Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 22-05-2021 Exécuté par Admin (22-05-2021 19:28:03) Exécuté depuis C:\Users\Jean-Pierre\Desktop Windows 10 Pro Version 20H2 19042.985 (X64) (2020-09-26 13:41:37) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Admin (S-1-5-21-1440033328-4102027548-317780136-1002 - Administrator - Enabled) => C:\Users\Admin Administrateur (S-1-5-21-1440033328-4102027548-317780136-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1440033328-4102027548-317780136-503 - Limited - Disabled) defaultuser0 (S-1-5-21-1440033328-4102027548-317780136-1000 - Limited - Disabled) => C:\Users\defaultuser0 HomeGroupUser$ (S-1-5-21-1440033328-4102027548-317780136-1007 - Limited - Enabled) Invité (S-1-5-21-1440033328-4102027548-317780136-501 - Limited - Disabled) Jean-Pierre (S-1-5-21-1440033328-4102027548-317780136-1003 - Limited - Enabled) => C:\Users\Jean-Pierre Michaël (S-1-5-21-1440033328-4102027548-317780136-1008 - Limited - Enabled) => C:\Users\Michaël WDAGUtilityAccount (S-1-5-21-1440033328-4102027548-317780136-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D} AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 8GadgetPack (HKLM-x32\...\{2C6DC07C-5D68-4E32-B6C6-EF5F24DA9FDF}) (Version: 33.0.0 - 8GadgetPack.net) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe) Adobe Photoshop Elements 2020 (HKLM-x32\...\PSE_18_2) (Version: 18.0 - Adobe Systems Incorporated) AOMEI Partition Assistant 9.0 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI International Network Limited.) Apple Application Support (64 bits) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.) Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.) Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation) Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BurnAware Free 13.2 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware) Caere Scan Manager 5.0 (HKLM-x32\...\{81D62C32-0984-11D3-86CD-00105AD33021}) (Version: 5.0 - Caere Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP) Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.1.250.0 - Microsoft Corporation) Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.5.1.84 - MAGIX Software GmbH) ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) Convertisseur M2TS Gratuit 1.0.32 (HKLM-x32\...\{AE1049D2-8255-4ffd-9857-96609689A253}_is1) (Version: 1.0.32 - free-videoconverter) CyberGhost 8 (HKLM\...\CyberGhost 8) (Version: 8.2.4.7664 - CyberGhost S.A.) CyberGhost TUN (HKLM\...\{677232D6-72D6-4821-8CB5-47969B15D4DF}) (Version: 1.0 - CyberGhost S.R.L.) Hidden Driver Booster 8 (HKLM-x32\...\Driver Booster_is1) (Version: 8.4.0 - IObit) EaseUS Video Editor V1.5.7.28 (HKLM-x32\...\{160288F0-2C46-47E6-973D-F8F8D0577965}_is1) (Version: 1.5.7.28 - EaseUS) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.2 - Seiko Epson Corporation) Epson Data Collection Agent (HKLM\...\{AF4D8A50-6093-4556-936E-A4C042CC2AE2}) (Version: 4.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{49048EBF-3803-4AA4-8943-675E6E8D5B30}) (Version: 3.11.0030 - Seiko Epson Corporation) Epson Photo+ (HKLM-x32\...\{5874C85E-A911-4A7E-8643-DB2C4322CBBF}) (Version: 3.1.0.0 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson ScanSmart (HKLM-x32\...\{BF35B9D9-C4A1-40DD-B13C-46F35BD35282}) (Version: 3.5.2 - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation) EPSON Stylus SX400 Series Printer Uninstall (HKLM\...\EPSON Stylus SX400 Series) (Version: - SEIKO EPSON Corporation) EPSON XP-3100 Series Printer Uninstall (HKLM\...\EPSON XP-3100 Series) (Version: - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) FairStars CD Ripper 2.00 (HKLM-x32\...\FairStars CD Ripper_is1) (Version: - FairStars Soft) FreeFileSync 11.8 [Edition Donation] (HKLM-x32\...