Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 24-03-2025 Exécuté par saint (26-03-2025 11:54:48) Exécuté depuis C:\Users\saint\Desktop Microsoft Windows 11 Professionnel Version 24H2 26100.3476 (X64) (2025-01-18 08:10:06) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-360122050-2195018867-1331612951-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-360122050-2195018867-1331612951-503 - Limited - Disabled) Invité (S-1-5-21-360122050-2195018867-1331612951-501 - Limited - Disabled) saint (S-1-5-21-360122050-2195018867-1331612951-1001 - Administrator - Enabled) => C:\Users\saint WDAGUtilityAccount (S-1-5-21-360122050-2195018867-1331612951-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Bitdefender Antivirus (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov) Apple Mobile Device Support (HKLM\...\{11458AD2-E459-43E3-BEA3-9748C3EF0EFC}) (Version: 18.0.0.45 - Apple Inc.) Application NVIDIA 11.0.2.341 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.2.341 - NVIDIA Corporation) Atomix VirtualDJ (HKLM\...\Atomix VirtualDJ_is1) (Version: 8.5.6067 - Atomix & Team V.R) Audacity 3.7.3 (HKLM\...\Audacity_is1) (Version: 3.7.3 - Audacity Team) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.1.1.11 - Bitdefender) Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 27.0.46.231 - Bitdefender) BitTorrent (HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\BitTorrent) (Version: 7.11.0.47197 - BitTorrent Limited) BlueStacks (HKLM\...\BlueStacks_nxt) (Version: 5.22.0.1102 - now.gg, Inc.) BlueStacks Services (HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\BlueStacksServices) (Version: 3.0.9 - now.gg, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 6.34 - Piriform) CyberGhost 8 (HKLM\...\CyberGhost 8) (Version: 8.4.11.14569 - CyberGhost S.R.L.) Discord (HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\Discord) (Version: 1.0.9186 - Discord Inc.) DriversCloud.com (HKLM\...\{F292F955-3014-4502-993B-CA32CE442FDE}) (Version: 12.0.26 - Cybelsoft) Dynamic Application Loader Host Interface Service (HKLM\...\{EFB77267-D8B2-4F5C-824D-78C72974B8A2}) (Version: 1.0.0.0 - Intel Corporation) Hidden EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.423.0.5936 - Electronic Arts) Hidden EA app (HKLM-x32\...\{9597154a-3e49-4f21-827a-ae42128440ff}) (Version: 13.423.0.5936 - Electronic Arts) eMule (HKLM-x32\...\eMule) (Version: - ) Epic Games Launcher (HKLM-x32\...\{8328F55A-F9DA-41F7-BFBF-EAF1A814999C}) (Version: 1.3.128.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Eraser 6.2.0.2994 (HKLM\...\{FDC4C129-B1B1-4B19-AD75-4A2BFC6C93B2}) (Version: 6.2.2994 - The Eraser Project) EZFN Launcher (HKLM\...\{8AB51004-6157-44F4-A34D-AD074B5BABEE}) (Version: 1.2.8 - ezfn) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.177 - Google LLC) Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - ) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2507.7.10.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{7B62C716-9F53-48B8-8AF3-1A64A2DEEFFF}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{092C1421-6BAC-4EC8-B9A4-7E9BE806495B}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME WMI Provider (HKLM\...\{349563BA-B9EC-4791-A6F9-77EF6539E122}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{80E278C3-C089-4D7E-B83A-9C75A691F526}) (Version: 30.100.2237.26 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2237.26 - Intel Corporation) Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.75.121.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.75.121.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{dbdfcabf-94a4-4c0e-9d54-9d6f491d36ad}) (Version: 1.75.121.0 - Intel Corporation) Hidden JBL QuantumENGINE (HKLM\...\QuantumENGINE) (Version: 2.0.2 - JBL) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Les Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.113.297.1020 - Electronic Arts Inc.) LibreOffice 25.2.1.2 (HKLM\...\{C155ED9C-4F2D-408C-BF76-07CB2B126B25}) (Version: 25.2.1.2 - The Document Foundation) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Edge (HKLM-x32\...\{9DD52253-EDC7-3161-B3DA-31127669C901}) (Version: 134.0.3124.85 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.85 - Microsoft Corporation) Hidden Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.035.0223.0003 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 136.0.2 (x64 fr)) (Version: 136.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 136.0.1 - Mozilla) My Lockbox 5.0 (HKLM\...