Addition.txt

Document joint : LChuIqQ76hp_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27-02-2022
Exécuté par claud (07-03-2022 18:07:45)
Exécuté depuis C:\Users\claud\Desktop
Microsoft Windows 11 Famille Version 21H2 22000.493 (X64) (2021-12-25 14:33:41)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

Administrateur (S-1-5-21-3553196534-4187707977-1824086549-500 - Administrator - Disabled)
claud (S-1-5-21-3553196534-4187707977-1824086549-1001 - Administrator - Enabled) => C:\Users\claud
DefaultAccount (S-1-5-21-3553196534-4187707977-1824086549-503 - Limited - Disabled)
Invité (S-1-5-21-3553196534-4187707977-1824086549-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3553196534-4187707977-1824086549-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

4K Video Downloader (HKLM\...\{94360C20-3425-4BB1-9A75-03A4E69194F8}) (Version: 4.20.0.4740 - Open Media LLC)
Algobox 1.0.2 (64-bit) (HKLM-x32\...\{6CE23139-4FCC-4819-970B-F37B7DD83243}) (Version: 1.0.2.0 - Algobox)
Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software)
Anti-Twin (Installation 22/11/2019) (HKLM-x32\...\Anti-Twin 2019-11-22 17.49.54) (Version: - Joerg Rosenthal, Germany)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 99.1.36.109 - Auteurs de Brave)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.90 - Piriform)
Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Contrôle d’intégrité du PC Windows (HKLM\...\{DF8C3BDB-5439-431D-89FA-A45643F262C6}) (Version: 3.1.2109.29003 - Microsoft Corporation)
CopyTrans Control Center désinstallation uniquement (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\CopyTrans Suite) (Version: 4.200 - WindSolutions)
Data Lifeguard Diagnostic version 1.37 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DeepL (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\DeepL) (Version: 2.5.1 - DeepL GmbH)
Discord (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dissenter (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\GabAI Dissenter) (Version: 80.1.5.114 - Gab AI Inc)
Figma (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\Figma) (Version: 101.6.0 - Figma, Inc.)
Figma Agent (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\FigmaAgent) (Version: 1.0.3 - Figma, Inc.)
FileZilla Client 3.56.2 (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\FileZilla Client) (Version: 3.56.2 - Tim Kosse)
Firefox Developer Edition (x64 fr) (HKLM\...\Firefox Developer Edition 98.0 (x64 fr)) (Version: 98.0 - Mozilla)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.1.37576 - Foxit Software Inc.)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.33.000 - Runtime Software)
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
Git version 2.29.2 (HKLM\...\Git_is1) (Version: 2.29.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\GitHubDesktop) (Version: 2.6.3 - GitHub, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 55.0.3.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
icofx 3.5.1 (HKLM-x32\...\icofx 3_is1) (Version: 3.5.1 - IcoFX Software S.R.L.)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.0.1- - Inkscape)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6519 - Intel Corporation) Hidden
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
LARP version 3.0 (HKLM-x32\...\LARP_is1) (Version: - )
LBRY 0.49.4 (HKLM\...\e406725b-d361-5b1c-81f7-0a4c5ac54cb3) (Version: 0.49.4 - LBRY Inc.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.11.20.0 - Lenovo Group Ltd.)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{bd366c5e-00cd-46ed-b647-0b9874f32140}) (Version: 10.1.17809.8096 - Intel(R) Corporation) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14931.20120 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.30 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.30 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\OneDriveSetup.exe) (Version: 22.022.0130.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{572E990E-67FD-4014-884C-A730BFC7E1D7}) (Version: 4.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29910 (HKLM-x32\...\{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.55.2 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.22 (x64) (HKLM-x32\...\{68de94b9-46ac-495e-a96b-de484c02f5b3}) (Version: 3.1.22.30721 - Microsoft Corporation)
Mon Lecteur VOD 2.2.2 (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\{054eedb4-e983-5035-828b-2b1f3c538c8f}) (Version: 2.2.2 - Orange)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.3.2 - Mozilla)
Mozilla Thunderbird (x64 en-US) (HKLM\...\Mozilla Thunderbird 91.6.1 (x64 en-US)) (Version: 91.6.1 - Mozilla)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden
Open Workbench (HKLM-x32\...\{1E9A9E08-0366-45EE-9B66-51852F8D9812}) (Version: 1.1.6 - CA)
Pencil (HKLM-x32\...\Pencil) (Version: - Evolus)
PhotoFiltre Studio X (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\PhotoFiltre Studio X) (Version: - )
Python 3.9.1 (64-bit) (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\{b2be55ad-3177-42aa-a6c2-53004684e4ea}) (Version: 3.9.1150.0 - Python Software Foundation)
Python 3.9.1 Add to Path (64-bit) (HKLM\...\{5AD5ED9C-14D1-4CFA-B4B1-A02CE8916D9F}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Core Interpreter (64-bit) (HKLM\...\{1C00F581-D5BF-491E-B1BB-72AA3A2250E5}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Development Libraries (64-bit) (HKLM\...\{27AD952D-DD9D-4AAC-B486-8AA601BFA064}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Documentation (64-bit) (HKLM\...\{5CB3AEED-BB03-47E2-BFF1-0CA58C236895}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Executables (64-bit) (HKLM\...\{71A9F41D-A865-46D4-A650-B210150DEF2A}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 pip Bootstrap (64-bit) (HKLM\...\{EF2B9385-6453-4702-9584-21BA8288D157}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Standard Library (64-bit) (HKLM\...\{5DD5C023-790B-4F1B-9B1B-8D1BC48F3057}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Tcl/Tk Support (64-bit) (HKLM\...\{414B5372-24FD-4302-8090-B9CE5564A6DD}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Test Suite (64-bit) (HKLM\...\{A7EC4DEB-8ABD-471D-BB5B-E579EBC9B043}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Utility Scripts (64-bit) (HKLM\...\{47A9647A-A576-4751-9C37-D32EB70285A3}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FFC95928-6A14-4FB3-8D73-7A62382F66AC}) (Version: 3.9.7280.0 - Python Software Foundation)
ReNamer (HKLM-x32\...\ReNamer_is1) (Version: 7.1.0.0 - den4b Team)
Reverso (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\43d59f9f7725e1d0) (Version: 1.2.4.289 - Reverso)
Signal 5.2.1 (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.2.1 - Open Whisper Systems)
SimpleMind Pro 1.30.0d (HKLM-x32\...\SMPRO1_is1) (Version: 1.30.0d - ModelMaker Tools BV)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.67.0 - Safer-Networking Ltd.)
Telegram Desktop version 3.5.1 (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.5.1 - Telegram FZ-LLC)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\WhatsApp) (Version: 2.2202.12 - WhatsApp)
WinDirStat 1.1.2 (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\WinDirStat) (Version: - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
XnViewMP 0.96 (HKLM\...\XnViewMP_is1) (Version: 0.96 - Gougelet Pierre-e)
Zoom (HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\ZoomUMX) (Version: 5.8.6 (2048) - Zoom Video Communications, Inc.)