\FreeFileSync_is1) (Version: 11.8 - FreeFileSync.org) GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team) Google Earth Pro (HKLM-x32\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google) iFun Screen Recorder (HKLM-x32\...\iFun Screen Recorder_is1) (Version: 1.1.0 - IObit) iFun Screenshot (HKLM-x32\...\iFun Screenshot_is1) (Version: 1.1.0.512 - IObit) Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel) IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 4.0.0.99 - IObit) IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.1.0.21 - IObit) iTop VPN (HKLM-x32\...\iTop VPN_is1) (Version: 1.2.0.889 - iTop Inc.) Kingston SSD Manager version 1.1.0.5 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.0.5 - Kingston Digital, Inc) Kit de déploiement et d’évaluation Windows - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation) Kits Configuration Installer (HKLM-x32\...\{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE}) (Version: 10.1.14393.0 - Microsoft) Hidden Kobo (HKLM-x32\...\Kobo) (Version: 4.24.13786 - Rakuten Kobo Inc.) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Logitech SetPoint 6.70 (HKLM\...\sp6) (Version: 6.70.55 - Logitech) Macrium Reflect Home Edition (HKLM\...\{A2B10D1B-CAA9-4BB5-BA22-988D40AE72BD}) (Version: 7.3.5281 - Paramount Software (UK) Ltd.) Hidden Macrium Reflect Home Edition (HKLM\...\MacriumReflect) (Version: 7.3 - Paramount Software (UK) Ltd.) MAGIX Audio Cleanic MX (HKLM-x32\...\{856CC4C7-3C05-4252-A46A-F4BFCD17EF84}) (Version: 18.0.0.9 - MAGIX AG) Hidden MAGIX Audio Cleanic MX (HKLM-x32\...\MAGIX_MSI_mclab_mx) (Version: 18.0.0.9 - MAGIX AG) MAGIX Cloud Import (HKLM\...\{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden MAGIX Cloud Import (HKLM\...\MX.{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH) MAGIX Connect (HKLM\...\{B0C73D27-EB3E-4D0E-B40D-0141DAF708CC}) (Version: 3.0.0.1 - MAGIX Software GmbH) Hidden MAGIX Connect (HKLM\...\MX.{B0C73D27-EB3E-4D0E-B40D-0141DAF708CC}) (Version: 3.0.0.1 - MAGIX Software GmbH) MAGIX Contenu et Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX PC Check & Tuning 2019 (HKLM-x32\...\PC Check Tuning 2019_is1) (Version: 2.7.0.56 - MAGIX Software GmbH) MAGIX Screenshare (HKLM-x32\...\{3152B87B-A034-4E4E-81B0-41114089D2E1}) (Version: 4.3.6.1987 - MAGIX AG) Hidden MAGIX Screenshare (HKLM-x32\...\MAGIX_MSI_PCVisit) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Soundpool Music Maker - Feel good (HKLM\...\{345A8E24-8674-48D5-97CA-630E0058C239}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM\...\{1BE49011-6031-443A-9D21-8318B6B56A72}) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM-x32\...\MX.{1BE49011-6031-443A-9D21-8318B6B56A72}) (Version: 7.0.1.27 - MAGIX Software GmbH) MAGIX Vidéo deluxe 2015 (HKLM\...\{DA7B58E7-740A-4411-AC11-7D9BA50804E2}) (Version: 14.0.0.153 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe 2015 (HKLM\...\MX.{DA7B58E7-740A-4411-AC11-7D9BA50804E2}) (Version: 14.0.0.153 - MAGIX Software GmbH) MAGIX Vidéo deluxe Premium (effets de titres) (HKLM\...\{790CE125-7028-410C-973B-C13D7999A1B6}) (Version: 17.0.1.0 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium (effets de titres) (HKLM\...\MX.{790CE125-7028-410C-973B-C13D7999A1B6}) (Version: 17.0.1.0 - MAGIX Software GmbH) MAGIX Vidéo deluxe Premium (Effets de transition) (HKLM\...\{CE00C959-1C45-466A-9CD3-69826E3B1FAB}) (Version: 17.0.2.0 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium (Effets de transition) (HKLM\...\MX.{CE00C959-1C45-466A-9CD3-69826E3B1FAB}) (Version: 17.0.2.0 - MAGIX Software GmbH) MAGIX Vidéo deluxe Premium (Éléments de design) (HKLM\...\{15E478D8-AF3C-4902-953F-2D4E32D43799}) (Version: 17.0.2.0 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium (Éléments de design) (HKLM\...\MX.{15E478D8-AF3C-4902-953F-2D4E32D43799}) (Version: 17.0.2.0 - MAGIX Software GmbH) MAGIX Vidéo deluxe Premium (HKLM\...