Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Exécuté par sheit (26-11-2023 19:53:07)
Exécuté depuis C:\Users\sheit\Desktop
Microsoft Windows 11 Professionnel Version 23H2 22631.2715 (X64) (2023-11-19 19:04:19)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-2592330816-1423317966-2364152033-500 - Administrator - Disabled)
Aurélie (S-1-5-21-2592330816-1423317966-2364152033-1003 - Administrator - Enabled) => C:\Users\Aurélie
DefaultAccount (S-1-5-21-2592330816-1423317966-2364152033-503 - Limited - Disabled)
Invité (S-1-5-21-2592330816-1423317966-2364152033-501 - Limited - Disabled)
sheit (S-1-5-21-2592330816-1423317966-2364152033-1001 - Administrator - Enabled) => C:\Users\sheit
WDAGUtilityAccount (S-1-5-21-2592330816-1423317966-2364152033-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Max Secure Total Security (Disabled - Up to date) {2818336F-1729-A370-DBF5-67717829BFC5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Disabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton AntiVirus (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
3Dconnexion 3DxSoftware (HKLM\...\{3B01A9DA-3689-41E0-B6D9-F1F5E44A9F6E}) (Version: 10.8.16.3641 - 3Dconnexion) Hidden
3Dconnexion 3DxWare 10 (HKLM-x32\...\{92f06056-952c-467d-b516-d03c6903cd23}) (Version: 10.8.16.3641 - 3Dconnexion)
3Dconnexion 3DxWinCore (HKLM\...\{2FBB3707-A901-473F-904E-92ABE7765872}) (Version: 17.8.16.20445 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (HKLM\...\{06191A44-8DFF-4BB2-99A1-8B568DAC5BC5}) (Version: 5.8.0.20441 - 3Dconnexion) Hidden
3Dconnexion Add-In for Autodesk Inventor (HKLM\...\{6E6D5439-8AF9-4C3C-AA95-0A147CA6551E}) (Version: 2.4.1.19400 - 3Dconnexion) Hidden
3Dconnexion Add-In for Microsoft Office (HKLM\...\{B0B56E9C-7A10-4380-BCD8-A4F771CD0320}) (Version: 1.1.2.19333 - 3Dconnexion) Hidden
3Dconnexion Add-In for Navisworks (HKLM\...\{BF78BF1F-0FAD-46E9-8DEF-314BE090BD61}) (Version: 1.0.1.36 - 3Dconnexion) Hidden
3Dconnexion Add-In for Revit (HKLM\...\{48C8DF82-2E82-4615-A45B-FEAE0AA71A29}) (Version: 1.0.2.35 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge (HKLM\...\{5A69C62A-B2C9-4FDF-87DA-3C4F3B58EFF4}) (Version: 3.6.3 - 3Dconnexion) Hidden
3Dconnexion Add-In for SOLIDWORKS (HKLM\...\{F8BE1BB2-042F-4613-9368-B71DFF9C49EC}) (Version: 3.6.0.20358 - 3Dconnexion) Hidden
3Dconnexion Assembly Demo (HKLM-x32\...\{6AC5E623-5E87-426A-8E6A-353D5DB1D250}) (Version: 0.9.8.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (HKLM\...\{7DCD511E-0A3E-4586-A666-D2F9BBCAECD3}) (Version: 5.4.0.19831 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (HKLM\...\{E937DA80-FBD4-4AF9-8080-86CFDCAC9C68}) (Version: 1.5.1 - 3Dconnexion) Hidden
3Dconnexion Navigation Library Server (HKLM-x32\...\{4C6A5700-B38E-4F4F-8126-65DE9D75BFC4}) (Version: 1.4.4.19928 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2017 - 2024 (HKLM\...\{2E3DA851-3E31-498A-8352-656701757347}) (Version: 7.0.16.20075 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Acrobat 3D (HKLM\...\{CBA2D3AE-60C8-48DC-A001-85A943908B72}) (Version: 1.5.1.763 - 3Dconnexion) Hidden
3Dconnexion Plugin for Cinema 4D (HKLM\...\{092A4C5F-A277-40FF-B78A-EB585646684D}) (Version: 1.1.0.50 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Creo 2.0 - 9.0 (HKLM\...\{4357FD0C-0444-4CAF-B003-512F529EEE6D}) (Version: 2.4.6.19972 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya (HKLM\...\{19ADBA6E-9032-4FD9-8F24-4067336478B5}) (Version: 6.0.16.20076 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX 8.0 - 2306 Series (HKLM\...\{84576D61-9BE2-4499-866C-41A31573C292}) (Version: 3.5.3.20215 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop (HKLM\...\{380AD429-A881-4952-9140-95B7A3AD5785}) (Version: 2.13.0.20430 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Unity Editor (HKLM\...\{C3A53ABF-7107-4388-8D99-E6843849C177}) (Version: 1.0.1.23 - 3Dconnexion) Hidden
3Dconnexion Plugin for Unreal Editor (HKLM\...\{3D40C6FB-04C8-40CA-83A6-8D816B40AA1F}) (Version: 1.1.9.111 - 3Dconnexion) Hidden
3Dconnexion Trainer (HKLM-x32\...\{5158E770-0862-478B-ADC3-E22B33061A86}) (Version: 3.2.7.17569 - 3Dconnexion) Hidden
3Dconnexion Viewer (HKLM\...\{61BEE16E-0556-4C29-9C14-DE02FE50B870}) (Version: 1.1.0.44 - 3Dconnexion) Hidden
Adobe Photoshop (Beta) (HKLM\...\{KCF078A9-BA3F-458D-A4A0-3DBB7B169E6S}) (Version: 25.2.0 m.2357 - Adobe)
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.7.6 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.2.13.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{ef4f8c38-7a01-42e8-aff3-a52c2b70c31c}) (Version: 1.2.13.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{02DBBC13-0422-43B8-8C72-F1983DADD1FA}) (Version: 1.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{089a9b2c-cc3b-4fad-91ba-34243342505a}) (Version: 1.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.5 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{a51a52ef-375e-4963-8736-c98fae7373c4}) (Version: 1.3.9.5 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.1.0.9 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.01.27 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.107 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{90A5EA1A-E836-4E51-B078-1CC6586B9933}) (Version: 1.1.24 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{64ba8d48-3b58-4b5b-a2fb-33fcd361ef56}) (Version: 1.1.24 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.41 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.41 - ASUS)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.26 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{b7466853-b157-49df-811e-643beab9cdc7}) (Version: 3.07.26 - ASUSTeK Computer Inc.)
