Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 15-05-2021 Exécuté par jpb10 (16-05-2021 16:02:11) Exécuté depuis D:\Dossier mail et système\Bureau\bureau Windows 10 Home Version 20H2 19042.985 (X64) (2020-10-31 01:51:21) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3326691530-1372380808-3353578716-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3326691530-1372380808-3353578716-503 - Limited - Disabled) Invité (S-1-5-21-3326691530-1372380808-3353578716-501 - Limited - Disabled) jpb10 (S-1-5-21-3326691530-1372380808-3353578716-1003 - Administrator - Enabled) => C:\Users\jpb10 WDAGUtilityAccount (S-1-5-21-3326691530-1372380808-3353578716-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 18.05 (HKLM-x32\...\7-Zip) (Version: 18.05 - Igor Pavlov) Adobe Acrobat 8.1.0 Professional (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.1.0 - Adobe Systems) Adobe Connect (HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.) Advance (HKLM-x32\...\{DE39E670-6CA0-4299-9541-79C452B36EF0}) (Version: 11.33.1 - Corner Banca SA) AOMEI Backupper Professional (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) AOMEI Partition Assistant Standard Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.) Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation) Autopano Pro (HKLM\...\Autopano Pro) (Version: V1.4.2 - Kolor) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) cnlabSpeedTest (HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\{fxApplication}}_is1) (Version: 1.4.1 - cnlab AG) Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.) Cyberduck (HKLM\...\{E8F44A9A-F443-44EA-AC36-00F1EFD39E37}) (Version: 7.7.2.33862 - iterate GmbH) Hidden Cyberduck (HKLM-x32\...\{464a4c62-78a4-42cd-901d-c25151be08cc}) (Version: 7.7.2.33862 - iterate GmbH) CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.4510 - CyberLink Corp.) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.4510 - CyberLink Corp.) DriverMax 10 (HKLM-x32\...\DMX5_is1) (Version: 10.14.0.17 - Innovative Solutions) Dropbox (HKLM-x32\...\Dropbox) (Version: 122.4.4867 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden Flash Drive Tester v1.14 (HKLM-x32\...\{272C8DEE-F54F-406C-9AA6-B4DE2985A47C}) (Version: 1.14 - Virtual Console) Freemake Audio Converter version 1.1.9 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.9 - Ellora Assets Corporation) Freemake Music Box (HKLM-x32\...\Freemake Music Box_is1) (Version: 1.0.7 - Ellora Assets Corporation) Freemake Video Converter version 4.1.12 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.12 - Mixbyte Inc.) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.5 - Ellora Assets Corporation) FriTax 2018 18.3.19 (HKLM-x32\...\NP_FR_2018) (Version: 18.3.19 - Ringler Informatik AG) FriTax 2019 19.3.8 (HKLM-x32\...\NP_FR_2019) (Version: 19.3.8 - Ringler Informatik AG) FriTax 2020 20.3.12 (HKLM-x32\...\NP_FR_2020) (Version: 20.3.12 - Ringler Informatik AG) Google Earth Pro (HKLM-x32\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) iMazing 2.13.5.0 (HKLM\...\iMazing_is1) (Version: 2.13.5.0 - DigiDNA SARL) Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation) Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) LastPass (Désinstaller uniquement) (HKLM-x32\...\LastPass) (Version: - LastPass) Logiciel Logitech Unifying 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech) Logitech Options (HKLM\...\LogiOptions) (Version: 8.34.82 - Logitech) Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.123 - Logitech) MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.) Micrografx Designer 9.0 (HKLM-x32\...\{E54A8977-22E8-4A64-BF2C-E60FE122733A}) (Version: 9.0.1 - Micrografx, Inc.) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation) Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.13929.20372 - Microsoft Corporation) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation) NVIDIA Pilote graphique 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20372 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20372 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20372 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.13929.20372 - Microsoft Corporation) Hidden PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH) RadioCollection (HKLM-x32\...\RadioCollection_is1) (Version: V 1.8 (hxxp://alainlecomte.free.fr/Download.htm) - ) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.853.853.040215 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0269 - REALTEK Semiconductor Corp.) Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30.05.2018) - HP Printing Korea Co., Ltd.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.) Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.32 - Samsung Electronics Co., Ltd.) Hidden SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Sticky Password 8.3.1.8 (HKLM-x32\...\Sticky Password_is1) (Version: 8.3 - Lamantine Software) SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 9.4.3.0 - 2BrightSparks) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden VC80_CRT_x86 (HKLM-x32\...\{AFC02C27-473F-4EC5-9372-30771EFFB35F}) (Version: 1.0.0 - kolor) VC80_CRT_x86_x64 (HKLM\...\{5B07B750-0477-4EC6-92ED-885D76AA96F9}) (Version: 1.0.0 - kolor) Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\WhatsApp) (Version: 2.2114.9 - WhatsApp) WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) xat.com JPEG Optimizer (HKLM-x32\...\xat.com JPEG Optimizer) (Version: - ) Packages: ========= Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-23] (Microsoft Corporation) Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) MHT Viewer -> C:\Program Files\WindowsApps\MCNEXT.MHTViewer_1.3.0.0_x64__ptt4xv5hcsz3a [2020-04-13] (MCNEXT) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-11] (Microsoft Studios) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-11-13] (Samsung Electronics Co. Ltd.) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.) XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.8.0_x86__xpfg3f7e9an52 [2021-02-24] (New Work SE) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3326691530-1372380808-3353578716-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\jpb10\Dropbox [2019-04-21 22:35] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu64.dll [2007-05-11] (Adobe Systems Inc.) [Fichier non signé] ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-26] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [Fichier non signé] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-26] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [AutopanoShell.ShellContextMenu] -> {C4853253-CD11-4798-ABF3-EC03F7C8A498} => C:\Program Files\Kolor\Autopano Pro\AutopanoShell_x64.dll [2008-04-21] (Kolor) [Fichier non signé] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.073.0411.0002\amd64\FileSyncShell64.dll [2021-05-08] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu64.dll [2007-05-11] (Adobe Systems Inc.) [Fichier non signé] ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\jpb10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Forum doctsf.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=paaojjndkeadcnchnegdbccaghkdemej ==================== Modules chargés (Avec liste blanche) ============= 2019-10-15 13:43 - 2007-05-11 01:56 - 000921600 _____ () [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdistRes.FRA 2021-02-24 00:39 - 2020-11-30 17:17 - 001101824 _____ () [Fichier non signé] C:\Program Files (x86)\Sticky Password\DLLs\_hashlib.pyd 2018-05-17 10:07 - 2018-05-17 10:07 - 000087552 _____ () [Fichier non signé] C:\WINDOWS\system32\ssdevm64.dll 2019-10-15 13:43 - 2007-05-11 00:18 - 001560576 _____ (Adobe Systems Inc.) [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu64.dll 2017-02-04 17:56 - 2015-05-20 23:32 - 002403504 _____ (Aomei Technology Co., Limited -> ) [Fichier non signé] C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll 2008-04-21 17:06 - 2008-04-21 17:06 - 000324096 _____ (Kolor) [Fichier non signé] C:\Program Files\Kolor\Autopano Pro\AutopanoShell_x64.dll 2020-10-31 03:44 - 2020-10-31 03:44 - 000113152 _____ (Microsoft Corporation) [Fichier non signé] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_ca3f79d486b08636\ATL80.DLL 2020-10-31 03:44 - 2020-10-31 03:44 - 000065536 _____ (Microsoft Corporation) [Fichier non signé] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll 2020-10-31 03:42 - 2018-01-24 00:42 - 000877440 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll 2020-10-31 03:42 - 2018-01-24 00:42 - 000343912 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll 2018-01-04 00:59 - 2019-03-16 19:33 - 000117248 _____ (pdfforge GmbH) [Fichier non signé] C:\WINDOWS\System32\pdfcmon.dll 2020-10-29 01:04 - 2020-04-02 21:11 - 000128181 _____ (Un4seen Developments) [Fichier non signé] D:\Dossier JPB\Download\Qtranslate\QTranslate.6.8.0.1\bass.dll 2018-03-27 13:00 - 2017-07-10 14:08 - 000043520 _____ (Windows (R) Codename Longhorn DDK provider) [Fichier non signé] C:\WINDOWS\system32\spool\PRTPROCS\x64\ssy5cpc.