\{3AC5CF42-278E-421F-9B0D-03C015354EBF}) (Version: 17.0.1.128 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium (HKLM\...\MX.{3AC5CF42-278E-421F-9B0D-03C015354EBF}) (Version: 17.0.3.178 - MAGIX Software GmbH) MAGIX Vidéo deluxe Premium (Modèles de menus à personnaliser) (HKLM\...\{09DFBCCB-B886-43D9-BFC2-BC0B525844B6}) (Version: 17.0.1.0 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium (Modèles de menus à personnaliser) (HKLM\...\MX.{09DFBCCB-B886-43D9-BFC2-BC0B525844B6}) (Version: 17.0.1.0 - MAGIX Software GmbH) MAGIX Vidéo deluxe Premium (Modèles de menus) (HKLM\...\{03408188-6AB0-48DD-92DE-F4EC09B8C833}) (Version: 17.0.1.0 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium (Modèles de menus) (HKLM\...\MX.{03408188-6AB0-48DD-92DE-F4EC09B8C833}) (Version: 17.0.1.0 - MAGIX Software GmbH) MAGIX Vidéo deluxe Premium (Projet de démonstration) (HKLM\...\{B3EAC4C2-3EAA-4C94-A7BA-E1A5C165B5BC}) (Version: 17.0.1.0 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium (Projet de démonstration) (HKLM\...\MX.{B3EAC4C2-3EAA-4C94-A7BA-E1A5C165B5BC}) (Version: 17.0.1.0 - MAGIX Software GmbH) MAGIX Vidéo deluxe Premium (Update Service 5.7.33.77) (HKLM\...\{1A3E739C-FAAD-33C9-8D24-0D20BB8900D3}) (Version: 5.7.33.77 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium Update (HKLM\...\{0DDBEB61-4400-41C5-878A-F1B68434D66E}) (Version: 17.0.3.177 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium Update (HKLM\...\{6B69DA7D-7BB2-4394-B05C-9A4D38537750}) (Version: 17.0.2.159 - MAGIX Software GmbH) Hidden MAGIX Vidéo deluxe Premium Update (HKLM\...\{972C3D95-6FB7-4D77-A3C6-3D8974016295}) (Version: 17.0.3.178 - MAGIX Software GmbH) Hidden Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Manuels EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation) Microsoft Office Famille et Étudiant 2016 - fr-fr (HKLM\...\HomeStudentRetail - fr-fr) (Version: 16.0.13929.20386 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1440033328-4102027548-317780136-1002\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1440033328-4102027548-317780136-1003\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1440033328-4102027548-317780136-1008\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 88.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 88.0.1 (x64 fr)) (Version: 88.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0.1 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) Multimedia Mouse Driver (HKLM-x32\...\InstallShield_{B8C11C23-F46C-48C1-8EA8-CEA82115586A}) (Version: 2.0 - Nom de votre société) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) Native Messaging for Enpass 5.5.1.0 (HKLM-x32\...\Native Messaging for Enpass) (Version: 5.5.1.0 - Sinew Software System Pvt Ltd.) NewBlue Filters 5 Recreate (HKLM-x32\...\NewBlue Filters 5 Recreate) (Version: 5.0.170918 - NewBlue) NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 3.0 - NewBlue) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - ) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden PDF Architect 6 View Module (HKLM\...\{5A2AC1A0-C736-4689-9031-2E1915526F48}) (Version: 6.1.25.1863 - pdfforge GmbH) Hidden PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 13.0 - PlotSoft LLC) PeaZip 7.2.1 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 7.2.1 - Giorgio Tani) PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.) Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TomTom MyDrive Connect 4.2.10.4148 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.10.4148 - TomTom) Toolkit Documentation (HKLM-x32\...\{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B}) (Version: 10.1.14393.0 - Microsoft) Hidden Tuto.com version 5.8.8 (HKLM-x32\...\{88AC85F0-BF65-420D-A8A7-8D04AFA1C424}_is1) (Version: 5.8.8 - SAS Weecast) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation) VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Vita Concert Grand LE (HKLM\...