Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 04-10-2021 Exécuté par Muller (04-10-2021 01:01:23) Exécuté depuis C:\Users\Muller\Downloads Windows 10 Pro Version 2004 19041.1237 (X64) (2020-11-04 11:35:15) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-34950723-3622257856-1134976912-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-34950723-3622257856-1134976912-503 - Limited - Disabled) Invité (S-1-5-21-34950723-3622257856-1134976912-501 - Limited - Disabled) Muller (S-1-5-21-34950723-3622257856-1134976912-1001 - Administrator - Enabled) => C:\Users\Muller WDAGUtilityAccount (S-1-5-21-34950723-3622257856-1134976912-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Actiona 3.9.0 (64 bits) (HKLM\...\{098CDAF9-5A9B-4731-9F3C-F3F1DF7490C2}_is1) (Version: 3.9.0 - Actiona.tools) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated) Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0) (Version: 17.0 - Adobe Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.2.0.436 - Adobe Systems Incorporated) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe) Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_0_1) (Version: 24.0.1 - Adobe Inc.) Adobe InDesign 2020 (HKLM-x32\...\IDSN_15_0) (Version: 15.0 - Adobe Inc.) Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_0) (Version: 9.0 - Adobe Systems Incorporated) Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_2) (Version: 14.2 - Adobe Inc.) Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated) ApowerPDF V5.4.0.0723 (HKLM-x32\...\{8691C793-7B2C-46C5-9AB2-AB80D129A5EC}_is1) (Version: 5.4.0.0723 - Apowersoft LIMITED) Apowersoft Online Launcher version 1.7.8 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.8 - APOWERSOFT LIMITED) Apple Application Support (32 bits) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation) Avast Antivirus Gratuit (HKLM\...\Avast Antivirus) (Version: 21.8.2487 - Avast Software) Backup and Sync from Google (HKLM\...\{AE7B9534-BD28-4C51-838F-A847C2A206E2}) (Version: 3.57.3958.2866 - Google, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Botty (HKLM-x32\...\{9F631181-EF39-456F-8D35-326CE79F2E54}_is1) (Version: 3.2.2 - Botty Company) Caesium version 1.7.0 (HKLM-x32\...\{88B0F0DE-6937-440D-B5CA-6E69003E55F7}_is1) (Version: 1.7.0 - Matteo Paonessa) CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.00.0001 - CASIO COMPUTER CO., LTD.) CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform) CINEMA 4D R14 (HKLM-x32\...\CINEMA 4D R14) (Version: - ) Clavier+ 10.8.2 (HKLM\...\Clavier+_is1) (Version: 10.8.2 - Guillaume Ryder) Combin 2.4 (HKLM\...\{562F0036-661E-405E-B403-B99B5786A3E8}) (Version: 2.4.2.2290 - Open Media LLC) CopyTrans Control Center désinstallation uniquement (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\CopyTrans Suite) (Version: 4.100 - WindSolutions) CORSAIR iCUE Software (HKLM-x32\...\{61D6723A-9BA9-4B66-8A66-2C2602D0AF27}) (Version: 3.28.75 - Corsair) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1456 - Disc Soft Ltd) DeepL (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\DeepL) (Version: 2.0.0 - DeepL GmbH) Disk Drill 2.0.0.330 (HKLM-x32\...\{761AD0B8-C653-41D0-BBA5-87DD4983DC0F}) (Version: 2.0.330 - CleverFiles) DriversCloud.com (64 bits) (HKLM\...\{0FFDC804-21EE-4283-ADBA-6A1958EB9525}) (Version: 8.0.3.1 - Cybelsoft) EaseUS MobiSaver (HKLM-x32\...\EaseUS MobiSaver_is1) (Version: - EaseUS) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON SX535WD Series Printer Uninstall (HKLM\...\EPSON SX535WD Series) (Version: - SEIKO EPSON Corporation) ePUBee DRM Removal (HKLM-x32\...\ePUBee DRM Removal) (Version: 3.1.5.2 - ePUBee Inc.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 6.0 - Poikosoft) f.lux (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\Flux) (Version: - f.lux Software LLC) FileZilla Client 3.21.0 (HKLM-x32\...\FileZilla Client) (Version: 3.21.0 - Tim Kosse) Free Video Converter (HKLM-x32\...\Free Video Converter_is1) (Version: 1.0.8.408 - Digital Wave Ltd) GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.281.0 - International GeoGebra Institute) Google Chrome (HKLM-x32\...\{6CAE450F-543D-3385-8585-EBF16BAA1C80}) (Version: 94.0.4606.61 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 51.0.15.0 - Google LLC) GoTo Opener (HKLM-x32\...\{2C183CF0-3077-43D0-B001-F93AC5E68942}) (Version: 1.0.487 - LogMeIn, Inc.) GoToMeeting 10.17.0.19796 (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\GoToMeeting) (Version: 10.17.0.19796 - LogMeIn, Inc.) HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - ) iCloud (HKLM\...\{694E3E02-E14A-4BB2-A970-CF7F017FD5CC}) (Version: 7.3.0.20 - Apple Inc.) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) iTunes (HKLM\...\{C61D1957-6534-4B61-AB35-1F115D41CFD5}) (Version: 12.9.5.7 - Apple Inc.) Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation) Jihosoft iPhone Data Recovery version 8.1.4.0 (HKLM-x32\...\{1E859503-2B3F-4AFC-ACA3-BFA89346E47F}_is1) (Version: 8.1.4.0 - HONGKONG JIHO CO., LIMITED) Kobo (HKLM-x32\...\Kobo) (Version: 4.24.13786 - Rakuten Kobo Inc.) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LibreOffice 5.0.4.2 (HKLM\...\{8C3F291E-AA0A-4188-A83F-1D97103AE27C}) (Version: 5.0.4.2 - The Document Foundation) Loom 0.86.0 (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\3643b966-bc28-5bc8-95ff-3d47d66438db) (Version: 0.86.0 - Loom, Inc.) Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Manager (HKLM-x32\...\{218A9668-3355-48AA-BFE5-6957CA4A5A4C}) (Version: 5.0.22.32425 - 2017 pdfforge GmbH. All rights reserved) Hidden Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) MEmu (HKLM-x32\...\MEmu) (Version: 6.1.1.0 - Microvirt Software Technology Co. Ltd.) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.14430.20234 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\OneDriveSetup.exe) (Version: 21.160.0808.0002 - Microsoft Corporation) Microsoft Project - fr-fr (HKLM\...\ProjectPro2019Retail - fr-fr) (Version: 16.0.14430.20234 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation) Microsoft Visio - fr-fr (HKLM\...\VisioPro2019Retail - fr-fr) (Version: 16.0.14430.20234 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Movavi Video Converter 20 Premium (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\Movavi Video Converter 20 Premium) (Version: 20.1.2 - Movavi) Movavi Video Editor 15 (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\Movavi Video Editor 15) (Version: 15.4.1 - Movavi) Mozilla Firefox 89.0 (x64 fr) (HKLM\...\Mozilla Firefox 89.0 (x64 fr)) (Version: 89.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 89.0.0.7817 - Mozilla) MtApi 1.0.43.0 (HKLM-x32\...\{B6C09859-CC4A-45FB-A096-7968EE54DD98}) (Version: 1.0.43.0 - DW) MtApi 1.0.43.0 Bootstrapper (HKLM-x32\...\{9bc1b048-f610-4fcd-8d86-2ef23120e0a7}) (Version: 1.0.43.0 - DW) MtApi5 1.0.24.0 (HKLM\...\{C314B8AC-4324-4EA7-B31F-A2DDB9C1C714}) (Version: 1.0.24.0 - DW) MtApi5 1.0.24.0 Bootstrapper (HKLM-x32\...\{f01d8cc7-7075-4d94-97df-8090e6209705}) (Version: 1.0.24.0 - DW) NETGEAR WNDA3100v2 wireless USB 2.0 driver (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.6 - NETGEAR) Node.js (HKLM\...\{402B92D4-F32A-4800-87F6-45784E450326}) (Version: 14.17.6 - Node.js Foundation) NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.35.9.0 - TEFINCOM S.A.) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team) NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Pilote graphique 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden OpenOffice 4.1.8 (HKLM-x32\...\{FDE124E1-6198-42CB-8A93-B383D9B9FD25}) (Version: 4.18.9803 - Apache Software Foundation) Opera Stable 78.0.4093.231 (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\Opera 78.0.4093.231) (Version: 78.0.4093.231 - Opera Software) paint.net (HKLM\...\{1A59F8A6-6AB4-4522-9340-F420B9155A31}) (Version: 4.2.16 - dotPDN LLC) PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.0.22.32360 - pdfforge GmbH) PDF Architect 5 Create Module (HKLM\...\{7A5C9B23-00FB-479B-9240-8DCBD3CDF7DC}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden PDF Architect 5 Edit Module (HKLM\...\{422024FF-15CA-4199-8DAF-DD34A8BA85DD}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden PDF Architect 5 View Module (HKLM\...\{AD72FB9B-80C6-461D-B099-9DD76A62115E}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH) PhoneClean (HKLM-x32\...\PhoneClean) (Version: 5.1.1.0 - iMobie Inc.) PhoneRescue (HKLM-x32\...\PhoneRescue) (Version: 4.0.0.0 - iMobie Inc.) Prism - Convertisseur de fichiers vidéo (HKLM-x32\...\Prism) (Version: 6.37 - NCH Software) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.8.14.1216 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.10 - Razer Inc.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Revo Uninstaller Pro 4.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.5 - VS Revo Group, Ltd.) RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.33.319 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.4 - Rockstar Games) SketchUp 2016 (HKLM\...\{4A8F2944-0D02-440C-809C-D2B17C3E6623}) (Version: 16.1.1449 - Trimble Navigation Limited) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Slack (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\slack) (Version: 4.20.0 - Slack Technologies Inc.) Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spotify (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\Spotify) (Version: 1.1.68.632.g2b11de83 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stellar Repair for Photo (HKLM-x32\...\Stellar Repair for Photo_is1) (Version: 7.0.0.2 - Stellar Information Technology Pvt Ltd.) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.21.8 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Telegram Desktop version 2.8.1 (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.8.1 - Telegram FZ-LLC) Tenorshare ReiBoot version 6.9.4 (HKLM-x32\...\{reiboot}_is1) (Version: 6.9.4 - Tenorshare, Inc.) The Castle's SplitImage (HKLM-x32\...\The Castle's SplitImage) (Version: - ) The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft) Tidio (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\Tidio) (Version: 4.1.0 - Tidio) TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software) Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version: - Ubisoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM-x32\...\{DE45508F-369E-4476-8F19-088F4933340E}) (Version: 1.8.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 17.1 - Ubisoft) Upwork 5.4.9.6 (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\93035758-0b9f-537e-bffc-381e80344cc8) (Version: 5.4.9 - Upwork, Inc.) uTorrent Web (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\utweb) (Version: 1.2.2 - BitTorrent, Inc.) Vegas Pro 13.0 (64-bit) (HKLM\...