Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Exécuté par ESMAEL C (05-02-2021 16:03:13)
Exécuté depuis C:\Users\ESMAEL C\Desktop
Windows 10 Home Version 2004 19041.789 (X64) (2021-01-30 14:07:28)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-3136113236-2489821390-277594644-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3136113236-2489821390-277594644-503 - Limited - Disabled)
ESMAEL C (S-1-5-21-3136113236-2489821390-277594644-1003 - Administrator - Enabled) => C:\Users\ESMAEL C
HomeGroupUser$ (S-1-5-21-3136113236-2489821390-277594644-1002 - Limited - Enabled)
Invité (S-1-5-21-3136113236-2489821390-277594644-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3136113236-2489821390-277594644-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Kaspersky Internet Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Avast Premium Sécurité (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Télécopieur Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon TS3300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS3300_series) (Version: 1.01 - Canon Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Enregistrement de l'imprimante (HKLM-x32\...\Canon EISRegistration) (Version: 1.7.0 - Canon Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.1.37576 - Foxit Software Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Google Video Support Plugin (HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.146 - Google LLC)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel(R) Driver Update Utility 2.2.0.5 (HKLM-x32\...\{C4FB3CF4-C845-4746-A9F5-476908266433}) (Version: 2.2.0.1 - Intel) Hidden
iTunes (HKLM\...\{1AA704BF-FC77-4FC3-B2AB-BFBAA3D308E5}) (Version: 12.11.0.26 - Apple Inc.)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Famille et Étudiant 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 85.0 (x64 fr) (HKLM\...\Mozilla Firefox 85.0 (x64 fr)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
PDF Shaper Free 9.5 (HKLM-x32\...\PDF Shaper Free_is1) (Version: - Burnaware)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 4.0.18.0 - Goversoft LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.28.924.2010 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.2.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.0 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype version 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
UCheck version 3.11.1.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 3.11.1.0 - Adlice Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1940.2.0_x86__kgqvnymyfvs32 [2021-01-27] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-10-19] (Canon Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-02] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Corporation) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-02-10] (Ennova Research)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-12] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2015-11-15] (Microsoft Corporation)

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3136113236-2489821390-277594644-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\ESMAEL C\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3136113236-2489821390-277594644-1003_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\ESMAEL C\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3136113236-2489821390-277594644-1003_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\ESMAEL C\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3136113236-2489821390-277594644-1003_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\ESMAEL C\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3136113236-2489821390-277594644-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ESMAEL C\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-02-04] (Goversoft LLC -> )
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-02-04] (Goversoft LLC -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-02-04] (Goversoft LLC -> )
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-02-04] (Goversoft LLC -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-02-04] (Goversoft LLC -> )
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\Users\ESMAEL C\Desktop\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=elncigcegiegoddjifacbialfijnjdde
ShortcutWithArgument: C:\Users\ESMAEL C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\mettre raccourci chrome sur bureau - .._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=elncigcegiegoddjifacbialfijnjdde
ShortcutWithArgument: C:\Users\ESMAEL C\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Modules chargés (Avec liste blanche) =============

2020-10-05 16:56 - 2017-11-02 15:36 - 000008704 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_FRA.DLL
2020-10-05 16:56 - 2017-11-02 15:36 - 000104960 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll

==================== Alternate Data Streams (Avec liste blanche) ========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [136]

==================== Mode sans échec (Avec liste blanche) ==================

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

SearchScopes: HKU\S-1-5-21-3136113236-2489821390-277594644-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\1001movie.com -> 1001movie.com

Il y a 6091 plus de sites.


==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2009-07-14 06:34 - 2021-01-26 09:40 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-05-11 12:44 - 2018-09-28 07:56 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
92.168.137.1 ESMAEL.mshome.net # 2023 9 2 26 8 47 23 692