\{D87DC551-43E4-4791-8E69-7720F0F536E5}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN) vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden Windows Media Player Plus! 2.10 (HKLM-x32\...\{67E4EF06-E0D6-42E0-A2BA-67199B0143FB}_is1) (Version: 2.10 - BM-productions) XnView 2.49.3 (HKLM-x32\...\XnView_is1) (Version: 2.49.3 - Gougelet Pierre-e) XnViewMP 0.98.2 (HKLM\...\XnViewMP_is1) (Version: 0.98.2 - Gougelet Pierre-e) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-10-09] (Adobe Systems Incorporated) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-09] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-09] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-20] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.22101.0_x64__8wekyb3d8bbwe [2021-05-20] (Microsoft Studios) Paradise Bay -> C:\Program Files\WindowsApps\king.com.ParadiseBay_3.9.0.0_x86__kgqvnymyfvs32 [2020-10-09] (king.com) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-10-09] (Twitter Inc.) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1440033328-4102027548-317780136-1002_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> C:\Program Files\Photoshop 2020\Elements 2020 Organizer\Elements Auto Creations 2020.exe (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-1440033328-4102027548-317780136-1002_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-1440033328-4102027548-317780136-1002_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-1440033328-4102027548-317780136-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-1440033328-4102027548-317780136-1003_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> C:\Program Files\Photoshop 2020\Elements 2020 Organizer\Elements Auto Creations 2020.exe (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-1440033328-4102027548-317780136-1003_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Jean-Pierre\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-1440033328-4102027548-317780136-1003_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Jean-Pierre\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-1440033328-4102027548-317780136-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Jean-Pierre\Dropbox0 SSODL: CallbackTechMountNotificator-cbfsconnect2017 - {C4FB94A2-7BED-4214-BB9F-CD37CA74AE66} - C:\Windows\system32\cbfsconnectMntNtf2017.dll (Callback Technologies, Inc. -> Callback Technologies, Inc.) SSODL-x32: CallbackTechMountNotificator-cbfsconnect2017 - {C4FB94A2-7BED-4214-BB9F-CD37CA74AE66} - C:\Windows\SysWOW64\cbfsconnectMntNtf2017.dll (Callback Technologies, Inc. -> Callback Technologies, Inc.) ShellServiceObjects: Virtual Storage Mount Notification -> {C4FB94A2-7BED-4214-BB9F-CD37CA74AE66} => C:\Windows\system32\cbfsconnectMntNtf2017.dll [2020-06-25] (Callback Technologies, Inc. -> Callback Technologies, Inc.) ShellServiceObjects-x32: Virtual Storage Mount Notification -> {C4FB94A2-7BED-4214-BB9F-CD37CA74AE66} => C:\Windows\SysWOW64\cbfsconnectMntNtf2017.dll [2020-06-25] (Callback Technologies, Inc. -> Callback Technologies, Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> Pas de fichier ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> Pas de fichier ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit) ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => -> Pas de fichier ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> Pas de fichier ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => -> Pas de fichier ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-19] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> Pas de fichier ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-19] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => -> Pas de fichier ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2006-05-03 05:49 - 2006-05-03 