Autodesk AutoCAD 2024 - English (HKLM\...\{CC46AD7F-5075-3702-B2BF-CFCC5AB8468B}) (Version: 24.3.61.0 - Autodesk, Inc.)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.10.4.0 - Autodesk)
Autodesk Interoperability Engine Manager (HKLM\...\{412B8C29-F1BC-3791-A0BA-490A502077FA}) (Version: 1.1.0.28 - Autodesk.com) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{602631E2-0FA8-4BED-9EDB-E7CE9FDA437F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.46.8 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{255501f4-fc14-40a4-91e3-7e5f75f74dd8}) (Version: 1.1.46.8 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.3 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{79e8502b-eaf7-4831-b53d-2da128540d16}) (Version: 1.0.10.3 - ENE TECHNOLOGY INC.) Hidden
Everything 1.4.1.1024 (x64) (HKLM\...\Everything) (Version: 1.4.1.1024 - voidtools)
Folder Lock (HKLM-x32\...\Folder Lock) (Version: - New Softwares.net)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2023.2.0.21408 - Foxit Software Inc.)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Image Slideshower version 3.3.2 (HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\{B700046B-6A21-47D7-A027-62CF9C92FEC6}_is1) (Version: 3.3.2 - SofttouchSols, Inc.)
Intel(R) Icls (HKLM\...\{AC2499C1-4700-4ECF-9581-08954D4DAE1F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2328.5.16.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{5B599B1E-BEE8-4493-85AD-0BC087AB2B88}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{DEAFF352-6F9F-45F4-916A-DF7A0C5A5B0C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{74970E1F-42D7-443F-857F-A0A0C4E71604}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{80E278C3-C089-4D7E-B83A-9C75A691F526}) (Version: 30.100.2237.26 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2237.26 - Intel Corporation)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.25 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{92bbb3e1-0a47-41f4-800d-e889c839da91}) (Version: 1.1.25 - KINGSTON COMPONENTS INC.) Hidden
KMS_VL_ALL_AIO (HKLM-x32\...\{6774DC3B-ADD4-4B97-BB18-4D08F4FBF321}) (Version: 1.0.0 - KMS_VL_ALL_AIO)
Logitech LCD Manager (HKLM\...\{F469B548-030B-41CD-BD46-D37A7EC9A530}) (Version: 3.06.109 - Logitech Inc.) Hidden
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 - Shared Framework (x64) (HKLM-x32\...\{1182f806-658a-4241-9202-d43e13bf2719}) (Version: 6.0.8.22363 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20604 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 23.204.1001.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Office LTSC Professionnel Plus 2021 - fr-fr (HKLM\...\ProPlus2021Volume - fr-fr) (Version: 16.0.14332.20604 - Microsoft Corporation)
Norton AntiVirus (HKLM-x32\...\NGC) (Version: 22.23.10.10 - NortonLifeLock Inc)
Norton Secure Browser (HKLM-x32\...\Norton Secure Browser) (Version: 118.0.22914.118 - NortonLifeLock Inc)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20604 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20604 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14332.20546 - Microsoft Corporation) Hidden
Opera Stable 105.0.4970.21 (HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\Opera 105.0.4970.21) (Version: 105.0.4970.21 - Opera Software)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.7 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{1d74a898-7a92-484d-8f3b-e3b68dfb1264}) (Version: 1.0.9.7 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2335 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.3.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.3 - VS Revo Group, Ltd.)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.01.16 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.2.14.0 - ASUSTek COMPUTER INC.)
ROG STRIX LC (HKLM-x32\...\{b7eeaff5-d588-4e3b-aec3-72461da12839}) (Version: 4.01.26 - ASUSTek Computer Inc.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.6 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{82f9b0cd-20fe-4ed6-a632-ef6daefb3c0d}) (Version: 1.0.0.6 - PD) Hidden
uTorrent Web (HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\utweb) (Version: 1.4.0 - Rainberry, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
ZBrush 2022 (HKLM\...\ZBrush 2022 2022) (Version: 2022 - Pixologic)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5237.0_x64__8j3eq9eme6ctt [2023-11-20] (INTEL CORP) [Startup Task]
Armoury Crate - Aura Sync -> C:\Program Files\ASUS\AacAmbientHal [2023-11-19] (Sparse Package)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.7.6.0_x64__qmba6cd70vzyy [2023-11-19] (ASUSTeK COMPUTER INC.)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2023.4.4.0_x64__t5j2fzbtdg37r [2023-11-21] (DTS, Inc.)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-11-20] (Microsoft Corporation)
Norton Security -> C:\Program Files\Norton Security\Engine\22.23.10.10 [2023-11-26] (NortonLifeLock Inc.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1114.100_x64__8wekyb3d8bbwe [2023-11-24] (Microsoft Corporation)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.700.323.0_x64__8wekyb3d8bbwe [2023-11-24] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-11-20] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-24] (Microsoft Studios) [MS Ad]
Sonic Radar 3 -> C:\Program Files\WindowsApps\A-Volute.28054DF1F58B4_3.16.23.0_x64__w2gh52qy24etm [2023-11-20] (A-Volute)
Sonic Studio 3 -> C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.23.0_x64__w2gh52qy24etm [2023-11-20] (A-Volute)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0 [2023-11-24] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-11-20] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-11-19] (win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{3A308EFE-656D-46BB-9963-0A41C0D6BCA2}\localserver32 -> "C:\Users\sheit\AppData\Local\Microsoft\OneDrive\23.226.1031.0003\FileCoAuth.exe" => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{5405618e-4c42-4fb9-a80a-d24d89911296}\localserver32 -> C:\Users\sheit\AppData\Local\NhNotifSys\sonicstudio\asusns.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{87a21711-d517-42cf-a187-0753f0b18af5}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\3dxhid.inf_amd64_2961543c9286b9f7\3DxNS_CoInst.exe (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnexion)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{AF18D91C-A699-4578-ADC6-972F3BA007F0}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2024\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2023-11-25] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2023-11-25] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.10.10\NavShExt.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.10.10\NavShExt.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.10.10\NavShExt.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2023-11-19 21:54 - 2023-10-13 15:13 - 000395776 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2023-11-19 21:54 - 2023-09-15 17:21 - 000175104 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2023-11-19 21:54 - 2023-04-14 14:18 - 000159744 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node
2023-11-19 21:54 - 2023-04-14 14:18 - 000319488 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
==================== Association (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer (Avec liste blanche) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/?gfe_rd=cr&ei=zqe4Vda_KIv4vQTc0JS4DA&gws_rd=ssl
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gfe_rd=cr&ei=zqe4Vda_KIv4vQTc0JS4DA&gws_rd=ssl
