__vhhz8c9z5da6m [2017-09-02] (Hyperlink Hotshot)
PDF Reader - Afficher, Annoter, Partager -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.16.2.0_x64__jhretta7p24aw [2021-11-10] (Kdan Mobile Software Ltd.)
Presentation Opener -> C:\Program Files\WindowsApps\BallardAppCraftery.CraftyPresentationViewer_1.1.0.15_x86__epyrqhfctk40t [2017-11-05] (Ballard App Craftery)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-07] (Adobe Systems Incorporated)
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-17] (Snapfish)
Solitaire Français -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2021-10-08] (Random Salad Games LLC)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-14] (Twitter Inc.)
Ultra File Opener -> C:\Program Files\WindowsApps\D5BE6627.371995F5E41A5_7.2.7.0_x86__9pm2v9747qaaa [2020-09-01] (CompuClever Systems Inc.)
VCF Helper -> C:\Program Files\WindowsApps\49918ProgramFreaks.VCFHelper_1.0.0.3_neutral__d0v8kfkx2wdeg [2020-06-05] (Program Freaks)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130266.inf_amd64_e83ea833b4430f79\igfxDTCM.dll [2018-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-13] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\berla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\berla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Personne 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Modules chargés (Avec liste blanche) =============
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll => Pas de fichier
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-07-10 12:04 - 2022-01-27 19:25 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\berla\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\2014-04-05 10.18.26.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "FbNotifications"
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3914082657-850623802-2874591013-1001\...\StartupApproved\Run: => "OneDrive"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{BB7A4474-A57A-4209-BF19-9C0712454BA6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D98CD21-C6EE-49F6-A3B8-849FA17E29BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B022366-43E1-4EB1-A394-6BB76B10CD1F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{315DFC63-AD1F-4B82-9700-2A34D55C4596}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F9CEBDB-AFEB-4AA3-BB84-1F99FF64D2DE}] => (Allow) C:\Users\berla\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{D42E148E-2C69-4842-8427-9B425678F447}] => (Allow) C:\Users\berla\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1A5E023E-67D5-4008-84C1-EF4B1D8AF1F3}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS7055\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{7D701FCD-9A88-45CB-BE51-B69D03A7F4C2}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS7055\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{5AF7F229-0C3C-4183-8714-5FD95E3A752D}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS6504\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{16A46B9A-ACC1-4EB9-861F-42E9A0E0BDF1}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS6504\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [UDP Query User{ACD78987-F009-4450-BD21-F69F1122CC18}C:\program files (x86)\wikango\700\aulauncher.exe] => (Block) C:\program files (x86)\wikango\700\aulauncher.exe (Wikango) [Fichier non signé]
FirewallRules: [TCP Query User{27D5218C-C6B2-4123-88F6-866442B5C4CF}C:\program files (x86)\wikango\700\aulauncher.exe] => (Block) C:\program files (x86)\wikango\700\aulauncher.exe (Wikango) [Fichier non signé]
FirewallRules: [UDP Query User{963F6E75-2ADA-4A48-BE4C-62AEEEF5B022}C:\program files (x86)\wikango\700\aulauncher.exe] => (Allow) C:\program files (x86)\wikango\700\aulauncher.exe (Wikango) [Fichier non signé]
FirewallRules: [TCP Query User{29E2CBD8-1394-4126-93AD-B41852F1260E}C:\program files (x86)\wikango\700\aulauncher.exe] => (Allow) C:\program files (x86)\wikango\700\aulauncher.exe (Wikango) [Fichier non signé]
FirewallRules: [UDP Query User{537FBBFB-4592-4378-B27D-58A16537EB92}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [Fichier non signé]
FirewallRules: [TCP Query User{63007A83-C853-4097-BA90-2EC062959E60}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [Fichier non signé]
FirewallRules: [{4FB47FC7-02EC-44D7-8AB9-AAB1741FD6E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => Pas de fichier
FirewallRules: [{DF82EBDB-A75A-4214-BB97-19968005A97E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => Pas de fichier
FirewallRules: [{E60FDFF5-6647-425C-B4AD-D824F81B214D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Fichier non signé]
FirewallRules: [{72F4EC0E-BB75-4BF7-8A4E-BC745C8164C6}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Fichier non signé]
FirewallRules: [{E1362DB3-67ED-4CFC-9E13-931B3928CC79}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> )
FirewallRules: [{9BAF37B7-07BA-4BA3-BA8E-558484F92035}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> )