05:49 - 000028672 _____ () [Fichier non signé] C:\Program Files (x86)\Multimedia Mouse Driver\MouseHook.dll 2020-09-29 14:32 - 2020-06-23 09:54 - 000660480 _____ (Helmut Buhler) [Fichier non signé] C:\Program Files\Windows Sidebar\dwmapi.dll 2016-10-07 17:05 - 2016-10-07 17:05 - 000347648 _____ (Intel(R) Corporation) [Fichier non signé] C:\windows\system32\NCS2Setp.dll 2020-08-24 15:02 - 2020-08-24 15:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll 2020-08-24 15:02 - 2020-08-24 15:02 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll 2020-06-17 17:35 - 2020-06-17 17:35 - 003338240 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files\EPSON\Epson Data Collection Agent\IZENSTRMAPIu.dll 2020-06-17 17:35 - 2020-06-17 17:35 - 003142144 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files\EPSON\Epson Data Collection Agent\NDENCMAPI.dll 2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Windows\System32\enppmon.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-1440033328-4102027548-317780136-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE HKU\S-1-5-21-1440033328-4102027548-317780136-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE HKU\S-1-5-21-1440033328-4102027548-317780136-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1440033328-4102027548-317780136-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE SearchScopes: HKU\S-1-5-21-1440033328-4102027548-317780136-1002 -> DefaultScope {67AA6115-EE11-492E-8D6B-A0A8ABC9313B} URL = SearchScopes: HKU\S-1-5-21-1440033328-4102027548-317780136-1002 -> {67AA6115-EE11-492E-8D6B-A0A8ABC9313B} URL = SearchScopes: HKU\S-1-5-21-1440033328-4102027548-317780136-1003 -> DefaultScope {ECFFC241-84D5-467B-8AFC-21E258A48BDA} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-1440033328-4102027548-317780136-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1440033328-4102027548-317780136-1003 -> {67AA6115-EE11-492E-8D6B-A0A8ABC9313B} URL = SearchScopes: HKU\S-1-5-21-1440033328-4102027548-317780136-1003 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&l=dis&prt=NGC&chn=1000&geo=FR&ver=22.20.5.39&locale=FR_fr&guid=FD0D910E-D574-4902-B1DE-6461D8EE97EA&doi=2016-09-01&o=APN11913&gct=kwd&qsrc=2869 SearchScopes: HKU\S-1-5-21-1440033328-4102027548-317780136-1003 -> {ECFFC241-84D5-467B-8AFC-21E258A48BDA} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-10] (Microsoft Corporation -> Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.) BHO: Pas de nom -> {C4FB94A2-7BED-4214-BB9F-CD37CA74AE66}' -> Pas de fichier BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.) BHO-x32: Pas de nom -> {C4FB94A2-7BED-4214-BB9F-CD37CA74AE66}' -> Pas de fichier Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-03-21 16:17 - 2019-03-21 16:17 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts 2020-09-27 10:58 - 2020-11-27 15:39 - 000000529 _____ C:\Windows\system32\drivers\etc\hosts.ics 172.31.21.77 bcbcb9e6-95e6-4b87-81de-7569825199b8.mshome.net # 2020 12 5 4 13 39 7 652 172.31.16.1 JEAN-PIERRE.mshome.net # 2025 11 3 26 13 39 7 652 ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\PROGRAM FILES (X86)\INTEL\ICLS CLIENT\;C:\PROGRAM FILES\INTEL\ICLS CLIENT\;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL;C:\PROGRAM FILES\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL;C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\IPT;C:\PROGRAM FILES\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1440033328-4102027548-317780136-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-1440033328-4102027548-317780136-1002\Control Panel\Desktop\\Wallpaper -> D:\DOCUMENTS\Fonds écran\Images fond écran\Pour fond écran Automne\Automne Samsung 24 pouces_fenêtres.png HKU\S-1-5-21-1440033328-4102027548-317780136-1003\Control Panel\Desktop\\Wallpaper -> d:\documents\fonds écran\images fond écran\fond d'écran pour lac\lac clara meer_avec fenêtres_1_et nom.jpg HKU\S-1-5-21-1440033328-4102027548-317780136-1008\Control Panel\Desktop\\Wallpaper -> D:\DOCUMENTS\Fonds écran\Images fond écran\Fruits d'Automne.jpg DNS Servers: 10.0.0.243 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "BCSSync" HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "Eraser" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe" HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKU\S-1-5-21-1440033328-4102027548-317780136-1000\...