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-07-22] (Oracle America, Inc. -> Oracle Corporation) BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2018-08-04] (LogMeIn, Inc. -> LastPass) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2019-01-30] (Logitech Inc -> Logitech, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-22] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2018-08-04] (LogMeIn, Inc. -> LastPass) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2019-01-30] (Logitech Inc -> Logitech, Inc.) Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2018-08-04] (LogMeIn, Inc. -> LastPass) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2018-08-04] (LogMeIn, Inc. -> LastPass) Toolbar: HKU\S-1-5-21-3326691530-1372380808-3353578716-1003 -> Pas de nom - {C500C267-63BF-451F-8797-4D720C9A2ED9} - Pas de fichier Toolbar: HKU\S-1-5-21-3326691530-1372380808-3353578716-1003 -> Pas de nom - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - Pas de fichier Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-16] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-07-10 13:04 - 2018-06-11 00:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2017-12-22 16:46 - 2020-06-20 12:38 - 000000442 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AOMEI Backupper;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\Control Panel\Desktop\\Wallpaper -> D:\Dossier JPB\Download\Dexpot (Pour les bureaux virtuels)\Hintergrund 1.jpg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "BtServer" HKLM\...\StartupApproved\Run: => "CDAServer" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "LogiOptions" HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8" HKLM\...\StartupApproved\Run32: => "CLVirtualDrive" HKLM\...\StartupApproved\Run32: => "PowerDVD12Agent" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "ABNotify" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\StartupApproved\StartupFolder: => "Envoyer * OneNote.lnk<*>" HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\StartupApproved\Run: => "DriverMax_RESTART" HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\StartupApproved\Run: => "Application Restart #2" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{734C6E08-8D9F-4003-B343-38A51CE8C4E0}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{40FC47C3-E475-46A4-A128-AD0CA3F87D85}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{3AE519A7-493F-46F2-B0FE-B474D7F59EFA}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{A333565A-2E00-4EFD-B9E9-57B821EEAD51}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{99C0E33D-1083-49B2-9DFD-C60BED6EE1C2}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{1F8F4760-001E-4980-9F3F-2CCB4D9237B6}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{1E392DC2-DF09-4D7C-B3E3-CC7E37971746}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{37E90C12-B242-4437-9122-EA546485522E}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe => Pas de fichier FirewallRules: [{A77CD4A5-B09D-4B30-9634-D3F5BE355860}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe => Pas de fichier FirewallRules: [{2CF17C1E-A81E-4714-9536-D7E42DA11AAF}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe => Pas de fichier FirewallRules: [{58F9FCD3-A565-4953-82E3-A3090EC178A0}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe => Pas de fichier FirewallRules: [{EBCF1EA1-D854-4081-A347-B4D132458062}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2B4B1F0E-3857-44EE-9D80-6B5DC453595A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A02B0564-D009-4CAC-9372-C33393539B9D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{594E96E3-5527-426C-9B73-62AC8D192CD3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{620FAFD7-53E3-460F-A3D8-88C7EADC9DA1}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [{FF3CE88F-1BCA-448E-819A-5CD84E4D4D48}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{831F79BF-C292-4CB4-A409-CC09428CEB5B}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{E47C1161-11E4-4964-8A11-CC7F51CE46EB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> ) FirewallRules: [{E5C3BCCB-FF4F-416A-9882-6F7743BEA573}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.) FirewallRules: [{16748A7D-C1F7-45B3-A2AE-75ECB61A0A66}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.) FirewallRules: [{A5A00624-C6BB-43EA-8DB1-857497BCC14F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> ) FirewallRules: [{B3CC307B-4105-4487-94AE-79F4647BCBCA}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{ED32BA9C-46ED-4380-A63F-153A07CE370E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> ) FirewallRules: [{53E626F1-AAFB-49DF-92A1-C6F1E849D969}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> ) FirewallRules: [{4B92307F-23BA-4F15-A7C0-3ED2578F91D3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> ) FirewallRules: [{CD9B6825-66C4-44B1-8204-B94EFE0C8EBC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> ) FirewallRules: [{38529913-8C41-4FA1-98B0-3958DFC6FA4B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E4A8DAA6-67AF-45EA-810F-117E18237BA5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0741DC6C-3BF8-4330-BB7B-46FF6D131760}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B9298238-17B9-49A0-AB4F-C88FB8D46E89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BD247276-31F4-410C-98F7-EFB7EA53D9F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{694C2342-768E-4CAE-BFBF-B1DE9072F3FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{489FB5BC-8D00-4CD4-A720-1A54A32DB189}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1FAAD11A-D3F8-4B25-9863-A2806758B377}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0CFE2C5F-080F-470A-B992-6E5F9254505D}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.) FirewallRules: [{EA7BBC7D-DD74-4358-8E39-0024FF4D7241}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.) FirewallRules: [{1ADBC896-E597-4F5B-BFD9-F79574E636AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{5D72EC04-2657-46CA-ABD6-1DAA7633D55D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{3F8C0842-8B15-4150-83AF-889C6807DAB0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{161D0E20-CFFE-4F50-A3FB-012414D2B571}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1E6BEB1B-A852-449B-96C5-DE85228698D7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (05/16/2021 03:27:09 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: L’acquisition de la licence d’utilisateur final a échoué. hr=0xC004C003 Id Sku=84832881-46ef-4124-8abc-eb493cdcf78e Error: (05/16/2021 03:27:09 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Détails de l’échec d’acquisition de la licence. hr=0xC004C003 Error: (05/15/2021 11:22:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Acrobat.exe, version : 8.1.0.137, horodatage : 0x46444c82 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc000041d Décalage d’erreur : 0xbffbb530 ID du processus défaillant : 0x1d3c Heure de début de l’application défaillante : 0x01d749d06f00aad5 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe Chemin d’accès du module défaillant: unknown ID de rapport : 1cb86939-3d80-4960-b802-f50a394d6a8a Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/15/2021 11:22:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Acrobat.exe, version : 8.1.0.137, horodatage : 0x46444c82 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus défaillant : 0x1d3c Heure de début de l’application défaillante : 0x01d749d06f00aad5 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe Chemin d’accès du module défaillant: unknown ID de rapport : 22c18cff-af58-4df7-975f-bee4ffb5a1a8 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/15/2021 04:52:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Acrobat.exe, version : 8.1.0.137, horodatage : 0x46444c82 Nom du module défaillant : Acrobat.dll, version : 8.1.0.137, horodatage : 0x46444932 Code d’exception : 0xc000041d Décalage d’erreur : 0x00a6ce7c ID du processus défaillant : 0x328 Heure de début de l’application défaillante : 0x01d74999eca65ec3 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.dll ID de rapport : 3fe5ac9c-2b53-444c-9fe6-83264a74a284 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/15/2021 04:52:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Acrobat.exe, version : 8.1.0.137, horodatage : 0x46444c82 Nom du module défaillant : Acrobat.dll, version : 8.1.0.137, horodatage : 0x46444932 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00a6ce7c ID du processus défaillant : 0x328 Heure de début de l’application défaillante : 0x01d74999eca65ec3 