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2023-11-25 17:48 - 2023-11-25 20:37 - 000000808 _____ C:\Windows\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sheit\Pictures\153 - ROG Wallpaper Challenge - 4K.jpg
HKU\S-1-5-21-2592330816-1423317966-2364152033-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Aurélie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run: => "3DxWare Service"
HKLM\...\StartupApproved\Run: => "Autodesk Access"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\StartupApproved\StartupFolder: => "Stormshield SSL VPN Client.lnk"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6935E64079137BDF8762C4A74096758A"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_4C79CD0E920919F177FAAA2B96C3D1BD"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{7576D545-4463-40F1-8C01-66417CE79F19}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23285.3703.2471.4627_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8A3E7E1-AA36-43FC-BB8A-CEB46FE81347}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23285.3703.2471.4627_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E2527F85-5E41-490E-A2D0-4B2E93381EAE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{968CEF2A-FA1A-400D-BABD-BCA6E7F3AC45}C:\users\sheit\downloads\sdio_x64_r758.exe] => (Allow) C:\users\sheit\downloads\sdio_x64_r758.exe => Pas de fichier
FirewallRules: [UDP Query User{38845F43-4F6B-4156-8D2A-EE3C686432B6}C:\users\sheit\downloads\sdio_x64_r758.exe] => (Allow) C:\users\sheit\downloads\sdio_x64_r758.exe => Pas de fichier
FirewallRules: [{116E0FFB-F671-4255-94D1-C5512AD46341}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{D544B831-FB17-4F95-91F2-20024970C8DA}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{C9184857-1C11-4509-B20E-021CCC0F88D8}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{66ED2C96-56CF-405B-9C8E-B087F0E0C427}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{E52F0B19-0FDA-4497-8A21-FF0A4A938156}] => (Allow) C:\Users\sheit\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{022381E3-8928-415D-B6B7-42D487308A06}] => (Allow) C:\Users\sheit\AppData\Roaming\uTorrent Web\utweb.exe => Pas de fichier
FirewallRules: [{8A86B5CC-26F3-4B54-8B45-98FC44541594}] => (Allow) C:\Users\sheit\AppData\Roaming\uTorrent Web\utweb.exe => Pas de fichier
FirewallRules: [{37EAB1B4-2037-4B15-A48B-1457F3F3B73C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{083E47DC-9374-4B8A-93F8-7DABF713BD38}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4A911E37-C461-47B6-93CA-16D0916CF8B7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45BCD9E2-FA21-4BA8-AC6C-80736A912A2B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{E6DD5BAE-B606-4A5D-8A3C-EE7F6A85112E}C:\users\sheit\appdata\local\programs\opera\opera.exe] => (Block) C:\users\sheit\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{BB385713-5B57-4224-B9ED-185431CAE4E5}C:\users\sheit\appdata\local\programs\opera\opera.exe] => (Block) C:\users\sheit\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{7BEE5B64-0579-4A79-A173-D076AE570F19}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{565829EA-EFB8-4CC1-AB1B-3B05E6C44CA7}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{6A9B2A48-4629-41EE-9AEB-1E759D6D414B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DABBB622-88C5-4195-A628-2D2B9EB7CB5D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07B18F20-2E86-4237-9906-D71310B511BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ECA5DF12-873E-4DC4-86B5-C2A31AA69AC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7AB11DF4-D738-4CAE-B857-F6B08E425017}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5B076B95-982B-4257-A75A-F3199E5C51F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1D6FFB00-7A17-4E56-9739-663DD2BD058A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6E1605A5-8B3A-40E0-BF36-E774A60C87B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9CBB14E2-C6AA-4EB6-82D0-EE90F38228AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{574FA230-8185-4C2D-AFAA-13D11B1F0ECB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{16F26B1B-31A8-4B9F-8D17-23707868F5A7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DDDA1E56-77D3-4D3C-A342-79EEEB9F4C00}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B01F1411-01A2-402C-919F-729B122CBCBB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4C317500-2634-473E-B5F6-ECF3CB91AE36}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C0DE1FA4-46D1-4977-92B9-F85BF1C5E8B8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2B53D1B7-8AE3-4500-B46F-920E17C1D2D7}C:\users\sheit\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\sheit\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{7B48FA85-BDA2-49A2-9398-3A93C8085E96}C:\users\sheit\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\sheit\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{6A93E68D-87B4-47B2-841A-AED7867D1BE2}] => (Allow) C:\Program Files (x86)\Norton\Browser\Application\NortonBrowser.exe (NortonLifeLock Inc. -> NortonLifeLock Inc)
==================== Points de restauration =========================
25-11-2023 01:07:56 {ec827f9c-27e5-473e-90b4-2072195a703a}
25-11-2023 21:29:34 Supprimé Stormshield SSL VPN Client
==================== Ãléments en erreur du Gestionnaire de périphériques ============
Name: Contrôleur de bus SM
Description: Contrôleur de bus SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Périphérique PCI
Description: Périphérique PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (11/26/2023 07:23:05 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/26/2023 07:01:07 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/26/2023 02:23:05 AM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/26/2023 01:23:05 AM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/26/2023 12:23:05 AM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/25/2023 11:23:05 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/25/2023 10:23:08 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/25/2023 09:23:08 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Erreurs système:
=============
Error: (11/26/2023 07:03:01 PM) (Source: DCOM) (EventID: 10010) (User: LIANLI-ROGSTRIX)
Description: Le serveur {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/26/2023 02:46:19 AM) (Source: DCOM) (EventID: 10010) (User: LianLi-RogStrix)
Description: Le serveur MicrosoftWindows.Client.CBS_1000.22677.1000.0_x64__cw5n1h2txyewy!CortanaUI ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/26/2023 02:46:19 AM) (Source: DCOM) (EventID: 10010) (User: LianLi-RogStrix)
Description: Le serveur Microsoft.Windows.StartMenuExperienceHost_10.0.22621.2506_neutral_neutral_cw5n1h2txyewy!App ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/26/2023 02:46:19 AM) (Source: DCOM) (EventID: 10010) (User: LianLi-RogStrix)
Description: Le serveur {69B7FE84-6361-4423-B948-1D64820B1E96} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/25/2023 09:30:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Orchestrator pour les mises à jour nâa pas pu démarrer en raison de lâerreur :
Le service nâa pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (11/25/2023 09:30:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de lâattente de la connexion du service Service Orchestrator pour les mises à jour.
Error: (11/25/2023 09:30:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Optimisation de livraison est en attente de démarrage.
Error: (11/25/2023 09:28:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service de transfert intelligent en arrière-plan nâa pas pu démarrer en raison de lâerreur :
Le service nâa pas répondu assez vite à la demande de lancement ou de contrôle.