\{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58}) (Version: 13.0.290 - Sony) VirtualDJ 8 (HKLM-x32\...\{68A952A1-F666-4A5F-98C9-03EE9625B2E2}) (Version: 8.1.2857.0 - Atomix Productions) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WhatsApp (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\WhatsApp) (Version: 2.2134.10 - WhatsApp) Winamax Installer (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\Winamax Installer 2.4.0.1573641598) (Version: 2.4.0.1573641598 - Winamax) WinDirStat 1.1.2 (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\WinDirStat) (Version: - ) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) Wondershare PDFelement(Build 7.6.6) (HKLM-x32\...\{77078E40-A92E-47FD-A0F6-168A4BF6CF3A}_is1) (Version: 7.6.6.4995 - Wondershare Software Co.,Ltd.) XMedia Recode version 3.4.3.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.4.3.6 - XMedia Recode) Zoom (HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\ZoomUMX) (Version: 5.7.4 (804) - Zoom Video Communications, Inc.) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.17.0_neutral__8xx8rvfyw5nnt [2021-10-03] (Instagram) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad] Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-14] (Twitter Inc.) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-34950723-3622257856-1134976912-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-09-09] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-09-09] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-09-09] (Google LLC -> Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-02-21] (Notepad++ -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft -> Poikosoft) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-02-15] (Foxit Software Incorporated -> Foxit Software Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-09-09] (Google LLC -> Google) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x64.dll [2020-09-18] (Wondershare Technology Co.,Ltd -> Wondershare) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-01-10] (Apple Inc. -> Apple Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-10-29] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-10-29] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft -> Poikosoft) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-09-09] (Google LLC -> Google) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Muller\AppData\Local\MEGAsync\ShellExtX64.dll [2021-03-29] (Mega Limited -> ) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-02-15] (Foxit Software Incorporated -> Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [Fichier non signé] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Fichier non signé] HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [Fichier non signé] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Fichier non signé] ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\Muller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\Muller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ShortcutWithArgument: C:\Users\Muller\Desktop\Outlook.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eigpmdhekjlgjgcppnanaanbdmnlnagl ShortcutWithArgument: C:\Users\Muller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Outlook.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eigpmdhekjlgjgcppnanaanbdmnlnagl ShortcutWithArgument: C:\Users\Muller\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Modules chargés (Avec liste blanche) ============= 2020-05-20 22:26 - 2020-05-20 22:26 - 000209408 _____ () [Fichier non signé] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll 2020-05-20 22:26 - 2020-05-20 22:26 - 000101376 _____ () [Fichier non signé] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll 2020-03-20 21:05 - 2015-03-05 19:22 - 000380928 _____ () [Fichier non signé] C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll 2021-10-03 19:12 - 2021-10-03 19:12 - 000114176 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\_ctypes.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000172544 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\_elementtree.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 002255872 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\_hashlib.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000032256 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\_multiprocessing.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000046080 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\_psutil_windows.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000047616 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\_socket.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 002825216 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\_ssl.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000026112 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\_yappi.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000080896 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\bz2.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000015872 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\common.time34.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000007680 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\hashobjs_ext.