\StartupApproved\Run: => "OneDriveSetup" HKU\S-1-5-21-1440033328-4102027548-317780136-1000\...\StartupApproved\Run: => "WAB Migrate" HKU\S-1-5-21-1440033328-4102027548-317780136-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-1440033328-4102027548-317780136-1002\...\StartupApproved\Run: => "EPSON Stylus SX400 Series" HKU\S-1-5-21-1440033328-4102027548-317780136-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1440033328-4102027548-317780136-1002\...\StartupApproved\Run: => "EPSON Stylus SX400" HKU\S-1-5-21-1440033328-4102027548-317780136-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1440033328-4102027548-317780136-1002\...\StartupApproved\Run: => "QMxNetworkSync" HKU\S-1-5-21-1440033328-4102027548-317780136-1003\...\StartupApproved\Run: => "EPSON Stylus SX400" HKU\S-1-5-21-1440033328-4102027548-317780136-1003\...\StartupApproved\Run: => "QMxNetworkSync" HKU\S-1-5-21-1440033328-4102027548-317780136-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1440033328-4102027548-317780136-1003\...\StartupApproved\Run: => "CCXProcess" HKU\S-1-5-21-1440033328-4102027548-317780136-1003\...\StartupApproved\Run: => "EPSON Stylus SX400 Series" HKU\S-1-5-21-1440033328-4102027548-317780136-1003\...\StartupApproved\Run: => "OneDrive" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{DF3D5B0C-1B99-44E4-AE1F-4D41D1532835}] => (Allow) LPort=8501 FirewallRules: [{2B5C1E9F-5BD4-4F48-9BE6-F2BF6775FC82}] => (Allow) LPort=8501 FirewallRules: [{51CF1539-6F1B-47FA-9C9F-D7961DF102F1}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom) FirewallRules: [{FC811032-7485-4B1B-9C24-5DEFD58B24D5}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX) FirewallRules: [TCP Query User{9FDD93D8-ADFE-44AD-B0D6-8C3E1876A689}C:\program files\common files\magix services\qmxnetworksync\qmxnetworksync.exe] => (Allow) C:\program files\common files\magix services\qmxnetworksync\qmxnetworksync.exe (MAGIX Software GmbH -> MAGIX) FirewallRules: [{E33E10E4-478E-497B-A04C-36DDEA571071}] => (Allow) C:\Program Files\Common Files\MAGIX Services\QMxNetworkSync\QMxNetworkSync.exe (MAGIX Software GmbH -> MAGIX) FirewallRules: [{A7E3CC04-9DB6-4941-ACCA-B9201CB43565}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{4AF37973-D812-4DA7-91FE-5B53D86E8ADD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{478ACCBB-D90C-41BF-A466-D042CCAACB52}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{39A1FC5F-2760-460B-9684-D626EF912178}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{3B0353E1-4A27-4065-8E2D-1C97F40E7EF4}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [Fichier non signé] FirewallRules: [{6858A049-943D-4199-85EC-A9EF865FB85B}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [Fichier non signé] FirewallRules: [{BDF0E221-13A8-4451-9452-52954C3E9284}] => (Allow) C:\Program Files\MAGIX\Video deluxe Premium\2018\Videodeluxe.