\My Lockbox_is1) (Version: 5.0 - ) NVIDIA FrameView SDK 1.5.10819.35301613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10819.35301613 - NVIDIA Corporation) NVIDIA Pilote audio HD 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation) NVIDIA Pilote graphique 572.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.83 - NVIDIA Corporation) OpenOffice 4.1.15 (HKLM-x32\...\{DC8B4E0E-87B2-46D7-9FBA-B55470DC3B9A}) (Version: 4.115.9813 - Apache Software Foundation) Opera Stable 117.0.5408.142 (HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\Opera 117.0.5408.142) (Version: 117.0.5408.142 - Opera Software) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.74.1128.2024 - Realtek) Revo Uninstaller 2.5.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.5.7 - VS Revo Group, Ltd.) Roblox Player for saint (HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\roblox-player) (Version: - Roblox Corporation) Roblox Studio for saint (HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\roblox-studio) (Version: - Roblox Corporation) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) Samsung DeX (HKLM-x32\...\{0E0BC66E-28B5-41F9-8D62-B952473F0577}) (Version: 2.4.1.27 - Samsung Electronics Co., Ltd.) Hidden Samsung DeX (HKLM-x32\...\{16f6962b-c45d-4bde-bd39-c414955ca303}) (Version: 2.4.1.27 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.58.0 - Samsung Electronics Co., Ltd.) Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung) Skype 8.138 (HKLM-x32\...\{25D3E4F6-A2EF-4B34-ABEB-9BAA4F105EC3}) (Version: 8.138.0.209 - Skype Technologies S.A.) Skype version 8.138 (HKLM-x32\...\Skype_is1) (Version: 8.138 - Skype Technologies S.A.) Hidden Spotify (HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\Spotify) (Version: 1.2.59.514.g834e17d4 - Spotify AB) StartAllBack (HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\StartAllBack) (Version: 3.9.5 - startisback.com) VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.92.0 - Winamp SA) Winamp Language Packs (HKLM-x32\...\Winamp Language Packs) (Version: v1.7 - Winamp SA) Chrome apps: ============ Google Photos (HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\510aa35e4c1f2487d1e1566a7cf60119) (Version: 1.0 - Google\Chrome) Packages: ========= Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2025-03-26] (Bitdefender) Copilot -> C:\Program Files\WindowsApps\Microsoft.Copilot_1.25024.146.0_x64__8wekyb3d8bbwe [2025-03-21] (Microsoft Corporation) [Startup Task] Gmaps 8 -> C:\Program Files\WindowsApps\4238Rushi.46291843E1F88_2.4.24.0_x64__cby2vxncbvytc [2025-01-21] (Rushi) HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.47.308.0_x64__v10z8vjag6ke6 [2025-01-18] (HP Inc.) HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.42.15.0_x64__v10z8vjag6ke6 [2025-02-26] (HP Inc.) Maps - Transit & Food, GPS Navigation -> C:\Program Files\WindowsApps\26031PicsCanvas.Maps-TransitFoodGPSNavigation_1.0.3.0_x64__wgnm7284c5d2a [2025-02-14] (PicsCanvas) Maps App Discovery -> C:\Program Files\WindowsApps\2938RajatSingh.MapsAppDiscovery_2.0.8.0_x64__88wwfdtnczyy6 [2025-02-15] (Rajat Singh) [MS Ad] Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x64__8wekyb3d8bbwe [2025-02-15] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x86__8wekyb3d8bbwe [2025-02-15] (Microsoft Corporation) [MS Ad] Microsoft Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_4.1.10320.0_x64__yxz26nhyzhsrt [2025-03-26] (Microsoft Corp.) Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-01-18] (Microsoft Corp.) Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.282.0_x64__8wekyb3d8bbwe [2025-03-14] (Microsoft Corporation) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-01-18] (NVIDIA Corp.) OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6 [2025-03-14] (HP Inc.) [Startup Task] OMEN Light Studio -> C:\Program Files\WindowsApps\AD2F1837.OMENLightStudio_1.0.56.0_x64__v10z8vjag6ke6 [2025-01-18] (HP Inc.) [Startup Task] Samsung Account -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungAccount_1.25.3050.0_x64__3c1yjt4zspk6g [2025-03-18] (Samsung Electronics Co. Ltd.) Samsung Find -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungFind_1.72.9.0_x64__3c1yjt4zspk6g [2025-02-14] (Samsung Electronics Co. Ltd.) [Startup Task] SmartThings -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SmartThingsWindows_1.24472.1.0_x64__3c1yjt4zspk6g [2025-01-20] (Samsung Electronics Co. Ltd.) [Startup Task] TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2025-01-29] (Bytedance Pte. Ltd.) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{117E3954-5034-453A-A18B-7B79493646E6}\InprocServer32 -> C:\Users\saint\AppData\Local\StartAllBack\StartAllBackLoaderX64.dll (IP Zinukhov Stanislav Igorevich -> ) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InprocServer32 -> C:\Users\saint\AppData\Local\StartAllBack\StartAllBackX64.dll (IP Zinukhov Stanislav Igorevich -> www.startallback.com) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InprocServer32 -> C:\Users\saint\AppData\Local\StartAllBack\StartAllBackX64.dll (IP Zinukhov Stanislav Igorevich -> www.startallback.com) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InprocServer32 -> C:\Users\saint\AppData\Local\StartAllBack\StartAllBackX64.dll (IP Zinukhov Stanislav Igorevich -> www.startallback.com) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\saint\AppData\Local\StartAllBack\StartAllBackX64.dll (IP Zinukhov Stanislav Igorevich -> www.startallback.com) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{ab0b37ec-56f6-4a0e-a8fd-7a8bf7c2da97}\InprocServer32 -> C:\Users\saint\AppData\Local\StartAllBack\StartAllBackX64.dll (IP Zinukhov Stanislav Igorevich -> www.startallback.com) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\saint\AppData\Local\StartAllBack\StartAllBackX64.dll (IP Zinukhov Stanislav Igorevich -> www.startallback.com) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{da3306b1-2554-420b-8d0e-6bd29bb4d8ed}\localserver32 -> C:\Users\saint\AppData\Local\StartAllBack\UpdateCheck.exe (IP Zinukhov Stanislav Igorevich -> www.startisback.com) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\saint\AppData\Local\StartAllBack\StartAllBackX64.dll (IP Zinukhov Stanislav Igorevich -> www.startallback.com) CustomCLSID: HKU\S-1-5-21-360122050-2195018867-1331612951-1001_Classes\CLSID\{FCEA18FF-BC55-4E63-94D7-1B2EFBFE706F}\Shell\Open\Command -> C:\Users\saint\AppData\Local\StartAllBack\StartAllBackCfg.exe (IP Zinukhov Stanislav Igorevich -> ) ShellIconOverlayIdentifiers: [ MEGA (NotFound)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890635} => C:\Users\saint\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-18] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\saint\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-18] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\saint\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-18] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\saint\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-18] (Mega Limited -> ) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2024-03-22] (HEIDI COMPUTERS LIMITED -> The Eraser Project) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\saint\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-18] (Mega Limited -> ) ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2024-03-22] (HEIDI COMPUTERS LIMITED -> The Eraser Project) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\saint\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-18] (Mega Limited -> ) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\saint\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-18] (Mega Limited -> ) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2024-03-22] (HEIDI COMPUTERS LIMITED -> The Eraser Project) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\saint\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-18] (Mega Limited -> ) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncShell64.dll [2025-03-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2024-03-22] (HEIDI COMPUTERS LIMITED -> The Eraser Project) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_0d3b095e2273d754\nvshext.dll [2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2024-03-22] (HEIDI COMPUTERS LIMITED -> The Eraser Project) FolderExtensions_S-1-5-21-360122050-2195018867-1331612951-1001: [] -> {117E3954-5034-453A-A18B-7B79493646E6} => C:\Users\saint\AppData\Local\StartAllBack\StartAllBackLoaderX64.dll [2025-03-14] (IP Zinukhov Stanislav Igorevich -> ) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2025-01-18] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2025-01-18] (Electronic Arts -> On2.com) ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\saint\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\saint\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\bruno - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\saint\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1" ==================== Modules chargés (Avec liste blanche) ============= 2025-03-26 10:28 - 2025-03-26 10:28 - 002338304 _____ () [Fichier non signé] \\?