Packages:
=========
Any PDF to JPG -> C:\Program Files\WindowsApps\AnywaySoftInc.AnyPDFtoJPG_1.1.7.0_x64__0qkrc2qacwvfm [2021-03-24] (AnywaySoft, Inc.) [MS Ad]
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-12] (Autodesk Inc.)
Bible -> C:\Program Files\WindowsApps\LifeChurch.tv.Bible_2.0.4.37_neutral__d1phjsdba8cbj [2021-05-21] (LifeChurch.tv)
Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2021-12-04] (INTEL CORP) [Startup Task]
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Countdown+ -> C:\Program Files\WindowsApps\18919FlorianWeinaug.Countdown_1.4.0.0_x64__yrjh7fwnn5s5m [2021-11-27] (Florian Weinaug)
Dinosaure rejoindre les enfants et reliez les points Puzzles - Rex enseigne les formes de numéros d'ABC et de comptage pour les tout-petits et les jeunes enfants d'âge préscolaire âges 2 + -> C:\Program Files\WindowsApps\EspacePtyLtd.6421266CB10C5_1.5.1.3_neutral__38khqxevzecjw [2020-05-11] (Espace Pty Ltd)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20500.501.0_x64__rz1tebttyb220 [2020-04-23] (Dolby Laboratories)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-15] (Microsoft Corporation)
Facebook (Beta) -> C:\Program Files\WindowsApps\Facebook.FacebookBeta_186.2607.44378.0_x86__8xx8rvfyw5nnt [2019-09-14] (Facebook Inc)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2022-02-28] (Facebook Inc)
Inkscape -> C:\Program Files\WindowsApps\25415Inkscape.Inkscape_1.1.0.0_x64__9waqn51p1ttv2 [2021-06-30] (Inkscape)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2022-03-02] (Instagram)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.33.0_x64__5grkq8ppsgwt4 [2022-02-19] (LENOVO INC) [Startup Task]
Lenovo Pen Settings -> C:\Program Files\WindowsApps\WacomTechnologyCorp.157535B83C264_7.7.35.0_neutral__ss941bf8mfs8a [2021-08-15] (Wacom Technology Corp.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2202.9.0_x64__k1h2ywk1493x8 [2022-02-22] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-09-07] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-23] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.64.5521.0_x64__8wekyb3d8bbwe [2022-02-23] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10201.5809.0_x64__8wekyb3d8bbwe [2022-02-03] (Microsoft Corporation)
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-08-15] (Mirkat)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-16] (Netflix, Inc.)
PDF to JPEG -> C:\Program Files\WindowsApps\40066DaniyalSyed.PDFtoJPEG_1.2.0.1000_x64__qzfwg6dxbppre [2020-03-26] (Daniyal Syed) [MS Ad]
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.516.304.0_x86__55nm5eh3cm0pr [2022-03-07] (ROBLOX Corporation)
SmartAudio 3 -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw [2021-01-22] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
Trello -> C:\Program Files\WindowsApps\45273LiamForsyth.PawsforTrello_2.12.5.0_x64__7pb5ddty8z1pa [2021-12-10] (Trello, Inc.)
Virtual Canvas -> C:\Program Files\WindowsApps\ConvivialSide.22070ED408D3A_0.6.17.0_x86__kneepbw1qxtvy [2021-11-16] (RIOBE MARC)