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3136113236-2489821390-277594644-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\ESMAEL C\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3136113236-2489821390-277594644-1003\...\StartupApproved\Run: => "iCloudServices"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{EF06CAA0-9CEC-444C-B20A-249EAF5CB1BD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C81FA731-57E6-4B82-BF3D-DA3FDABA3BF2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{88982C47-6C35-489F-9D23-BE13115354BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D870E823-2300-44E3-852F-B2E4675BFF5E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{98422389-060A-463F-986E-0782252B5BBF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{41FA4310-A9FA-4C37-9CDB-34550E96CB45}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F628F56-F8B9-4A18-A71B-000DD5516C37}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{270018F9-92E1-4F70-9A72-9509317E8A82}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F0377C2E-DEE3-4980-933D-05CA04FD58C3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{75136B74-4F39-4294-A2CD-D25E11C1A97B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4143393-51DE-4052-83A4-C4239D932E43}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD749413-D131-4077-BF42-910AEA5A4C70}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35DF3F6C-758C-462B-9A6C-2CD71C37F248}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{27411597-936F-429F-BA55-7F96958B1A8D}] => (Allow) LPort=48113
FirewallRules: [{240D9547-32F9-4836-88A5-85703455569D}] => (Allow) LPort=48113
FirewallRules: [{6ED7B928-F90E-4C0A-AC6D-0382493EAE7D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3C414318-D40B-4CAA-AE8F-02B5F87888E1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{044A53E5-A958-43BE-9528-8236A2BA8F89}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4D4EC78-6835-4CF3-9F0E-EAB2098B9BA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{9B0020AF-D484-4753-B223-D7DFB6E4D916}C:\users\esmael c\desktop\anydesk.exe] => (Allow) C:\users\esmael c\desktop\anydesk.exe => Pas de fichier
FirewallRules: [UDP Query User{2B3296FB-E3F3-432F-8C4F-10C5C907A52B}C:\users\esmael c\desktop\anydesk.exe] => (Allow) C:\users\esmael c\desktop\anydesk.exe => Pas de fichier

==================== Points de restauration =========================

31-01-2021 11:07:20 Programme d’installation pour les modules Windows
03-02-2021 16:49:18 Programme d’installation pour les modules Windows
04-02-2021 11:09:16 Removed IPTInstaller
04-02-2021 12:09:57 Revo Uninstaller's restore point - CCleaner
04-02-2021 12:28:08 Point de restauration
04-02-2021 13:24:15 Point de restauration

==================== Éléments en erreur du Gestionnaire de périphériques ============


==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (02/05/2021 11:50:45 AM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/05/2021 11:50:45 AM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/05/2021 08:07:21 AM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/05/2021 08:07:21 AM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/04/2021 02:42:18 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/04/2021 02:42:18 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0


Erreurs système:
=============
Error: (02/05/2021 12:20:18 PM) (Source: DCOM) (EventID: 10010) (User: ESMAEL)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (02/05/2021 11:53:47 AM) (Source: DCOM) (EventID: 10010) (User: ESMAEL)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (02/05/2021 11:51:15 AM) (Source: DCOM) (EventID: 10010) (User: ESMAEL)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (02/05/2021 08:36:31 AM) (Source: DCOM) (EventID: 10010) (User: ESMAEL)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (02/05/2021 08:11:39 AM) (Source: DCOM) (EventID: 10010) (User: ESMAEL)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (02/05/2021 08:07:40 AM) (Source: DCOM) (EventID: 10010) (User: ESMAEL)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (02/04/2021 02:46:42 PM) (Source: DCOM) (EventID: 10010) (User: ESMAEL)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (02/04/2021 02:42:46 PM) (Source: DCOM) (EventID: 10010) (User: ESMAEL)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.


Windows Defender:
===================================
Date: 2021-02-03 08:55:41.1370000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {7D5D9256-E074-4739-B032-C937B5647B85}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-02-03 08:55:38.1710000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {20482746-720F-4217-928F-C76D1C3E0E0C}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\SERVICE RÉSEAU

Date: 2021-02-02 10:27:21.3340000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {884CB0B8-6802-44F8-BD65-B3EF7A1A9CCA}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-02-02 10:27:17.3740000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {16D9C8A4-2FBF-488C-A549-8E2D9A5CA46E}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\SERVICE RÉSEAU

Date: 2021-01-31 19:41:08.5100000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {DBE8C1FB-99A4-434A-8912-6C5A241A21A0}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

CodeIntegrity:
===================================

Date: 2021-02-05 15:52:07.6870000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 15:52:07.3920000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 15:52:07.1100000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 15:51:51.2640000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 15:51:50.4100000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 13:22:06.4740000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 13:22:06.4440000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 13:22:06.3080000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Infos Mémoire ===========================

BIOS: TOSHIBA 1.00 09/03/2010
Carte mère: TOSHIBA PWWAM
Processeur: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Pourcentage de mémoire utilisée: 50%
Mémoire physique - RAM - totale: 8028.88 MB
Mémoire physique - RAM - disponible: 3991.25 MB
Mémoire virtuelle totale: 16220.88 MB
Mémoire virtuelle disponible: 12330.86 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:464.81 GB) (Free:386.08 GB) NTFS

\\?\Volume{76c6a5fa-79c0-11e2-b01d-806e6f6e6963}\ (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{61bf2e27-0000-0000-0000-503a74000000}\ () (Fixed) (Total:0.85 GB) (Free:0.31 GB) NTFS

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 61BF2E27)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=870 MB) - (Type=27)

==================== Fin de Addition.txt =======================