Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01 Exécuté par guyde (22-02-2022 11:50:16) Exécuté depuis C:\Users\guyde\Desktop Microsoft Windows 10 Famille Version 21H2 19044.1566 (X64) (2021-10-15 07:00:18) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-524797192-239853961-1918479005-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-524797192-239853961-1918479005-503 - Limited - Disabled) guyde (S-1-5-21-524797192-239853961-1918479005-1001 - Administrator - Enabled) => C:\Users\guyde Invité (S-1-5-21-524797192-239853961-1918479005-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-524797192-239853961-1918479005-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation) ATTO Disk Benchmark (HKLM-x32\...\{B483E952-8CDD-4EDA-9CD1-956FA1DF3846}) (Version: 4.010.4001 - ATTO Technology) CCleaner (HKLM\...\CCleaner) (Version: 5.90 - Piriform) cnlab UX Test (HKLM-x32\...\{4E9DDD01-5002-490F-9E18-430458F015E9}_is1) (Version: 1.9.6 - cnlab AG) Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation) Contrôle d’intégrité du PC Windows (HKLM\...\{C2812DB5-E3F5-44FF-8EA0-8E03F1B61103}) (Version: 3.3.2110.22002 - Microsoft Corporation) CrystalDiskInfo 8.12.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.0 - Crystal Dew World) CrystalDiskMark 8.0.1 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.1 - Crystal Dew World) Documentation Manager (HKLM\...\{61BA0F7D-9851-4948-8473-0236129D7A55}) (Version: 22.60.0.6 - Intel Corporation) Hidden DriversCloud.com (HKLM\...\{0666EDD6-4E2A-4D0B-B525-585F7D777BCA}) (Version: 11.1.1.0 - Cybelsoft) Dynamic Application Loader Host Interface Service (HKLM\...\{0AFA46DB-6E86-479E-BF66-B25C29324A5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden EdgeDeflector (HKU\S-1-5-21-524797192-239853961-1918479005-1001\...\EdgeDeflector) (Version: 1.2.3.0 - ) HP Support Assistant (HKLM-x32\...\{54ECA61C-83AE-4EE3-A9F7-848155A33386}) (Version: 8.8.34.31 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{2A6B6DA3-0A09-43E0-BBF1-B0A6EDBEE779}) (Version: 12.18.34.21 - HP Inc.) Intel Software Package (HKLM-x32\...\{e1d93543-7ba0-4927-aa7f-09c5fc7f25df}) (Version: 8.7.10600.20700 - Intel) Hidden Intel Software Package (HKLM-x32\...\{fb6ae7d1-efc5-4e76-b065-007ac6cb18b3}) (Version: 8.7.10700.22502 - Intel) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{a2c684b7-4a4b-425f-a805-1e88940804b0}) (Version: 10.1.18460.8229 - Intel(R) Corporation) Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10700.22502 - Intel Corporation) Intel(R) Graphics Driver Software (HKLM-x32\...\{c5033c40-ec61-4553-910b-474fb919bdd4}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2141.15.0.2511 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2129.8 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.63.1155.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{1abcb68a-399f-47fe-aa39-6da46522db0b}) (Version: 1.63.1155.1 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002110-0220-1036-84C8-B8D95FA3C8C3}) (Version: 22.110.2.1 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{342d63b4-21a3-437b-92d6-e2fe69d81340}) (Version: 22.60.0.6 - Intel Corporation) Hidden Lenovo Diagnostics Tool (HKLM\...\{01ADF966-E3BA-40DC-9037-E90BBA9ED50E}_is1) (Version: 4.41.0.154 - LENOVO (UNITED STATES) INC.) Lenovo Service Bridge (HKU\S-1-5-21-524797192-239853961-1918479005-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo) Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0131 - Lenovo) Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.11.20.0 - Lenovo Group Ltd.) LibreOffice 7.1 Help Pack (French) (HKLM\...\{4810A324-7F62-439C-BC3B-2CB5607488EB}) (Version: 7.1.8.1 - The Document Foundation) LibreOffice 7.1.8.1 (HKLM\...\{6F01086C-F49A-4367-901A-62AA5983AA41}) (Version: 7.1.8.1 - The Document Foundation) Logitech SetPoint 6.70 (HKLM\...\sp6) (Version: 6.70.55 - Logitech) Malwarebytes version 4.5.4.168 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.4.168 - Malwarebytes) Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14827.20198 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.56 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-524797192-239853961-1918479005-1001\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Migros Bank E-Banking (HKU\S-1-5-21-524797192-239853961-1918479005-1001\...\{3d9c6cfd-f5fc-40ee-8529-ed909196f340}) (Version: 8.2.2433.0 - KOBIL Systems GmbH) Hidden Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 97.0.1 (x64 fr)) (Version: 97.