Windows Defender:
================
Date: 2023-11-25 14:45:23
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Nom : Trojan:Script/Wacatac.B!ml
ID : 2147735503
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_D:\FILMS\AAA - DÃJÃ VU\_readme.txt; file:_D:\FILMS\AAC - HORREUR\_readme.txt; file:_D:\FILMS\BANLIEUE 13\_readme.txt; file:_D:\FILMS\BRUCE LEE\_readme.txt; file:_D:\FILMS\CANNONBALL\_readme.txt; file:_D:\FILMS\COUR APRES MOI SHERIF\_readme.txt; file:_D:\FILMS\Crank, Hyper Tension Duology (2006-2009) 1080p\_readme.txt; file:_D:\FILMS\Creepshow 1 & 2 1080p\_readme.txt; file:_D:\FILMS\DEAD SNOW\_readme.txt; file:_D:\FILMS\DESTINATION FINALE\_readme.txt; file:_D:\FILMS\DETOUR MORTEL\_readme.txt; file:_D:\FILMS\EN QUARANTAINE\_readme.txt; file:_D:\FILMS\EVIL DEAD\_readme.txt; file:_D:\FILMS\EXPENDABLES\_readme.txt; file:_D:\FILMS\GREMLINS\_readme.txt; file:_D:\FILMS\HOT SHOTS\_readme.txt; file:_D:\FILMS\INDIANA JONES\_readme.txt; file:_D:\FILMS\IP MAN\_readme.txt; file:_D:\FILMS\LA BOUSE\_readme.txt; file:_D:\FILMS\LA COLLINE A DES YEUX\_readme.txt; file:_D:\FILMS\LA MOMIE\_readme.txt; file:_D:\FILMS\LA MOUCHE\_readme.txt; file:_D:\FILMS\LA PLANÃTE DES SINGES\_readme.txt; file:_D:\FILMS\LE SEIGNEUR DES ANNE
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Utilisateur
Utilisateur : LianLi-RogStrix\sheit
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.401.1166.0, AS: 1.401.1166.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.23100.2009, NIS: 0.0.0.0�
Date: 2023-11-25 14:39:02
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Nom : Trojan:Script/Wacatac.B!ml
ID : 2147735503
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_D:\FILMS\AAA - DÃJÃ VU\_readme.txt; file:_D:\FILMS\AAC - HORREUR\_readme.txt; file:_D:\FILMS\BRUCE LEE\_readme.txt; file:_D:\FILMS\CANNONBALL\_readme.txt; file:_D:\FILMS\COUR APRES MOI SHERIF\_readme.txt; file:_D:\FILMS\Crank, Hyper Tension Duology (2006-2009) 1080p\_readme.txt; file:_D:\FILMS\Creepshow 1 & 2 1080p\_readme.txt; file:_D:\FILMS\DEAD SNOW\_readme.txt; file:_D:\FILMS\DESTINATION FINALE\_readme.txt; file:_D:\FILMS\DETOUR MORTEL\_readme.txt; file:_D:\FILMS\EN QUARANTAINE\_readme.txt; file:_D:\FILMS\EVIL DEAD\_readme.txt; file:_D:\FILMS\EXPENDABLES\_readme.txt; file:_D:\FILMS\GREMLINS\_readme.txt; file:_D:\FILMS\HOT SHOTS\_readme.txt; file:_D:\FILMS\INDIANA JONES\_readme.txt; file:_D:\FILMS\IP MAN\_readme.txt; file:_D:\FILMS\LA BOUSE\_readme.txt; file:_D:\FILMS\LA COLLINE A DES YEUX\_readme.txt; file:_D:\FILMS\LA MOMIE\_readme.txt; file:_D:\FILMS\LA MOUCHE\_readme.txt; file:_D:\FILMS\LA PLANÃTE DES SINGES\_readme.txt; file:_D:\FILMS\LE SEIGNEUR DES ANNEAUX TRILOGIE\_readme.txt; file:_D:\FILMS
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Utilisateur
Utilisateur : LianLi-RogStrix\sheit
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.401.1166.0, AS: 1.401.1166.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.23100.2009, NIS: 0.0.0.0�
Date: 2023-11-25 13:13:56
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.401.1166.0, AS: 1.401.1166.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.23100.2009, NIS: 0.0.0.0�
Date: 2023-11-25 01:27:03
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sabsik.FL.B&threatid=2147820548&enterprise=0
Nom : Trojan:Win32/Sabsik.FL.B
ID : 2147820548
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_E:\LOGICIELS\AAA- FONCTIONNE SUR\Microsoft Office 2019 & 2021 Pro Plus [16.0.14332.20110] Incl Activator\KMS_VL_ALL_AIO.rar
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : LianLi-RogStrix\sheit
Nom du processus : C:\Users\sheit\AppData\Local\a0e89740-4046-44e1-8a08-ea4e283504cb\4gsCEzul3ZFBIhFnkcVgyIZP.exe
Version de la veille de sécurité : AV: 1.401.1140.0, AS: 1.401.1140.0, NIS: 1.401.1140.0
Version du moteur : AM: 1.1.23100.2009, NIS: 1.1.23100.2009�
Date: 2023-11-25 01:21:22
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Filecoder.DD&threatid=2147811385&enterprise=0
Nom : Behavior:Win32/Filecoder.DD
ID : 2147811385
Gravité : Grave
Catégorie : Comportement suspect
Chemin : behavior:_process: C:\Users\sheit\AppData\Local\a0e89740-4046-44e1-8a08-ea4e283504cb\4gsCEzul3ZFBIhFnkcVgyIZP.exe, pid:16648:178890228286600; process:_pid:16648,ProcessStart:133453452785637610
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Inconnu
Utilisateur :
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.401.1140.0, AS: 1.401.1140.0, NIS: 1.401.1140.0
Version du moteur : AM: 1.1.23100.2009, NIS: 1.1.23100.2009�

CodeIntegrity:
===============
Date: 2023-11-26 19:45:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.10.10\symamsi.dll that did not meet the Windows signing level requirements.�
Date: 2023-11-26 19:45:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.10.10\symamsi.dll that did not meet the Windows signing level requirements.�
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. 2012 10/11/2022
Carte mère: ASUSTeK COMPUTER INC. ROG STRIX B660-F GAMING WIFI
Processeur: 12th Gen Intel(R) Core(TM) i7-12700K
Pourcentage de mémoire utilisée: 20%
Mémoire physique - RAM - totale: 32509.42 MB
Mémoire physique - RAM - disponible: 25824.22 MB
Mémoire virtuelle totale: 37629.42 MB
Mémoire virtuelle disponible: 30316.79 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:1862.23 GB) (Free:1748.55 GB) (Model: Samsung SSD 980 PRO 2TB) NTFS
Drive d: (HDD 1To HITACHI) (Fixed) (Total:930.91 GB) (Free:162.13 GB) (Model: WDC WD10JPVX-22JC3T0) NTFS
Drive e: (HDD 1To HGST) (Fixed) (Total:931.51 GB) (Free:142.79 GB) (Model: HGST HTS721010A9E630) NTFS
\\?\Volume{2e1f2c9e-28a0-4049-88d5-868743ba7aea}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{1076611f-138d-4bb6-8c7e-34b791ad898d}\ () (Fixed) (Total:0.67 GB) (Free:0.08 GB) NTFS
\\?\Volume{65e2c00c-3a02-4f8d-a027-2320b20d94f7}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{4a1026aa-94d2-42ab-a64a-2d451aa52a07}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9E02EBFB)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 870DEBFD)
Partition: GPT.