\C:\Users\saint\AppData\Local\Temp\e8f5b70a-b2f8-43cb-a2ca-fe750a81d67d.tmp.node 2025-01-18 17:59 - 2024-05-08 09:18 - 002862080 _____ () [Fichier non signé] C:\Users\saint\AppData\Local\Programs\bluestacks-services\ffmpeg.dll 2025-01-18 17:59 - 2024-05-08 09:18 - 000479232 _____ () [Fichier non signé] C:\Users\saint\AppData\Local\Programs\bluestacks-services\libegl.dll 2025-01-18 17:59 - 2024-05-08 09:18 - 007513600 _____ () [Fichier non signé] C:\Users\saint\AppData\Local\Programs\bluestacks-services\libglesv2.dll 2025-01-18 17:59 - 2024-05-08 09:18 - 005209088 _____ () [Fichier non signé] C:\Users\saint\AppData\Local\Programs\bluestacks-services\vk_swiftshader.dll 2025-03-21 17:42 - 2025-02-08 10:20 - 000606208 _____ (Microsoft Corporation) [Fichier non signé] C:\WINDOWS\system32\themeui.dll 2025-03-21 17:42 - 2025-02-21 19:36 - 000196608 _____ (Microsoft Corporation) [Fichier non signé] C:\WINDOWS\SYSTEM32\uxinit.dll 2025-03-21 18:35 - 2025-03-21 18:35 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\PlugIns\NVIDIA app\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll 2025-03-21 18:35 - 2025-03-21 18:35 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ============= HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-360122050-2195018867-1331612951-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2025-02-18] (HP Inc. -> HP Inc.) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2025-02-18] (HP Inc. -> HP Inc.) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2024-04-01 08:26 - 2024-04-01 08:24 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2025-02-28 20:16 - 2025-03-26 10:28 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.28.64.1 DESKTOP-L35DC12.mshome.net # 2030 3 1 25 9 28 17 676 ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-360122050-2195018867-1331612951-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. Network Binding: ============= Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys Connexion réseau Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys Wi-Fi: Realtek RTL8822CE 802.11ac PCIe Adapter -> rtwlane.sys vEthernet (Default Switch): Hyper-V Virtual Ethernet Adapter -> Connexion au réseau local: TAP-Windows Adapter V9 -> tap0901.sys nt_rtf64: Realtek LightWeight Filter (NDIS6.40) vms_vsf: Filtre d’extension de commutateur virtuel Hyper-V ms_l1vhlwf: Virtualisation de réseau imbriqué vms_vsp: Protocole d’extension de commutateur virtuel Hyper-V ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\StartupApproved\Run: => "Opera Stable" HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\StartupApproved\Run: => "Skype for Desktop" HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\StartupApproved\Run: => "Samsung DeX" HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-360122050-2195018867-1331612951-1001\...\StartupApproved\Run: => "JBL QuantumENGINE" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{8EB03A00-8786-4834-8056-7872E45DC2AD}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender) FirewallRules: [{3A79FC68-0E41-49E7-A044-6AF3A694F184}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [{3C001A17-8A98-4F9E-8317-90784DC86378}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [TCP Query User{26B380C1-5AE5-4BD6-AFF1-572B610A1518}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{10114EDB-BEF7-4C6C-A2EE-CE1E4F3F8924}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games) FirewallRules: [{9246D6B8-6E2F-438E-ACF7-EF94487A3230}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) FirewallRules: [{53284F68-5EBE-4F2E-99BA-CA0CA7DBB7F6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) FirewallRules: [{B8EA318D-6BCF-4F6D-BD2D-AD3F3BD4C37A}] => (Allow) C:\program files (x86)\wondershare\dr.fone\drfonetoolkit.exe => Pas de fichier FirewallRules: [TCP Query User{12B69031-87F5-4FD8-8216-F9A0E79F8A2C}C:\program files\windowsapps\mozilla.firefox_134.0.1.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe] => (Allow) C:\program files\windowsapps\mozilla.firefox_134.0.1.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe => Pas de fichier FirewallRules: [UDP Query User{57A47560-9E60-45D0-83ED-211EF8431A4F}C:\program files\windowsapps\mozilla.firefox_134.0.1.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe] => (Allow) C:\program files\windowsapps\mozilla.firefox_134.0.1.