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden Opera GX Stable 83.0.4254.66 (HKU\S-1-5-21-524797192-239853961-1918479005-1001\...\Opera GX 83.0.4254.66) (Version: 83.0.4254.66 - Opera Software) Opera Stable 84.0.4316.14 (HKU\S-1-5-21-524797192-239853961-1918479005-1001\...\Opera 84.0.4316.14) (Version: 84.0.4316.14 - Opera Software) OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.49.20.1102 - Realtek) Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.) RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden Samsung Portable SSD Software (HKLM-x32\...\SamsungPortableSSD_is1) (Version: 1.6.7.50 - Samsung Electronics) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.21111.5 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.21111.5 - Samsung Electronics Co., Ltd.) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) VSTax 2018 (HKLM-x32\...\{C7FDFBCB-7552-481D-9973-BB1DB16AA8D7}) (Version: 1.0.8 - Abraxas Informatik AG) VSTax 2019 (HKLM-x32\...\{67260FD1-6E4C-44EF-A33D-107F678E8772}) (Version: 1.0.10 - Abraxas Informatik AG) VSTax 2020 (HKLM\...\{BDCFCC9C-4FAE-488C-B1B3-5F4207E382C7}) (Version: 1.0.7 - Abraxas Informatik AG) Packages: ========= Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2022-01-15] (INTEL CORP) [Startup Task] Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Corporation) Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20800.804.0_x64__rz1tebttyb220 [2022-01-15] (Dolby Laboratories) Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Corporation) Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_8.18.34.0_x64__17mer8kcn3j54 [2022-01-15] (Mirametrix Inc.) [Startup Task] HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_132.3.262.0_x64__v10z8vjag6ke6 [2022-01-15] (HP Inc.) Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1020.0_x64__8j3eq9eme6ctt [2022-01-15] (INTEL CORP) Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2022-01-15] (LENOVO INC) [Startup Task] Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.17.0_x64__k1h2ywk1493x8 [2022-01-15] (LENOVO INC.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-15] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Studios) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.57.43142.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Corporation) [Startup Task] Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.252.0_x64__dt26b99r8h8gj [2022-01-15] (Realtek Semiconductor Corp) Smart Microphone Setting -> C:\Program Files\WindowsApps\4505Fortemedia.FMAPOControl_1.0.38.0_x64__4pejv7q2gmsnr [2022-01-15] (Fortemedia) XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2022-01-15] (New Work SE) Zattoo -> C:\Program Files\WindowsApps\zattoo.com-CA6CF681_1.0.0.5_neutral__az5gkv0zfb1dy [2022-01-15] (zattoo.com) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_651bb78e61d538aa\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-11] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_651bb78e61d538aa\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-11] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2020-11-19 18:07 - 2020-11-19 18:07 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2020-11-19 18:07 - 2020-11-19 18:07 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-524797192-239853961-1918479005-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-12-07 10:14 - 2021-11-25 16:22 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-524797192-239853961-1918479005-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 213.221.143.240 - 213.221.144.240 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run: => "EvtMgr6" HKU\S-1-5-21-524797192-239853961-1918479005-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-524797192-239853961-1918479005-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-524797192-239853961-1918479005-1001\...