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 73D739DD)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par sheit (26-11-2023 19:53:07)
Exécuté depuis C:\Users\sheit\Desktop
Microsoft Windows 11 Professionnel Version 23H2 22631.2715 (X64) (2023-11-19 19:04:19)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-2592330816-1423317966-2364152033-500 - Administrator - Disabled)
Aurélie (S-1-5-21-2592330816-1423317966-2364152033-1003 - Administrator - Enabled) => C:\Users\Aurélie
DefaultAccount (S-1-5-21-2592330816-1423317966-2364152033-503 - Limited - Disabled)
Invité (S-1-5-21-2592330816-1423317966-2364152033-501 - Limited - Disabled)
sheit (S-1-5-21-2592330816-1423317966-2364152033-1001 - Administrator - Enabled) => C:\Users\sheit
WDAGUtilityAccount (S-1-5-21-2592330816-1423317966-2364152033-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Max Secure Total Security (Disabled - Up to date) {2818336F-1729-A370-DBF5-67717829BFC5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Disabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton AntiVirus (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
3Dconnexion 3DxSoftware (HKLM\...\{3B01A9DA-3689-41E0-B6D9-F1F5E44A9F6E}) (Version: 10.8.16.3641 - 3Dconnexion) Hidden
3Dconnexion 3DxWare 10 (HKLM-x32\...\{92f06056-952c-467d-b516-d03c6903cd23}) (Version: 10.8.16.3641 - 3Dconnexion)
3Dconnexion 3DxWinCore (HKLM\...\{2FBB3707-A901-473F-904E-92ABE7765872}) (Version: 17.8.16.20445 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (HKLM\...\{06191A44-8DFF-4BB2-99A1-8B568DAC5BC5}) (Version: 5.8.0.20441 - 3Dconnexion) Hidden
3Dconnexion Add-In for Autodesk Inventor (HKLM\...\{6E6D5439-8AF9-4C3C-AA95-0A147CA6551E}) (Version: 2.4.1.19400 - 3Dconnexion) Hidden
3Dconnexion Add-In for Microsoft Office (HKLM\...\{B0B56E9C-7A10-4380-BCD8-A4F771CD0320}) (Version: 1.1.2.19333 - 3Dconnexion) Hidden
3Dconnexion Add-In for Navisworks (HKLM\...\{BF78BF1F-0FAD-46E9-8DEF-314BE090BD61}) (Version: 1.0.1.36 - 3Dconnexion) Hidden
3Dconnexion Add-In for Revit (HKLM\...\{48C8DF82-2E82-4615-A45B-FEAE0AA71A29}) (Version: 1.0.2.35 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge (HKLM\...\{5A69C62A-B2C9-4FDF-87DA-3C4F3B58EFF4}) (Version: 3.6.3 - 3Dconnexion) Hidden
3Dconnexion Add-In for SOLIDWORKS (HKLM\...\{F8BE1BB2-042F-4613-9368-B71DFF9C49EC}) (Version: 3.6.0.20358 - 3Dconnexion) Hidden
3Dconnexion Assembly Demo (HKLM-x32\...\{6AC5E623-5E87-426A-8E6A-353D5DB1D250}) (Version: 0.9.8.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (HKLM\...\{7DCD511E-0A3E-4586-A666-D2F9BBCAECD3}) (Version: 5.4.0.19831 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (HKLM\...\{E937DA80-FBD4-4AF9-8080-86CFDCAC9C68}) (Version: 1.5.1 - 3Dconnexion) Hidden
3Dconnexion Navigation Library Server (HKLM-x32\...\{4C6A5700-B38E-4F4F-8126-65DE9D75BFC4}) (Version: 1.4.4.19928 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2017 - 2024 (HKLM\...\{2E3DA851-3E31-498A-8352-656701757347}) (Version: 7.0.16.20075 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Acrobat 3D (HKLM\...\{CBA2D3AE-60C8-48DC-A001-85A943908B72}) (Version: 1.5.1.763 - 3Dconnexion) Hidden
3Dconnexion Plugin for Cinema 4D (HKLM\...\{092A4C5F-A277-40FF-B78A-EB585646684D}) (Version: 1.1.0.50 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Creo 2.0 - 9.0 (HKLM\...\{4357FD0C-0444-4CAF-B003-512F529EEE6D}) (Version: 2.4.6.19972 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya (HKLM\...\{19ADBA6E-9032-4FD9-8F24-4067336478B5}) (Version: 6.0.16.20076 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX 8.0 - 2306 Series (HKLM\...\{84576D61-9BE2-4499-866C-41A31573C292}) (Version: 3.5.3.20215 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop (HKLM\...\{380AD429-A881-4952-9140-95B7A3AD5785}) (Version: 2.13.0.20430 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Unity Editor (HKLM\...\{C3A53ABF-7107-4388-8D99-E6843849C177}) (Version: 1.0.1.23 - 3Dconnexion) Hidden
3Dconnexion Plugin for Unreal Editor (HKLM\...\{3D40C6FB-04C8-40CA-83A6-8D816B40AA1F}) (Version: 1.1.9.111 - 3Dconnexion) Hidden
3Dconnexion Trainer (HKLM-x32\...\{5158E770-0862-478B-ADC3-E22B33061A86}) (Version: 3.2.7.17569 - 3Dconnexion) Hidden
3Dconnexion Viewer (HKLM\...\{61BEE16E-0556-4C29-9C14-DE02FE50B870}) (Version: 1.1.0.44 - 3Dconnexion) Hidden
Adobe Photoshop (Beta) (HKLM\...\{KCF078A9-BA3F-458D-A4A0-3DBB7B169E6S}) (Version: 25.2.0 m.2357 - Adobe)
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.7.6 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.2.13.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{ef4f8c38-7a01-42e8-aff3-a52c2b70c31c}) (Version: 1.2.13.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{02DBBC13-0422-43B8-8C72-F1983DADD1FA}) (Version: 1.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{089a9b2c-cc3b-4fad-91ba-34243342505a}) (Version: 1.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.5 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{a51a52ef-375e-4963-8736-c98fae7373c4}) (Version: 1.3.9.5 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.1.0.9 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.01.27 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.107 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{90A5EA1A-E836-4E51-B078-1CC6586B9933}) (Version: 1.1.24 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{64ba8d48-3b58-4b5b-a2fb-33fcd361ef56}) (Version: 1.1.24 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.41 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.41 - ASUS)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.26 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{b7466853-b157-49df-811e-643beab9cdc7}) (Version: 3.07.26 - ASUSTeK Computer Inc.)
Autodesk AutoCAD 2024 - English (HKLM\...\{CC46AD7F-5075-3702-B2BF-CFCC5AB8468B}) (Version: 24.3.61.0 - Autodesk, Inc.)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.10.4.0 - Autodesk)
Autodesk Interoperability Engine Manager (HKLM\...\{412B8C29-F1BC-3791-A0BA-490A502077FA}) (Version: 1.1.0.28 - Autodesk.com) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{602631E2-0FA8-4BED-9EDB-E7CE9FDA437F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.46.8 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{255501f4-fc14-40a4-91e3-7e5f75f74dd8}) (Version: 1.1.46.8 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.3 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{79e8502b-eaf7-4831-b53d-2da128540d16}) (Version: 1.0.10.3 - ENE TECHNOLOGY INC.) Hidden
Everything 1.4.1.1024 (x64) (HKLM\...\Everything) (Version: 1.4.1.1024 - voidtools)
Folder Lock (HKLM-x32\...\Folder Lock) (Version: - New Softwares.net)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2023.2.0.21408 - Foxit Software Inc.)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Image Slideshower version 3.3.2 (HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\{B700046B-6A21-47D7-A027-62CF9C92FEC6}_is1) (Version: 3.3.2 - SofttouchSols, Inc.)