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe => Pas de fichier FirewallRules: [TCP Query User{DBD859D9-4750-425B-8B57-FE984B33E54F}C:\users\saint\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\saint\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{5D7182C2-8F3D-4EA3-9DD6-F93802402BFA}C:\users\saint\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\saint\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{3565756A-5BFB-4B60-B6AE-2AF8B23539A8}C:\program files\windowsapps\mozilla.firefox_134.0.2.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe] => (Allow) C:\program files\windowsapps\mozilla.firefox_134.0.2.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe => Pas de fichier FirewallRules: [UDP Query User{7CCFB24D-A775-4F40-989C-C2984FC787D6}C:\program files\windowsapps\mozilla.firefox_134.0.2.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe] => (Allow) C:\program files\windowsapps\mozilla.firefox_134.0.2.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe => Pas de fichier FirewallRules: [{604E3411-860C-437A-9BB9-17A5E28F7F2E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4EF5FB78-4E46-43A7-89CE-884496047861}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{005F1099-08C3-4787-949B-A475FCDDE7FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9245A6C5-9991-43BE-A249-1A48AEB8BD56}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E10CD439-DD03-427C-A5A1-6CCBA955D870}] => (Allow) C:\Users\saint\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Limited) FirewallRules: [{678CA0FC-340C-495D-8CA9-BE1766AF8FCB}] => (Allow) C:\Users\saint\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Limited) FirewallRules: [TCP Query User{2768E65E-ADB1-448A-9BC8-B571AE7F0D17}C:\users\saint\downloads\assetto corsa evo (v0.1_early access) - p2p\assettocorsaevo.exe] => (Allow) C:\users\saint\downloads\assetto corsa evo (v0.1_early access) - p2p\assettocorsaevo.exe => Pas de fichier FirewallRules: [UDP Query User{451446A3-723C-456C-8CF3-90F627F45A2B}C:\users\saint\downloads\assetto corsa evo (v0.1_early access) - p2p\assettocorsaevo.exe] => (Allow) C:\users\saint\downloads\assetto corsa evo (v0.1_early access) - p2p\assettocorsaevo.exe => Pas de fichier FirewallRules: [TCP Query User{1FDD8303-83EF-407F-9AD0-86B092E075EB}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Fichier non signé] FirewallRules: [UDP Query User{7EA934FA-4A67-4EC7-B202-E83FA62C39C0}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Fichier non signé] FirewallRules: [TCP Query User{EFAA382B-BBD5-45EB-B1F2-7031377EA3CC}C:\users\saint\appdata\local\ezfnlauncherv4\fortnite\7.40-cl-5046157\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\users\saint\appdata\local\ezfnlauncherv4\fortnite\7.40-cl-5046157\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) [Fichier non signé] FirewallRules: [UDP Query User{875CF322-5391-4E96-86D3-712A758BB582}C:\users\saint\appdata\local\ezfnlauncherv4\fortnite\7.40-cl-5046157\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\users\saint\appdata\local\ezfnlauncherv4\fortnite\7.40-cl-5046157\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) [Fichier non signé] FirewallRules: [TCP Query User{3F987D92-24E8-408A-8850-36C241CA8F0E}C:\program files\windowsapps\mozilla.firefox_135.0.1.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe] => (Allow) C:\program files\windowsapps\mozilla.firefox_135.0.1.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe => Pas de fichier FirewallRules: [UDP Query User{AE985C07-9AB3-476F-A3DE-A6A5C1FA9F70}C:\program files\windowsapps\mozilla.firefox_135.0.1.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe] => (Allow) C:\program files\windowsapps\mozilla.firefox_135.0.1.0_x64__n80bbvh6b1yt2\vfs\programfiles\firefox package root\firefox.exe => Pas de fichier FirewallRules: [{E8DCAF32-9F4B-46C9-8B15-F0328A5B9470}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{C94F3DC3-5B63-49B6-B3E2-4FBFCA3B6FEF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{FAA1EB6C-7C14-48AB-A4E3-C53280B46C19}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{D9B83E0A-980F-4E61-8AEF-A15551AED58D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{8AB82A59-475F-459C-83B8-FDF968718E1C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{6F0C446C-61FC-4FE1-A5E1-1472080B61F9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{7D562A72-AD11-440C-ADD4-9D0AE21770A1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{81A1B08E-BC77-4063-A515-53F19E4E016A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{C8E03F2E-69A3-46FB-8AB0-C9E8469B9238}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{F5F99600-B641-4389-A7A9-09AD9182FE9F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{26F2DDB6-7944-4051-BDC2-6ABE778BC895}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{C8E0B101-1FA9-49DB-B63D-36051341EA74}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{2CED1418-1B40-4FB6-A29A-3D68EDAB44D4}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{868BA0B5-F12B-4CEE-A252-BF29B8F0C0C7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{BA756009-E78F-42AF-826A-3BA115FDC823}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{6BA03D59-68FA-463E-963C-37979B4BB6BF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2502.