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [{489F1222-369F-4D59-9644-843329009290}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Video Editor\EaseUS Video Editor.exe (Apowersoft Ltd -> EaseUS) FirewallRules: [{73DC68A8-CDFF-4105-872F-77B711D8E35D}] => (Allow) C:\Program Files (x86)\EaseUS\EaseUS Video Editor\EaseUS Video Editor.exe (Apowersoft Ltd -> EaseUS) FirewallRules: [{D9179B9B-8EF9-43A4-868C-28B415E583AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CBD33759-7608-4A25-AA69-50238E9A438E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{77C67495-F0C4-42DF-9F70-843B6F64DD88}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{241D9549-119A-412F-9054-2E2AA6110877}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{87F6525D-5A43-4C8B-A287-C5BE958F497C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C4F88245-29EE-4FE7-9116-B019029EAA38}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7CA9A3B2-A374-43A1-ACF3-99CA801C881D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{21CE77EA-8D00-4192-8DB9-EAE48ACDCC22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Points de restauration ========================= 18-05-2021 19:51:08 Point de contrôle planifié 18-05-2021 19:53:48 Removed ABBYY FineReader 6.0 Sprint 19-05-2021 12:41:35 Removed Backup and Sync from Google 20-05-2021 17:09:20 IObit Software Updater restore point 21-05-2021 19:58:06 ZHPcleaner ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (05/22/2021 03:28:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname JEAN-PIERRE.local already in use; will try JEAN-PIERRE-2.local instead Error: (05/22/2021 03:28:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 JEAN-PIERRE.local. Addr 172.26.64.1 Error: (05/22/2021 03:28:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 172.26.64.1:5353 16 JEAN-PIERRE.local. AAAA FE80:0000:0000:0000:1CAA:B733:84BC:9FF1 Error: (05/22/2021 03:28:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 JEAN-PIERRE.local. Addr 172.26.64.1 Error: (05/22/2021 03:28:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 172.26.64.1:5353 16 JEAN-PIERRE.local. AAAA FE80:0000:0000:0000:1CAA:B733:84BC:9FF1 Error: (05/22/2021 02:43:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante IAStorDataMgrSvc.exe, version : 15.2.0.1020, horodatage : 0x57d81123 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x057b9805 ID du processus défaillant : 0x3194 Heure de début de l’application défaillante : 0x01d74f07ef8b6a0e Chemin d’accès de l’application défaillante : C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Chemin d’accès du module défaillant: unknown ID de rapport : 3e9ce363-ddd7-48c7-b4b4-682c87abae46 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (05/22/2021 02:43:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : IAStorDataMgrSvc.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.NullReferenceException à IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() à IAStorUtil.SystemDataModelListener.LoadSavedSystemState() à IAStorDataMgr.EventRelay.b__12_0(System.Object) à System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() à System.Threading.ThreadPoolWorkQueue.Dispatch() à System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (05/22/2021 01:53:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SoftwareUpdate.exe, version : 2.1.1.116, horodatage : 0x488a4f1f Nom du module défaillant : ScriptingObjectModel.dll, version : 2.1.1.116, horodatage : 0x488a4efe Code d’exception : 0xc0000005 Décalage d’erreur : 0x00002f91 ID du processus défaillant : 0x2420 Heure de début de l’application défaillante : 0x01d74f011c3e4e65 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Apple Software Update\ScriptingObjectModel.dll ID de rapport : 2146fc9f-ecf2-46f8-bdf3-f913d535107c Nom complet du package défaillant : ID de l’application relative au package défaillant : Erreurs système: ============= Error: (05/22/2021 07:22:04 PM) (Source: MEIx64) (EventID: 3) (User: ) Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x90000245, FWSTS1: 0x80100106). Error: (05/22/2021 02:43:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Intel(R) Rapid Storage Technology s’est terminé de façon inattendue pour la 1ème fois. Error: (05/22/2021 02:40:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Nal Service n’a pas pu