Intel(R) Icls (HKLM\...\{AC2499C1-4700-4ECF-9581-08954D4DAE1F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2328.5.16.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{5B599B1E-BEE8-4493-85AD-0BC087AB2B88}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{DEAFF352-6F9F-45F4-916A-DF7A0C5A5B0C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{74970E1F-42D7-443F-857F-A0A0C4E71604}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{80E278C3-C089-4D7E-B83A-9C75A691F526}) (Version: 30.100.2237.26 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2237.26 - Intel Corporation)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.25 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{92bbb3e1-0a47-41f4-800d-e889c839da91}) (Version: 1.1.25 - KINGSTON COMPONENTS INC.) Hidden
KMS_VL_ALL_AIO (HKLM-x32\...\{6774DC3B-ADD4-4B97-BB18-4D08F4FBF321}) (Version: 1.0.0 - KMS_VL_ALL_AIO)
Logitech LCD Manager (HKLM\...\{F469B548-030B-41CD-BD46-D37A7EC9A530}) (Version: 3.06.109 - Logitech Inc.) Hidden
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 - Shared Framework (x64) (HKLM-x32\...\{1182f806-658a-4241-9202-d43e13bf2719}) (Version: 6.0.8.22363 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20604 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 23.204.1001.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Office LTSC Professionnel Plus 2021 - fr-fr (HKLM\...\ProPlus2021Volume - fr-fr) (Version: 16.0.14332.20604 - Microsoft Corporation)
Norton AntiVirus (HKLM-x32\...\NGC) (Version: 22.23.10.10 - NortonLifeLock Inc)
Norton Secure Browser (HKLM-x32\...\Norton Secure Browser) (Version: 118.0.22914.118 - NortonLifeLock Inc)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20604 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20604 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14332.20546 - Microsoft Corporation) Hidden
Opera Stable 105.0.4970.21 (HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\Opera 105.0.4970.21) (Version: 105.0.4970.21 - Opera Software)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.7 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{1d74a898-7a92-484d-8f3b-e3b68dfb1264}) (Version: 1.0.9.7 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2335 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.3.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.3 - VS Revo Group, Ltd.)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.01.16 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.2.14.0 - ASUSTek COMPUTER INC.)
ROG STRIX LC (HKLM-x32\...\{b7eeaff5-d588-4e3b-aec3-72461da12839}) (Version: 4.01.26 - ASUSTek Computer Inc.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.6 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{82f9b0cd-20fe-4ed6-a632-ef6daefb3c0d}) (Version: 1.0.0.6 - PD) Hidden
uTorrent Web (HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\utweb) (Version: 1.4.0 - Rainberry, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
ZBrush 2022 (HKLM\...\ZBrush 2022 2022) (Version: 2022 - Pixologic)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5237.0_x64__8j3eq9eme6ctt [2023-11-20] (INTEL CORP) [Startup Task]
Armoury Crate - Aura Sync -> C:\Program Files\ASUS\AacAmbientHal [2023-11-19] (Sparse Package)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.7.6.0_x64__qmba6cd70vzyy [2023-11-19] (ASUSTeK COMPUTER INC.)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2023.4.4.0_x64__t5j2fzbtdg37r [2023-11-21] (DTS, Inc.)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-11-20] (Microsoft Corporation)
Norton Security -> C:\Program Files\Norton Security\Engine\22.23.10.10 [2023-11-26] (NortonLifeLock Inc.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1114.100_x64__8wekyb3d8bbwe [2023-11-24] (Microsoft Corporation)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.700.323.0_x64__8wekyb3d8bbwe [2023-11-24] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-11-20] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-24] (Microsoft Studios) [MS Ad]
Sonic Radar 3 -> C:\Program Files\WindowsApps\A-Volute.28054DF1F58B4_3.16.23.0_x64__w2gh52qy24etm [2023-11-20] (A-Volute)
Sonic Studio 3 -> C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.23.0_x64__w2gh52qy24etm [2023-11-20] (A-Volute)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0 [2023-11-24] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-11-20] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-11-19] (win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{3A308EFE-656D-46BB-9963-0A41C0D6BCA2}\localserver32 -> "C:\Users\sheit\AppData\Local\Microsoft\OneDrive\23.226.1031.0003\FileCoAuth.exe" => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{5405618e-4c42-4fb9-a80a-d24d89911296}\localserver32 -> C:\Users\sheit\AppData\Local\NhNotifSys\sonicstudio\asusns.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{87a21711-d517-42cf-a187-0753f0b18af5}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\3dxhid.inf_amd64_2961543c9286b9f7\3DxNS_CoInst.exe (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnexion)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{AF18D91C-A699-4578-ADC6-972F3BA007F0}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2592330816-1423317966-2364152033-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2024\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2023-11-25] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2023-11-25] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.10.10\NavShExt.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.10.10\NavShExt.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\23.204.1001.0003\amd64\FileSyncShell64.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.10.10\NavShExt.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2023-11-19 21:54 - 2023-10-13 15:13 - 000395776 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2023-11-19 21:54 - 2023-09-15 17:21 - 000175104 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2023-11-19 21:54 - 2023-04-14 14:18 - 000159744 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node
2023-11-19 21:54 - 2023-04-14 14:18 - 000319488 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
==================== Association (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer (Avec liste blanche) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/?gfe_rd=cr&ei=zqe4Vda_KIv4vQTc0JS4DA&gws_rd=ssl
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gfe_rd=cr&ei=zqe4Vda_KIv4vQTc0JS4DA&gws_rd=ssl
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2023-11-25 17:48 - 2023-11-25 20:37 - 000000808 _____ C:\Windows\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sheit\Pictures\153 - ROG Wallpaper Challenge - 4K.jpg
HKU\S-1-5-21-2592330816-1423317966-2364152033-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Aurélie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run: => "3DxWare Service"