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{19DC3337-AB51-42AD-B35D-079B39E506FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E78E767C-FC6A-428B-9960-95933F004465}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C0123EEA-8475-4103-8175-DEF6BC625443}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.) FirewallRules: [{4AA5B5E3-F921-4529-8DA9-47A14670611C}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Pas de fichier FirewallRules: [{752AAA89-165A-4A54-8C86-90435124120D}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems) FirewallRules: [{DF283A86-0C8E-4A62-8465-655933F8B7D6}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.) FirewallRules: [{2FA3D5FD-1B83-4CC2-8738-3DA87844854D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B18F039E-C28E-41E2-8225-57080543255B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BDE8171D-8714-41FF-AB0B-3FFA535ACC26}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{064B0DEE-28AF-4E3D-B865-90D922C471B7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A0175CB9-B250-4B8C-BC6A-F5E50C3A75AB}] => (Allow) C:\Users\saint\AppData\Local\Programs\Opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{14BA6633-26EE-4003-B959-850E95EEEBE1}] => (Allow) C:\Program Files\EA Games\The Sims 4\Game\Bin\TS4_Launcher_x64.exe (Electronic Arts Inc.) [Fichier non signé] FirewallRules: [{12569ACD-DB92-47F7-A995-AC9BEAFC30DB}] => (Allow) C:\Program Files\EA Games\The Sims 4\Game\Bin\TS4_Launcher_x64.exe (Electronic Arts Inc.) [Fichier non signé] FirewallRules: [{CEAEB179-2F48-4882-8C71-D9347F5172B6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{BB8EB8D5-1873-410D-BEF9-A392E290ABCF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{15FA2510-3536-418D-8640-27A2067F894B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D52F91F8-8E7F-434F-869B-D68B4C3FDEBA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{69AB2097-B940-4A9A-92B5-A6BC75F41E76}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D96394CA-D6F2-4DBF-881F-9245FD0C66DA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{833EF403-1D76-405D-B8A4-31DF6933AD35}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4D039555-5B88-4F99-A285-2B90121FCE65}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{105E5DBC-6918-417B-91B5-EE6071E417F1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{5D7BA348-4A11-421C-895F-6FDE04E9B8F2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{7A8D73B6-F431-4E03-8B83-030B2F88EA36}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{FD1C4E76-1C34-41C0-9780-7675FD294B7D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.83\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F80E54B0-FD06-4A34-8D09-9626B5AAC8FE}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe (CYBELSOFT -> ) FirewallRules: [{5458A5F2-8AD8-4F1B-A0B5-279A0693F307}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe (CYBELSOFT -> ) FirewallRules: [TCP Query User{92D78869-215C-4B91-93AF-6FAE3B606C8C}C:\program files\epic games\helloneighbormodkit\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\helloneighbormodkit\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{E7FAA70A-FDFA-4726-8F05-CC85B9618171}C:\program files\epic games\helloneighbormodkit\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\helloneighbormodkit\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{29CE2D50-4EB5-48F5-9886-9CC9652C09B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{2D7B6191-700E-45C6-AB6E-C0190645885F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (03/26/2025 11:43:27 AM) (Source: Firefox Default Browser Agent) (EventID: 1155) (User: ) Description: Event-ID 1155 Error: (03/26/2025 10:43:26 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Échec de la création d’un point de restauration (Processus = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv ; Description = Windows Update ; Erreur = 0x80070422). Error: (03/26/2025 