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.dll ID de rapport : 79d8aeef-719d-4b43-858f-68e49a34e548 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/15/2021 03:07:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Recover (E:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Error: (05/15/2021 03:07:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Backup (G:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Erreurs système: ============= Error: (05/16/2021 04:01:27 PM) (Source: TPM) (EventID: 27) (User: AUTORITE NT) Description: Échec de l'initialisation du module de plateforme sécurisée (TPM). Le TPM est peut-être en mode d'échec. Pour autoriser le diagnostic, contactez le fabricant du TPM avec les informations ci-jointes. Error: (05/16/2021 04:01:27 PM) (Source: TPM) (EventID: 27) (User: AUTORITE NT) Description: Échec de l'initialisation du module de plateforme sécurisée (TPM). Le TPM est peut-être en mode d'échec. Pour autoriser le diagnostic, contactez le fabricant du TPM avec les informations ci-jointes. Error: (05/16/2021 04:01:27 PM) (Source: TPM) (EventID: 27) (User: AUTORITE NT) Description: Échec de l'initialisation du module de plateforme sécurisée (TPM). Le TPM est peut-être en mode d'échec. Pour autoriser le diagnostic, contactez le fabricant du TPM avec les informations ci-jointes. Error: (05/16/2021 04:01:27 PM) (Source: TPM) (EventID: 27) (User: AUTORITE NT) Description: Échec de l'initialisation du module de plateforme sécurisée (TPM). Le TPM est peut-être en mode d'échec. Pour autoriser le diagnostic, contactez le fabricant du TPM avec les informations ci-jointes. Error: (05/16/2021 04:01:27 PM) (Source: TPM) (EventID: 27) (User: AUTORITE NT) Description: Échec de l'initialisation du module de plateforme sécurisée (TPM). Le TPM est peut-être en mode d'échec. Pour autoriser le diagnostic, contactez le fabricant du TPM avec les informations ci-jointes. Error: (05/16/2021 04:01:26 PM) (Source: TPM) (EventID: 27) (User: AUTORITE NT) Description: Échec de l'initialisation du module de plateforme sécurisée (TPM). Le TPM est peut-être en mode d'échec. Pour autoriser le diagnostic, contactez le fabricant du TPM avec les informations ci-jointes. Error: (05/16/2021 04:01:26 PM) (Source: TPM) (EventID: 27) (User: AUTORITE NT) Description: Échec de l'initialisation du module de plateforme sécurisée (TPM). Le TPM est peut-être en mode d'échec. Pour autoriser le diagnostic, contactez le fabricant du TPM avec les informations ci-jointes. Error: (05/16/2021 04:01:26 PM) (Source: TPM) (EventID: 27) (User: AUTORITE NT) Description: Échec de l'initialisation du module de plateforme sécurisée (TPM). Le TPM est peut-être en mode d'échec. Pour autoriser le diagnostic, contactez le fabricant du TPM avec les informations ci-jointes. Windows Defender: ================ Date: 2021-03-04 19:39:10 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {EBEA19E1-5AA0-48DE-AFCD-B7AB8A404252} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2021-03-04 19:27:32 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {13B4648D-4B1F-4AD6-B9CE-664F872F656C} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2021-05-16 16:00:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2021-05-16 15:49:59 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 150EMW0X.106 01/15/2018 Carte mère: MEDION B150H4-EM Processeur: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz Pourcentage de mémoire utilisée: 51% Mémoire physique - RAM - totale: 8150.38 MB Mémoire physique - RAM - disponible: 3960.75 MB Mémoire virtuelle totale: 9430.38 MB Mémoire virtuelle disponible: 4939.01 MB ==================== Lecteurs ================================ Drive c: (Boot) (Fixed) (Total:117.16 GB) (Free:67.61 GB) NTFS Drive d: (Données) (Fixed) (Total:801.79 GB) (Free:621.28 GB) NTFS Drive e: (Recover) (Fixed) (Total:60 GB) (Free:41.43 GB) NTFS Drive g: (Backup) (Fixed) (Total:1001.22 GB) (Free:407.63 GB) NTFS \\?\Volume{b9750a12-b39f-4206-9ac1-5ba9e87a5ccb}\ () (Fixed) (Total:0.85 GB) (Free:0.4 GB) NTFS \\?\Volume{01f023aa-0211-4e80-9efa-8fb5042ab5e0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: CED2633A) Partition 1: (Not Active) - (Size=801.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1001.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=60 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fin de Addition.txt =======================