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> C:\Users\claud\AppData\Local\GabAI\Dissenter\Application\80.1.5.114\notification_helper.exe (Gab AI Inc. -> Gab AI Inc)
CustomCLSID: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001_Classes\CLSID\{8BE45A4C-9AD1-4C9A-B957-A4D812E42892} -> [MEGA] => C:\Users\claud\Documents\MEGA [2021-05-20 16:30]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\claud\AppData\Local\MEGAsync\ShellExtX64.dll [2022-01-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\claud\AppData\Local\MEGAsync\ShellExtX64.dll [2022-01-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\claud\AppData\Local\MEGAsync\ShellExtX64.dll [2022-01-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\claud\AppData\Local\MEGAsync\ShellExtX64.dll [2022-01-21] (Mega Limited -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\claud\AppData\Local\MEGAsync\ShellExtX64.dll [2022-01-21] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\claud\AppData\Local\MEGAsync\ShellExtX64.dll [2022-01-21] (Mega Limited -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\claud\AppData\Local\MEGAsync\ShellExtX64.dll [2022-01-21] (Mega Limited -> )
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

Shortcut: C:\Users\claud\AppData\Local\Google\Chrome\User Data Backup\Default\Extensions\jkcacbjiofjgbnaknoojjboeiinempoa\4.1_2\_locales\aliexpress_search_by_image - Ярлык.lnk -> D:\site\lowcost2.ru\widget\chrome\aliexpress_search_by_image (Pas de fichier) <==== Cyrillic
Shortcut: C:\Users\claud\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcacbjiofjgbnaknoojjboeiinempoa\4.1_0\_locales\aliexpress_search_by_image - Ярлык.lnk -> D:\site\lowcost2.ru\widget\chrome\aliexpress_search_by_image (Pas de fichier) <==== Cyrillic
Shortcut: C:\Users\claud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif\Help.lnk -> hxxp://www.digicamsoft.com
Shortcut: C:\Users\claud\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

==================== Modules chargés (Avec liste blanche) =============

2020-03-03 14:31 - 2010-03-16 00:04 - 000143360 _____ () [Fichier non signé] C:\WINDOWS\system32\BrSNMP64.dll
2020-03-03 14:31 - 2012-07-05 12:32 - 000084480 _____ (Brother Industries, Ltd.) [Fichier non signé] C:\WINDOWS\system32\BrNetSti.dll
2021-12-04 13:12 - 2021-12-04 13:12 - 042859520 _____ (Intel Corporation) [Fichier non signé] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.dll
2019-06-15 23:21 - 2019-06-15 23:21 - 001460224 _____ (Robert Simpson, et al.) [Fichier non signé] C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\Flow\Flow1\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Avec liste blanche) ========

==================== Mode sans échec (Avec liste blanche) ==================

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKLM -> DefaultScope {43CF69F0-508B-47DE-95C8-52528F2C06B1} URL =
SearchScopes: HKLM-x32 -> DefaultScope {43CF69F0-508B-47DE-95C8-52528F2C06B1} URL =
SearchScopes: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001 -> DefaultScope {bce42d98-b1cd-493f-a64c-107aae7521be} URL =
SearchScopes: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001 -> {bAe42d98-b1cd-493f-a64c-107aae7521be} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_291-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0018-0000-00291-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_291-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Il y a 7942 plus de sites.

IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\123simsen.com -> www.123simsen.com

Il y a 7942 plus de sites.

==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2018-09-15 08:31 - 2022-03-04 19:16 - 000454708 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

Il y a 15607 plus de lignes.

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Microsoft VS Code\bin;C:\Program Files\Git\cmd;C:\Program Files\Git\mingw64\bin;C:\Program Files\Git\usr\bin;C:\Program Files\dotnet\;C:\MAMP\bin\php\php7.4.1;C:\composer
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "Figma Agent"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "Figma Helper"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "LBRY"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "Reverso"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "DeepL"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-3553196534-4187707977-1824086549-1001\...\StartupApproved\Run: => "Edge Updater"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{6DE6F44D-E9FA-4FB9-96CF-9B9707E118E2}] => (Allow) C:\Users\claud\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{24E102AD-EB74-442B-BAF9-00A272887386}] => (Allow) C:\Users\claud\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D3E08322-6F9C-4426-8A35-829FEE46CB87}] => (Allow) C:\Users\claud\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{9790529F-2855-4572-884F-3BE35FED049C}C:\users\claud\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\claud\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{9DFE4A34-72E2-4DC5-865E-AB0B2AD8CFEA}C:\users\claud\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\claud\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{1F41FF5A-BF74-4EC4-87CA-430B38C3ED27}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CD5B3E72-AA01-4350-BF73-34BB65DCCFA5}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DA5AD484-AABF-4C1E-B03D-2509875FC575}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9B14ACD-E1B4-4ED7-A255-D7F3BEF910B4}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Pas de fichier
FirewallRules: [{653D61CD-D07D-4F06-A505-EF9F21A59D50}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Pas de fichier
FirewallRules: [{AC414D7B-432F-4F7D-8D25-D49085272180}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{807A5B02-4C22-4063-AC54-DDA79BE6A197}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B6F1303F-AB2A-4054-BD63-0A48CA185A9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB74ABD7-57CE-474D-BDEF-B0E423574386}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{000DFFA6-7401-473E-93A2-B5B9D4BFF95A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe => Pas de fichier
FirewallRules: [{1C1387F7-7A58-4204-894A-E5128183756C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C0F90CDD-17B1-46C1-A7AF-6EBBB899B688}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{523169F8-05C2-4468-A4A7-1B71B33ED639}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{945A277A-38E3-4D89-89D1-148DFBB95A14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{30AF15C3-EE03-4AB1-9E41-7C04C73433C9}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{349EF481-2D33-49E9-BB83-2C4AB1B307E3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22042.702.1226.2352_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E486CABD-91B8-4C0F-9DBB-A80C45FDDBE8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22042.702.1226.2352_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{12E6ACF7-5335-42CF-9849-7DD66BC0852C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

==================== Points de restauration =========================

04-03-2022 18:30:50 {e7320bb6-b519-4fc4-97a9-c3b1b391a490}

==================== Éléments en erreur du Gestionnaire de périphériques ============

==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (03/07/2022 05:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante FreemakeUtilsService.exe, version : 1.0.0.0, horodatage : 0x5f3bd392
Nom du module défaillant : KERNELBASE.dll, version : 10.0.22000.434, horodatage : 0x78dc11b6
Code d’exception : 0xe0434352
Décalage d’erreur : 0x0013ec52
ID du processus défaillant : 0x1170
Heure de début de l’application défaillante : 0x01d8323ebea7730c
Chemin d’accès de l’application défaillante : C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : 874fd4ea-a4f5-4c04-864a-2e3a3f594596
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (03/07/2022 05:16:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : FreemakeUtilsService.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : System.IO.FileNotFoundException
à FreemakeUtilsService.Program.Main(System.String[])

Error: (03/07/2022 05:16:47 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT)
Description: Event-ID 17

Error: (03/07/2022 05:16:47 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT)
Description: Event-ID 17

Error: (03/07/2022 05:16:47 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT)
Description: Event-ID 17

Error: (03/07/2022 05:16:47 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT)
Description: Event-ID 17

Error: (03/07/2022 05:16:47 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT)
Description: Event-ID 17

Error: (03/07/2022 05:16:47 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT)
Description: Event-ID 17

Erreurs système:
=============
Error: (03/07/2022 05:16:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Freemake Improver n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.

Error: (03/07/2022 05:16:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service Freemake Improver.

Error: (03/07/2022 05:16:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Client de stratégie de groupe n’a pas pu démarrer en raison de l’erreur :
Accès refusé.

Error: (03/07/2022 05:16:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Assistant Connexion avec un compte Microsoft n’a pas pu démarrer en raison de l’erreur :
Accès refusé.