FirewallRules: [{98C4B967-5D29-483D-8309-CC3C336A8EDE}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS38BD\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{A53E03D8-7A18-446C-AADF-A54E36FCBB31}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS38BD\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{501F59DC-ED8B-46A9-B63F-79E4C94E1061}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0934D939-5011-4BF8-8041-37428F77F3B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A9BE6F62-AFCC-4F98-AF9F-1D8C063372AD}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS3DB7\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{9B1708F2-F270-4B41-9F5C-7975F52949FB}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS3DB7\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{9D7EED40-C869-4C2B-8421-F6E2EF3BD190}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07CD00CF-7278-440D-BE3F-678EE7B4CC81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{46F3CCE6-95C1-46D7-8400-737855E37669}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E94C0ED1-6A53-4855-8DF8-68BD522EA833}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{18B71644-40EC-4796-9BCE-2F31E9235E3C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7979B426-A4BC-42F0-A3D1-58927A5020D1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B93A9F5A-13E7-4201-AF7A-1C9205AE223A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F3C83AC-A48D-4CAB-B41E-B897DA4B4353}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD834653-D5C4-461D-B05B-170C574367A0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2FDA3C4-3CF3-4E7F-8B70-EC5D1817DABC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AC5E8F65-1D50-4B03-AA59-A8285FCE3BCA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{100F8E8B-4D85-450C-9720-0C89C5C77EC2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17182C8A-F144-4BFE-9460-7FE2A4EE4CE9}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS0F5B\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{AF79327A-A5B6-4CD9-85B5-F2A18F53A7D9}] => (Allow) C:\Users\berla\AppData\Local\Temp\7zS0F5B\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{50FFFFD6-3CB0-41CF-AF5E-0B9E0110FD40}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F5DCF5DB-DC1C-4D1A-85F8-C9B0BF8AC477}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A88C9D70-11E0-4958-B538-C6798FA64C51}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Points de restauration =========================
22-01-2022 17:34:35 ZHPcleaner
24-01-2022 19:49:06 ZHPcleaner
28-01-2022 09:47:31 Removed Darty Sécurité
29-01-2022 16:59:54 ZHPcleaner
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Service CCleaner Browser Update (ccleanerm) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service CCleaner Browser Elevation Service (CCleanerBrowserElevationService) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Service CCleaner Browser Update (ccleaner) since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Tools since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Adobe Flash Player Update Service since QueryServiceConfig API failed
System Error:
Le fichier spécifié est introuvable.
.
Error: (01/29/2022 05:00:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.
System Error:
Le fichier spécifié est introuvable.
.
Erreurs système:
=============
Error: (01/29/2022 11:59:55 AM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.
Error: (01/27/2022 11:24:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 11:24:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 11:24:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 11:24:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 11:24:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-47NC29N)
Description: Le serveur {3EB3C877-1F16-487C-9050-104DBCD66683} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (01/27/2022 09:08:33 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.
Error: (01/27/2022 08:55:51 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.
Windows Defender:
================
Date: 2022-01-29 17:00:35
Description:
L'accès contrôlé aux dossiers a empêché C:\Windows\System32\dllhost.exe de modifier la mémoire.
Heure de détection : 2022-01-29T16:00:35.939Z
Utilisateur : DESKTOP-47NC29N\berla
Chemin d'accès : \Device\HarddiskVolume3
Nom du processus : C:\Windows\System32\dllhost.exe
Version de la veille de sécurité : 1.355.2706.0
Version du moteur : 1.1.18800.4
Version du produit : 4.18.1911.3
Date: 2022-01-29 16:44:21
Description:
L'accès contrôlé aux dossiers a empêché C:\Program Files\CCleaner\CCleaner64.exe de modifier la mémoire.
Heure de détection : 2022-01-29T15:44:21.420Z
Utilisateur : DESKTOP-47NC29N\berla
Chemin d'accès : \Device\Harddisk0\DR0
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la veille de sécurité : 1.355.2706.0
Version du moteur : 1.1.18800.4
Version du produit : 4.18.1911.3
Date: 2022-01-29 14:27:57
Description:
L'accès contrôlé aux dossiers a empêché C:\Program Files\CCleaner\CCleaner64.exe de modifier la mémoire.
Heure de détection : 2022-01-29T13:27:57.864Z
Utilisateur : DESKTOP-47NC29N\berla
Chemin d'accès : \Device\Harddisk0\DR0
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la veille de sécurité : 1.355.2706.0
Version du moteur : 1.1.18800.4
Version du produit : 4.18.1911.3
Date: 2022-01-29 12:04:29
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {1A627107-66AA-4FC6-B443-CA2342B6E72E}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
CodeIntegrity:
===============
Date: 2022-01-28 09:30:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-01-28 09:25:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: AMI A0.12 11/10/2015
Carte mère: HP 2B47
Processeur: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Pourcentage de mémoire utilisée: 81%
Mémoire physique - RAM - totale: 3995.74 MB
Mémoire physique - RAM - disponible: 732.05 MB
Mémoire virtuelle totale: 6811.74 MB
Mémoire virtuelle disponible: 3029.48 MB
==================== Lecteurs ================================
Drive c: (Windows) (Fixed) (Total:917.12 GB) (Free:775.57 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:13.08 GB) (Free:1.68 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
\\?\Volume{e2d013e1-b82c-400e-9ae0-8b9012e65655}\ () (Fixed) (Total:0.83 GB) (Free:0.37 GB) NTFS
\\?\Volume{9df4742b-c9f7-436e-85cc-109fb165f27d}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4C8962F2)
Partition: GPT.
==================== Fin de Addition.txt =======================