\StartupApproved\Run: => "SmartSwitchPDLR.exe" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{C529ADDB-7438-463C-AF92-39D06E53AC19}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [{DECD0156-7D11-4140-83B5-5AD95CBBC494}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [TCP Query User{4C6314F7-5FFE-4DA8-BFA7-620E5CA9978C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{E34A4905-9EF7-45C5-98DB-5B56A6223C78}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{210D8106-676C-4BD1-AD66-3796A28E5268}] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A3A24AF3-6D63-4650-80BD-97217499F480}] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{F93F1E1F-4530-4AF1-8280-4126E7E28941}C:\users\guyde\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{1A0A27FA-CE54-4F1F-8A97-6098029FBF5F}C:\users\guyde\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{D8DA4623-C5B0-45C8-B5D4-69E894AB370B}C:\users\guyde\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\guyde\appdata\local\programs\opera gx\opera.exe => Pas de fichier FirewallRules: [UDP Query User{DF0027DB-5E3F-46FA-9FF4-0228C3E6D1AD}C:\users\guyde\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\guyde\appdata\local\programs\opera gx\opera.exe => Pas de fichier FirewallRules: [{2C3603B6-404F-4C3F-BC79-B16350C57D71}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{313BE8FE-6AB9-4727-B42B-389912A68CFB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E66A83A7-3EEB-48AF-AD67-4CDBF9F8BA55}] => (Allow) C:\Users\guyde\AppData\Local\Programs\Opera GX\82.0.4227.25\opera.exe => Pas de fichier FirewallRules: [TCP Query User{A737A879-1020-4888-927B-805F541DEAAA}C:\users\guyde\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{E75AF1F6-A83E-4740-B830-7E653DA84D92}C:\users\guyde\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{21BCBA35-B399-498A-AB22-5954E8ED3D2A}] => (Allow) C:\Users\guyde\AppData\Local\Programs\Opera\82.0.4227.43_0\opera.exe => Pas de fichier FirewallRules: [{B45A2E7D-CE13-4008-9EF0-9CC807B2FD44}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{CD335104-FD7B-4E6F-A4FB-4F248AB8F0A4}C:\users\guyde\appdata\local\programs\opera gx\82.0.4227.50_1\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera gx\82.0.4227.50_1\opera.exe => Pas de fichier FirewallRules: [UDP Query User{AA393287-474F-41AB-90D5-CC392A71FAEA}C:\users\guyde\appdata\local\programs\opera gx\82.0.4227.50_1\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera gx\82.0.4227.50_1\opera.exe => Pas de fichier FirewallRules: [{4B76EA86-A4CB-4E46-9F17-B0A087E141B5}] => (Block) C:\users\guyde\appdata\local\programs\opera gx\82.0.4227.50_1\opera.exe => Pas de fichier FirewallRules: [{7E31D7DB-05FF-4297-80CE-3F65DA41423B}] => (Block) C:\users\guyde\appdata\local\programs\opera gx\82.0.4227.50_1\opera.exe => Pas de fichier FirewallRules: [{8E595474-9874-461E-81E1-5A9C1BE4D437}] => (Allow) C:\Users\guyde\AppData\Local\Programs\Opera GX\82.0.4227.50\opera.exe => Pas de fichier FirewallRules: [TCP Query User{FB0F5CF2-D8ED-4B80-9B66-5E0B2960AF98}C:\users\guyde\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera gx\opera.exe => Pas de fichier FirewallRules: [UDP Query User{E243D4AA-728B-419A-8FD9-41232472AEE1}C:\users\guyde\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera gx\opera.exe => Pas de fichier FirewallRules: [{B3930173-A18C-4053-9A43-EF4D4B6E287F}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft) FirewallRules: [{7D9A016A-C78A-4027-915D-98E4F00AC1CF}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft) FirewallRules: [{843D0757-6CA9-468F-A783-32D672AA1F01}] => (Allow) C:\Users\guyde\AppData\Local\Programs\Opera\83.0.4254.62\opera.exe => Pas de fichier FirewallRules: [{91ABDF99-C86F-4EDD-8D51-1DB58074D63B}] => (Allow) C:\Users\guyde\AppData\Local\Programs\Opera\83.0.4254.62_0\opera.exe => Pas de fichier FirewallRules: [{DE29FB1E-9119-4C0C-B30A-7AA1138BB669}] => (Allow) C:\Users\guyde\AppData\Local\Programs\Opera GX\83.0.4254.66_0\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{BADFE83B-D3FE-4D9A-99BA-15CE79EF6F91}C:\users\guyde\appdata\local\programs\opera\84.0.4316.14_0\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera\84.0.4316.14_0\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{A3833C47-62F1-470D-9C71-26E2E3BAB696}C:\users\guyde\appdata\local\programs\opera\84.0.4316.14_0\opera.exe] => (Allow) C:\users\guyde\appdata\local\programs\opera\84.0.4316.14_0\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{8469C3B5-BACB-4E01-8419-398B6FA33E68}] => (Block) C:\users\guyde\appdata\local\programs\opera\84.0.4316.14_0\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{FCFD027E-39CD-41E9-93D7-F9E1A1F03073}] => (Block) C:\users\guyde\appdata\local\programs\opera\84.0.4316.14_0\opera.exe (Opera Software AS -> Opera Software) ==================== Points de restauration ========================= 15-02-2022 18:34:39 Installed DriversCloud.com 16-02-2022 05:35:35 Programme d’installation pour les modules Windows 16-02-2022 05:42:33 Programme d’installation pour les modules Windows 18-02-2022 06:39:39 Sauvegarde Windows ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (02/22/2022 07:22:10 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PCGUY) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (02/22/2022 06:30:52 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PCGUY) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (02/21/2022 04:32:33 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PCGUY) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (02/21/2022 12:04:32 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PCGUY) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (02/21/2022 10:49:22 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PCGUY) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (02/21/2022 09:31:14 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PCGUY) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (02/21/2022 06:27:20 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PCGUY) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (02/20/2022 03:20:22 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PCGUY) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Erreurs système: ============= Error: (02/22/2022 09:51:36 AM) (Source: DCOM) (EventID: 10010) (User: PCGUY) Description: Le serveur {7966B4D8-4FDC-4126-A10B-39A3209AD251} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (02/22/2022 07:18:04 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {5b4dab10-932c-4200-a5da-1944c9741e53}, a eu l’événement 74 Error: (02/22/2022 06:26:50 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {5b4dab10-932c-4200-a5da-1944c9741e53}, a eu l’événement 74 Error: (02/21/2022 04:28:27 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {5b4dab10-932c-4200-a5da-1944c9741e53}, a eu l’événement 74 Error: (02/21/2022 12:00:26 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {5b4dab10-932c-4200-a5da-1944c9741e53}, a eu l’événement 74 Error: (02/21/2022 10:45:16 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: AUTORITE NT) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {5b4dab10-932c-4200-a5da-1944c9741e53}, a eu l’événement 74 Error: (02/21/2022 09:27:08 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {5b4dab10-932c-4200-a5da-1944c9741e53}, a eu l’événement 74 Error: (02/21/2022 06:28:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service LenovoVantageService s’est terminé de façon inattendue pour la 1ème fois. Windows Defender: ================ Date: 2022-02-22 07:54:57 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {923645F0-6EAD-437C-890E-4B8AD1C61E63} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-02-22 07:34:06 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {1F8E88AD-E631-49C4-9C54-5E4F4FD8B34D} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-02-21 16:47:36 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {165F5228-B98E-4D85-8B0C-F74BA7B37225} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-02-21 09:51:22 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {7016BFAF-8414-4BD5-BA5B-D8089D2FD5BA} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-02-21 09:42:11 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {9747E50D-0B22-4C3E-9DFC-C5AABDB5AA1A} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2022-01-06 07:58:38 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\iigd_dch_i.inf_amd64_79b6212a198528e0\igdkmdn64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-12-29 20:53:44 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-12-27 11:56:05 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: LENOVO FHCN63WW 10/12/2021 Carte mère: LENOVO LNVNB161216 Processeur: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz Pourcentage de mémoire utilisée: 58% Mémoire physique - RAM - totale: 7975.3 MB Mémoire physique - RAM - disponible: 3316.37 MB Mémoire virtuelle totale: 9255.3 MB Mémoire virtuelle disponible: 3357.49 MB ==================== Lecteurs ================================ Drive c: (Windows-SSD) (Fixed) (Total:237.23 GB) (Free:142.3 GB) NTFS Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:808.46 GB) NTFS \\?\Volume{2a6965a2-0fef-4b3d-a13f-7b2817a75834}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.22 GB) NTFS \\?\Volume{f36b398c-e5d1-4b7f-90cd-c2a35498fffe}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 62CFE90C) Partition: GPT. ========================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: 8984AB9F) Partition: GPT. ==================== Fin de Addition.txt =======================