HKLM\...\StartupApproved\Run: => "Autodesk Access"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\StartupApproved\StartupFolder: => "Stormshield SSL VPN Client.lnk"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6935E64079137BDF8762C4A74096758A"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2592330816-1423317966-2364152033-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_4C79CD0E920919F177FAAA2B96C3D1BD"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{7576D545-4463-40F1-8C01-66417CE79F19}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23285.3703.2471.4627_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8A3E7E1-AA36-43FC-BB8A-CEB46FE81347}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23285.3703.2471.4627_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E2527F85-5E41-490E-A2D0-4B2E93381EAE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{968CEF2A-FA1A-400D-BABD-BCA6E7F3AC45}C:\users\sheit\downloads\sdio_x64_r758.exe] => (Allow) C:\users\sheit\downloads\sdio_x64_r758.exe => Pas de fichier
FirewallRules: [UDP Query User{38845F43-4F6B-4156-8D2A-EE3C686432B6}C:\users\sheit\downloads\sdio_x64_r758.exe] => (Allow) C:\users\sheit\downloads\sdio_x64_r758.exe => Pas de fichier
FirewallRules: [{116E0FFB-F671-4255-94D1-C5512AD46341}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{D544B831-FB17-4F95-91F2-20024970C8DA}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{C9184857-1C11-4509-B20E-021CCC0F88D8}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{66ED2C96-56CF-405B-9C8E-B087F0E0C427}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{E52F0B19-0FDA-4497-8A21-FF0A4A938156}] => (Allow) C:\Users\sheit\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{022381E3-8928-415D-B6B7-42D487308A06}] => (Allow) C:\Users\sheit\AppData\Roaming\uTorrent Web\utweb.exe => Pas de fichier
FirewallRules: [{8A86B5CC-26F3-4B54-8B45-98FC44541594}] => (Allow) C:\Users\sheit\AppData\Roaming\uTorrent Web\utweb.exe => Pas de fichier
FirewallRules: [{37EAB1B4-2037-4B15-A48B-1457F3F3B73C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{083E47DC-9374-4B8A-93F8-7DABF713BD38}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4A911E37-C461-47B6-93CA-16D0916CF8B7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45BCD9E2-FA21-4BA8-AC6C-80736A912A2B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{E6DD5BAE-B606-4A5D-8A3C-EE7F6A85112E}C:\users\sheit\appdata\local\programs\opera\opera.exe] => (Block) C:\users\sheit\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{BB385713-5B57-4224-B9ED-185431CAE4E5}C:\users\sheit\appdata\local\programs\opera\opera.exe] => (Block) C:\users\sheit\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{7BEE5B64-0579-4A79-A173-D076AE570F19}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{565829EA-EFB8-4CC1-AB1B-3B05E6C44CA7}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{6A9B2A48-4629-41EE-9AEB-1E759D6D414B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DABBB622-88C5-4195-A628-2D2B9EB7CB5D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07B18F20-2E86-4237-9906-D71310B511BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ECA5DF12-873E-4DC4-86B5-C2A31AA69AC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7AB11DF4-D738-4CAE-B857-F6B08E425017}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5B076B95-982B-4257-A75A-F3199E5C51F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1D6FFB00-7A17-4E56-9739-663DD2BD058A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6E1605A5-8B3A-40E0-BF36-E774A60C87B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9CBB14E2-C6AA-4EB6-82D0-EE90F38228AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{574FA230-8185-4C2D-AFAA-13D11B1F0ECB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{16F26B1B-31A8-4B9F-8D17-23707868F5A7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DDDA1E56-77D3-4D3C-A342-79EEEB9F4C00}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B01F1411-01A2-402C-919F-729B122CBCBB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4C317500-2634-473E-B5F6-ECF3CB91AE36}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C0DE1FA4-46D1-4977-92B9-F85BF1C5E8B8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2B53D1B7-8AE3-4500-B46F-920E17C1D2D7}C:\users\sheit\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\sheit\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{7B48FA85-BDA2-49A2-9398-3A93C8085E96}C:\users\sheit\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\sheit\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{6A93E68D-87B4-47B2-841A-AED7867D1BE2}] => (Allow) C:\Program Files (x86)\Norton\Browser\Application\NortonBrowser.exe (NortonLifeLock Inc. -> NortonLifeLock Inc)
==================== Points de restauration =========================
25-11-2023 01:07:56 {ec827f9c-27e5-473e-90b4-2072195a703a}
25-11-2023 21:29:34 Supprimé Stormshield SSL VPN Client
==================== Ãléments en erreur du Gestionnaire de périphériques ============
Name: Contrôleur de bus SM
Description: Contrôleur de bus SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Périphérique PCI
Description: Périphérique PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (11/26/2023 07:23:05 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/26/2023 07:01:07 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/26/2023 02:23:05 AM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/26/2023 01:23:05 AM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/26/2023 12:23:05 AM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/25/2023 11:23:05 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/25/2023 10:23:08 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/25/2023 09:23:08 PM) (Source: MsiInstaller) (EventID: 11406) (User: AUTORITE NT)
Description: Product: Norton Update Helper -- Error 1406. Could not write value MsiStubRun to key \SOFTWARE\Norton\Browser\Update. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Erreurs système:
=============
Error: (11/26/2023 07:03:01 PM) (Source: DCOM) (EventID: 10010) (User: LIANLI-ROGSTRIX)
Description: Le serveur {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/26/2023 02:46:19 AM) (Source: DCOM) (EventID: 10010) (User: LianLi-RogStrix)
Description: Le serveur MicrosoftWindows.Client.CBS_1000.22677.1000.0_x64__cw5n1h2txyewy!CortanaUI ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/26/2023 02:46:19 AM) (Source: DCOM) (EventID: 10010) (User: LianLi-RogStrix)
Description: Le serveur Microsoft.Windows.StartMenuExperienceHost_10.0.22621.2506_neutral_neutral_cw5n1h2txyewy!App ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/26/2023 02:46:19 AM) (Source: DCOM) (EventID: 10010) (User: LianLi-RogStrix)
Description: Le serveur {69B7FE84-6361-4423-B948-1D64820B1E96} ne sâest pas enregistré sur DCOM avant la fin du temps imparti.
Error: (11/25/2023 09:30:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Orchestrator pour les mises à jour nâa pas pu démarrer en raison de lâerreur :
Le service nâa pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (11/25/2023 09:30:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de lâattente de la connexion du service Service Orchestrator pour les mises à jour.
Error: (11/25/2023 09:30:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Optimisation de livraison est en attente de démarrage.
Error: (11/25/2023 09:28:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service de transfert intelligent en arrière-plan nâa pas pu démarrer en raison de lâerreur :
Le service nâa pas répondu assez vite à la demande de lancement ou de contrôle.