Error: (03/07/2022 05:16:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Client de stratégie de groupe n’a pas pu démarrer en raison de l’erreur :
Accès refusé.

Error: (03/07/2022 05:16:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Client de stratégie de groupe n’a pas pu démarrer en raison de l’erreur :
Accès refusé.

Error: (03/07/2022 05:16:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Client de stratégie de groupe n’a pas pu démarrer en raison de l’erreur :
Accès refusé.

Error: (03/07/2022 05:16:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service de licences de client (ClipSVC) n’a pas pu démarrer en raison de l’erreur :
Accès refusé.

Windows Defender:
================
Date: 2021-12-25 15:45:44
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Nom : HackTool:Win32/Keygen
ID : 2147593794
Gravité : Élevée
Catégorie : Outil
Chemin : file:_C:\Users\claud\Desktop\MOI\LOGICIELS\ADOBE ACROBATE\Crack\Patch\adobe.snr.patch.v2.0-painter.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : AUTORITE NT\Système
Nom du processus : C:\Windows\System32\SearchProtocolHost.exe
Version de la veille de sécurité : AV: 1.343.497.0, AS: 1.343.497.0, NIS: 1.343.497.0
Version du moteur : AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-12-25 15:45:42
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Patcher&threatid=2147659947&enterprise=0
Nom : HackTool:Win32/Patcher
ID : 2147659947
Gravité : Élevée
Catégorie : Outil
Chemin : file:_C:\Users\claud\Desktop\MOI\LOGICIELS\ADOBE ACROBATE\Crack\Emul\amtemu.v0.9.2-painter.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : AUTORITE NT\Système
Nom du processus : C:\Windows\System32\SearchProtocolHost.exe
Version de la veille de sécurité : AV: 1.343.497.0, AS: 1.343.497.0, NIS: 1.343.497.0
Version du moteur : AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-12-25 15:34:48
Description:
L'accès contrôlé aux dossiers a empêché C:\Windows\System32\SearchIndexer.exe de modifier la mémoire.
Heure de détection : 2021-12-25T14:34:48.689Z
Utilisateur : AUTORITE NT\Système
Chemin d'accès : \Device\HarddiskVolume3
Nom du processus : C:\Windows\System32\SearchIndexer.exe
Version de la veille de sécurité : 1.343.497.0
Version du moteur : 1.1.18300.4
Version du produit : 4.18.2105.5

Date: 2021-12-25 15:33:45
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/PiriformBundler&threatid=277517&enterprise=0
Nom : PUA:Win32/PiriformBundler
ID : 277517
Gravité : Faible
Catégorie : Logiciel potentiellement non désiré
Chemin : containerfile:_C:\Users\claud\Desktop\MOI\LOGICIELS\CCLEANER\CCleaner Pro by CrackYourGames\CCleaner (Pro).exe; file:_C:\Users\claud\Desktop\MOI\LOGICIELS\CCLEANER\CCleaner Pro by CrackYourGames\CCleaner (Pro).exe->(nsis-instdata)
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : CLAUDE-C340\claud
Nom du processus : C:\Windows\System32\pcaui.exe
Version de la veille de sécurité : AV: 1.343.497.0, AS: 1.343.497.0, NIS: 1.343.497.0
Version du moteur : AM: 1.1.18300.4, NIS: 1.1.18300.4

CodeIntegrity:
===============
Date: 2022-03-07 18:00:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

==================== Infos Mémoire ===========================

BIOS: LENOVO AHCN34WW(V2.11) 06/18/2021
Carte mère: LENOVO LNVNB161216
Processeur: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Pourcentage de mémoire utilisée: 87%
Mémoire physique - RAM - totale: 8005.74 MB
Mémoire physique - RAM - disponible: 981.99 MB
Mémoire virtuelle totale: 9915.74 MB
Mémoire virtuelle disponible: 935.14 MB

==================== Lecteurs ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:321.28 GB) NTFS
Drive e: (TOSHIBA) (Removable) (Total:14.44 GB) (Free:14.44 GB) FAT32

\\?\Volume{0f8ad4f3-59bd-46d2-9b2c-622af11c16ad}\ () (Fixed) (Total:0.98 GB) (Free:0.06 GB) NTFS
\\?\Volume{5d06a07a-1431-4360-9734-75d29c1d855f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 986D2B3B)

Partition: GPT.

==========================================================
Disk: 1 (Size: 14.5 GB) (Disk ID: 50F94536)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)

==================== Fin de Addition.txt =======================

Signaler le contenu de ce document