démarrer en raison de l’erreur : Windows ne peut pas vérifier la signature numérique de ce fichier. Il est possible qu’une modification matérielle ou logicielle récente ait installé un fichier endommagé ou dont la signature est incorrecte, ou qu’il s’agisse d’un logiciel malveillant provenant d’une source inconnue. Error: (05/22/2021 02:40:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service RstMwService n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (05/22/2021 01:54:57 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT) Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013. Error: (05/22/2021 01:49:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Intel(R) Rapid Storage Technology s’est terminé de façon inattendue pour la 1ème fois. Error: (05/22/2021 01:46:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Nal Service n’a pas pu démarrer en raison de l’erreur : Windows ne peut pas vérifier la signature numérique de ce fichier. Il est possible qu’une modification matérielle ou logicielle récente ait installé un fichier endommagé ou dont la signature est incorrecte, ou qu’il s’agisse d’un logiciel malveillant provenant d’une source inconnue. Error: (05/22/2021 01:46:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service RstMwService n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Windows Defender: ================ Date: 2021-05-21 16:00:35 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Nom : Program:Win32/Wacapew.C!ml ID : 265744 Gravité : Faible Catégorie : Logiciel potentiellement non désiré Chemin : file:_c:\users\admin\Desktop\FRST64.exe Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Système Utilisateur : AUTORITE NT\Système Nom du processus : Unknown Version de la veille de sécurité : AV: 1.339.1172.0, AS: 1.339.1172.0, NIS: 1.339.1172.0 Version du moteur : AM: 1.1.18100.6, NIS: 1.1.18100.6 Date: 2021-05-18 17:39:41 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {1DE6DCEF-95CF-4AD8-95F4-AD671309DE77} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-10-18 12:15:29 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {0C060D08-F014-4F2A-916F-2723CB10D478} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2021-05-22 16:05:49 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2021-05-22 16:04:55 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cbfsconnectNetRdr2017.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2021-05-22 14:40:32 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\iqvw64e.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 2002 09/20/2016 Carte mère: ASUSTeK COMPUTER INC. H170M-PLUS Processeur: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz Pourcentage de mémoire utilisée: 31% Mémoire physique - RAM - totale: 16249.7 MB Mémoire physique - RAM - disponible: 11087.82 MB Mémoire virtuelle totale: 20205.7 MB Mémoire virtuelle disponible: 14795.97 MB ==================== Lecteurs ================================ Drive c: (SYSTEME) (Fixed) (Total:474.59 GB) (Free:248.67 GB) NTFS Drive d: (DONNEES) (Fixed) (Total:1080.66 GB) (Free:634.5 GB) NTFS Drive f: () (Fixed) (Total:1.79 GB) (Free:1.32 GB) NTFS Drive g: (PROGRAMMES_SUPPLÉMENTAIRES) (Fixed) (Total:223.57 GB) (Free:219.63 GB) NTFS Drive s: (SAUVEGARDE) (Fixed) (Total:782.23 GB) (Free:210.23 GB) NTFS \\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.51 GB) NTFS \\?\Volume{3e0425ed-365f-11eb-b50b-806e6f6e6963}\ () (Fixed) (Total:0.54 GB) (Free:0.51 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: BE2666F7) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 06631CC5) Partition: GPT. ========================================================== Disk: 2 (Size: 223.6 GB) (Disk ID: 06629CC4) Partition: GPT. ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4) Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================