Windows Defender:
================
Date: 2023-11-25 14:45:23
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Nom : Trojan:Script/Wacatac.B!ml
ID : 2147735503
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_D:\FILMS\AAA - DÃJÃ VU\_readme.txt; file:_D:\FILMS\AAC - HORREUR\_readme.txt; file:_D:\FILMS\BANLIEUE 13\_readme.txt; file:_D:\FILMS\BRUCE LEE\_readme.txt; file:_D:\FILMS\CANNONBALL\_readme.txt; file:_D:\FILMS\COUR APRES MOI SHERIF\_readme.txt; file:_D:\FILMS\Crank, Hyper Tension Duology (2006-2009) 1080p\_readme.txt; file:_D:\FILMS\Creepshow 1 & 2 1080p\_readme.txt; file:_D:\FILMS\DEAD SNOW\_readme.txt; file:_D:\FILMS\DESTINATION FINALE\_readme.txt; file:_D:\FILMS\DETOUR MORTEL\_readme.txt; file:_D:\FILMS\EN QUARANTAINE\_readme.txt; file:_D:\FILMS\EVIL DEAD\_readme.txt; file:_D:\FILMS\EXPENDABLES\_readme.txt; file:_D:\FILMS\GREMLINS\_readme.txt; file:_D:\FILMS\HOT SHOTS\_readme.txt; file:_D:\FILMS\INDIANA JONES\_readme.txt; file:_D:\FILMS\IP MAN\_readme.txt; file:_D:\FILMS\LA BOUSE\_readme.txt; file:_D:\FILMS\LA COLLINE A DES YEUX\_readme.txt; file:_D:\FILMS\LA MOMIE\_readme.txt; file:_D:\FILMS\LA MOUCHE\_readme.txt; file:_D:\FILMS\LA PLANÃTE DES SINGES\_readme.txt; file:_D:\FILMS\LE SEIGNEUR DES ANNE
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Utilisateur
Utilisateur : LianLi-RogStrix\sheit
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.401.1166.0, AS: 1.401.1166.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.23100.2009, NIS: 0.0.0.0�
Date: 2023-11-25 14:39:02
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Nom : Trojan:Script/Wacatac.B!ml
ID : 2147735503
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_D:\FILMS\AAA - DÃJÃ VU\_readme.txt; file:_D:\FILMS\AAC - HORREUR\_readme.txt; file:_D:\FILMS\BRUCE LEE\_readme.txt; file:_D:\FILMS\CANNONBALL\_readme.txt; file:_D:\FILMS\COUR APRES MOI SHERIF\_readme.txt; file:_D:\FILMS\Crank, Hyper Tension Duology (2006-2009) 1080p\_readme.txt; file:_D:\FILMS\Creepshow 1 & 2 1080p\_readme.txt; file:_D:\FILMS\DEAD SNOW\_readme.txt; file:_D:\FILMS\DESTINATION FINALE\_readme.txt; file:_D:\FILMS\DETOUR MORTEL\_readme.txt; file:_D:\FILMS\EN QUARANTAINE\_readme.txt; file:_D:\FILMS\EVIL DEAD\_readme.txt; file:_D:\FILMS\EXPENDABLES\_readme.txt; file:_D:\FILMS\GREMLINS\_readme.txt; file:_D:\FILMS\HOT SHOTS\_readme.txt; file:_D:\FILMS\INDIANA JONES\_readme.txt; file:_D:\FILMS\IP MAN\_readme.txt; file:_D:\FILMS\LA BOUSE\_readme.txt; file:_D:\FILMS\LA COLLINE A DES YEUX\_readme.txt; file:_D:\FILMS\LA MOMIE\_readme.txt; file:_D:\FILMS\LA MOUCHE\_readme.txt; file:_D:\FILMS\LA PLANÃTE DES SINGES\_readme.txt; file:_D:\FILMS\LE SEIGNEUR DES ANNEAUX TRILOGIE\_readme.txt; file:_D:\FILMS
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Utilisateur
Utilisateur : LianLi-RogStrix\sheit
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.401.1166.0, AS: 1.401.1166.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.23100.2009, NIS: 0.0.0.0�
Date: 2023-11-25 13:13:56
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.401.1166.0, AS: 1.401.1166.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.23100.2009, NIS: 0.0.0.0�
Date: 2023-11-25 01:27:03
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sabsik.FL.B&threatid=2147820548&enterprise=0
Nom : Trojan:Win32/Sabsik.FL.B
ID : 2147820548
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_E:\LOGICIELS\AAA- FONCTIONNE SUR\Microsoft Office 2019 & 2021 Pro Plus [16.0.14332.20110] Incl Activator\KMS_VL_ALL_AIO.rar
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : LianLi-RogStrix\sheit
Nom du processus : C:\Users\sheit\AppData\Local\a0e89740-4046-44e1-8a08-ea4e283504cb\4gsCEzul3ZFBIhFnkcVgyIZP.exe
Version de la veille de sécurité : AV: 1.401.1140.0, AS: 1.401.1140.0, NIS: 1.401.1140.0
Version du moteur : AM: 1.1.23100.2009, NIS: 1.1.23100.2009�
Date: 2023-11-25 01:21:22
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Filecoder.DD&threatid=2147811385&enterprise=0
Nom : Behavior:Win32/Filecoder.DD
ID : 2147811385
Gravité : Grave
Catégorie : Comportement suspect
Chemin : behavior:_process: C:\Users\sheit\AppData\Local\a0e89740-4046-44e1-8a08-ea4e283504cb\4gsCEzul3ZFBIhFnkcVgyIZP.exe, pid:16648:178890228286600; process:_pid:16648,ProcessStart:133453452785637610
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Inconnu
Utilisateur :
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.401.1140.0, AS: 1.401.1140.0, NIS: 1.401.1140.0
Version du moteur : AM: 1.1.23100.2009, NIS: 1.1.23100.2009�

CodeIntegrity:
===============
Date: 2023-11-26 19:45:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.10.10\symamsi.dll that did not meet the Windows signing level requirements.�
Date: 2023-11-26 19:45:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.10.10\symamsi.dll that did not meet the Windows signing level requirements.�
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. 2012 10/11/2022
Carte mère: ASUSTeK COMPUTER INC. ROG STRIX B660-F GAMING WIFI
Processeur: 12th Gen Intel(R) Core(TM) i7-12700K
Pourcentage de mémoire utilisée: 20%
Mémoire physique - RAM - totale: 32509.42 MB
Mémoire physique - RAM - disponible: 25824.22 MB
Mémoire virtuelle totale: 37629.42 MB
Mémoire virtuelle disponible: 30316.79 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:1862.23 GB) (Free:1748.55 GB) (Model: Samsung SSD 980 PRO 2TB) NTFS
Drive d: (HDD 1To HITACHI) (Fixed) (Total:930.91 GB) (Free:162.13 GB) (Model: WDC WD10JPVX-22JC3T0) NTFS
Drive e: (HDD 1To HGST) (Fixed) (Total:931.51 GB) (Free:142.79 GB) (Model: HGST HTS721010A9E630) NTFS
\\?\Volume{2e1f2c9e-28a0-4049-88d5-868743ba7aea}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{1076611f-138d-4bb6-8c7e-34b791ad898d}\ () (Fixed) (Total:0.67 GB) (Free:0.08 GB) NTFS
\\?\Volume{65e2c00c-3a02-4f8d-a027-2320b20d94f7}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{4a1026aa-94d2-42ab-a64a-2d451aa52a07}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9E02EBFB)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 870DEBFD)
Partition: GPT.
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 73D739DD)
Partition: GPT.
==================== Fin de Addition.txt =======================