10:40:21 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Échec de la création d’un point de restauration (Processus = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv ; Description = Windows Update ; Erreur = 0x80070422). Error: (03/26/2025 10:40:18 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Échec de la création d’un point de restauration (Processus = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv ; Description = Windows Update ; Erreur = 0x80070422). Error: (03/26/2025 10:40:18 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Échec de la création d’un point de restauration (Processus = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation ; Description = Point de contrôle planifié ; Erreur = 0x80070422). Error: (03/26/2025 10:34:08 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Échec de la création d’un point de restauration (Processus = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv ; Description = Windows Update ; Erreur = 0x80070422). Error: (03/26/2025 10:33:59 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Échec de la création d’un point de restauration (Processus = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv ; Description = Windows Update ; Erreur = 0x80070422). Error: (03/26/2025 10:33:50 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Échec de la création d’un point de restauration (Processus = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv ; Description = Windows Update ; Erreur = 0x80070422). Erreurs système: ============= Error: (03/26/2025 10:40:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80073d02 : 9MWD59CZJ1RN-SAMSUNGELECTRONICSCO.LTD.SamsungFind. Error: (03/26/2025 10:40:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80073d02 : 9N3ZBH5V7HX6-SAMSUNGELECTRONICSCO.LTD.SmartThingsWindows. Error: (03/26/2025 10:33:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80073d02 : 9MWD59CZJ1RN-SAMSUNGELECTRONICSCO.LTD.SamsungFind. Error: (03/26/2025 10:33:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80073d02 : 9N3ZBH5V7HX6-SAMSUNGELECTRONICSCO.LTD.SmartThingsWindows. Error: (03/26/2025 10:33:12 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: AUTORITE NT) Description: La mise à jour de Secure Boot a échoué à mettre à jour une variable Secure Boot avec l'erreur (-2147020471 = Le démarrage sécurisé n’est pas activé sur cet ordinateur.). Pour plus d'informations, veuillez consulter https://go.microsoft.com/fwlink/?linkid=2169931 Error: (03/26/2025 10:28:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service DFWSIDService n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (03/26/2025 10:28:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service DFWSIDService. Error: (03/26/2025 10:28:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service l1vhlwf n’a pas pu démarrer en raison de l’erreur : Aucune fonctionnalité d’hyperviseur n’est disponible pour l’utilisateur. CodeIntegrity: =============== Date: 2025-03-26 11:33:26 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. Date: 2025-03-26 10:48:33 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267059357120000000\antimalware_provider64.dll that did not meet the Windows signing level requirements. Date: 2025-03-26 10:44:46 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267059357120000000\antimalware_provider64.dll that did not meet the Windows signing level requirements. ==================== Infos Mémoire =========================== BIOS: AMI F.31 10/14/2024 Carte mère: HP 89B5 Processeur: 12th Gen Intel(R) Core(TM) i5-12400 Pourcentage de mémoire utilisée: 54% Mémoire physique - RAM - totale: 16071.75 MB Mémoire physique - RAM - disponible: 7292.29 MB Mémoire virtuelle totale: 24007.75 MB Mémoire virtuelle disponible: 12245.27 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:476.18 GB) (Free:76.65 GB) (Model: NVMe MTFDKBA512TFK-1BC1AABHA) NTFS Drive d: (Sauvegarde interne) (Fixed) (Total:931.51 GB) (Free:425.35 GB) (Model: WDC WD10EZRZ-00HTKB0) NTFS Drive f: (EASEUS-BACK) (Removable) (Total:7.26 GB) (Free:6.31 GB) FAT32 \\?\Volume{60cc8e61-2f69-484f-a8a7-3095f0ba8c55}\ () (Fixed) (Total:0.65 GB) (Free:0.1 GB) NTFS \\?\Volume{c1e98ddc-7b11-45f5-bd17-ab188da4a491}\ () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 871329D1) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 476.9 GB) (Disk ID: 67DDE4FF) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 7.3 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fin de Addition.txt =======================