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000301568 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\PIL._imaging.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000168448 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\pyexpat.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 001084416 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\pysqlite2._sqlite.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000548864 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\pythoncom27.dll 2021-10-03 19:12 - 2021-10-03 19:12 - 000137728 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\pywintypes27.dll 2021-10-03 19:12 - 2021-10-03 19:12 - 000010752 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\select.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000020992 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\thumbnails_ext.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000689664 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\unicodedata.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000119808 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\usb_ext.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000128512 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32api.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000438784 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32com.shell.shell.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000011776 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32crypt.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000023040 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32event.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000149504 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32file.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000223232 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32gui.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000048128 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32inet.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000029696 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32pdh.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000027648 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32pipe.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000044032 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32process.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000020480 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32profile.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000136192 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32security.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000026624 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\win32ts.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000034304 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\windows.conditional.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000037888 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\windows.connectivity.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000071680 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\windows.device_monitor.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000103936 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\windows.volumes.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000019968 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\windows.winwrap.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 001325056 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wx._controls_.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 001489408 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wx._core_.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 001007104 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wx._gdi_.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000103424 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wx._html2.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 000916992 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wx._misc_.pyd 2021-10-03 19:12 - 2021-10-03 19:12 - 001039872 _____ () [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wx._windows_.pyd 2021-08-20 13:26 - 2021-08-20 13:26 - 004562944 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNetc8826574#\43b10f113bb365b2690c37c4681c3509\PaintDotNet.SystemLayer.Native.x64.ni.dll 2020-03-20 21:05 - 2011-06-21 17:04 - 000229376 _____ (Broadcom Corporation) [Fichier non signé] C:\Program Files (x86)\NETGEAR\WNDA3100v2\wps_api.dll 2021-08-20 13:25 - 2021-08-20 13:25 - 009284608 _____ (dotPDN LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet.Base\10a187f9fca562444b82a3f22e091cbb\PaintDotNet.Base.ni.dll 2021-08-20 13:26 - 2021-08-20 13:26 - 010664960 _____ (dotPDN LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet.Core\cb2317a6214a64b395d2f105819cd68c\PaintDotNet.Core.ni.dll 2021-08-20 13:26 - 2021-08-20 13:26 - 000646656 _____ (dotPDN LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet.Data\3409a7880c4ae604f5f8a5f2428aa66c\PaintDotNet.Data.ni.dll 2021-08-20 13:26 - 2021-08-20 13:26 - 001382912 _____ (dotPDN LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet.Effects\3d266c64ce094f419174ac47dddeb565\PaintDotNet.Effects.ni.dll 2021-08-20 13:26 - 2021-08-20 13:26 - 001117184 _____ (dotPDN LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet26779e70#\61d77ea209c21d03c984fcfb77e6a9d2\PaintDotNet.Resources.ni.dll 2021-08-20 13:25 - 2021-08-20 13:25 - 002486272 _____ (dotPDN LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet500b2e4f#\f3f8a8df5fa2099d8c838b42c9be996a\PaintDotNet.SystemLayer.ni.dll 2021-08-20 13:26 - 2021-08-20 13:26 - 004569088 _____ (dotPDN LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet7afaaa15#\1802100d5518faa01f83e5764b6d6e0a\PaintDotNet.Framework.ni.dll 2021-08-20 13:27 - 2021-08-20 13:27 - 000174080 _____ (Milosz Krajewski) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\K4os.Compression.LZ4\279f354e506a2fe5b0126f1e9c23e8b5\K4os.Compression.LZ4.ni.dll 2018-05-14 20:12 - 2017-09-27 17:30 - 000489984 _____ (Newtonsoft) [Fichier non signé] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\Newtonsoft.Json.dll 2017-04-28 22:41 - 2017-04-28 22:41 - 000116224 _____ (pdfforge GmbH) [Fichier non signé] C:\WINDOWS\System32\pdfcmon.dll 2021-10-03 19:12 - 2021-10-03 19:12 - 003043328 _____ (Python Software Foundation) [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\python27.dll 2020-03-06 12:49 - 2020-03-06 12:49 - 000090112 _____ (Silicon Laboratories, Inc.) [Fichier non signé] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2020-05-20 23:12 - 2020-05-20 23:12 - 005139576 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll 2019-09-02 10:57 - 2019-09-02 10:57 - 000267728 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Svg.dll 2018-05-14 20:12 - 2018-01-26 17:08 - 000088064 _____ (Wondershare) [Fichier non signé] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppCollect.dll 2018-05-14 20:12 - 2018-01-26 17:08 - 000200192 _____ (Wondershare) [Fichier non signé] C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppCommon.dll 2021-10-03 19:12 - 2021-10-03 19:12 - 000202240 _____ (wxWidgets development team) [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wxbase30u_net_vc90_x64.dll 2021-10-03 19:12 - 2021-10-03 19:13 - 002831872 _____ (wxWidgets development team) [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wxbase30u_vc90_x64.dll 2021-10-03 19:13 - 2021-10-03 19:13 - 001654784 _____ (wxWidgets development team) [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wxmsw30u_adv_vc90_x64.dll 2021-10-03 19:13 - 2021-10-03 19:13 - 006542336 _____ (wxWidgets development team) [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wxmsw30u_core_vc90_x64.dll 2021-10-03 19:13 - 2021-10-03 19:13 - 000773632 _____ (wxWidgets development team) [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wxmsw30u_html_vc90_x64.dll 2021-10-03 19:13 - 2021-10-03 19:13 - 000137216 _____ (wxWidgets development team) [Fichier non signé] C:\Users\Muller\AppData\Local\Temp\_MEI91402\wxmsw30u_webview_vc90_x64.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-34950723-3622257856-1134976912-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2021-01-09] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2021-01-09] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-03] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-03] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-10-30 09:24 - 2021-09-24 13:20 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Muller\Desktop\FFMPEG\ffmpeg-20170425-b4330a0-win64-static\bin;C:\Program Files (x86)\Skype\Phone";C:\Users\Muller\AppData\Local\Microsoft\WindowsApps;C:\Program Files\Actiona;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\nodejs\ HKU\S-1-5-21-34950723-3622257856-1134976912-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Muller\Desktop\neon-light-tunnel-futuristic-view-WANVRQ3.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Le Pare-feu est activé. Network Binding: ============= Ethernet: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) Ethernet 2: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) NordLynx: General NDIS Protocol Driver -> SCM_NDISPROT (enabled) ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "SilentCleanService" HKLM\...\StartupApproved\Run32: => "KrakenLauncher" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "Kraken71ChromaHelper" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "RazerCortex" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "puush" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "World of Warships" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Reflector2" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Combin" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "RzAppEngine" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "NordVPN" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Upwork" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-34950723-3622257856-1134976912-1001\...\StartupApproved\Run: => "electron.app.Loom" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{CF7130ED-8F33-4A19-B726-752BB31C9548}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{9D1F7319-BFC7-483D-84AB-B3734C21C573}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [UDP Query User{7519BB28-B04D-4E8A-BC51-3BDC690A4157}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{6403DA0B-E9E4-49F9-8F3C-040FAC41A51E}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{371D870A-2E34-4E44-87BA-903955FD0DBB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8F54DB95-7BBC-49DB-8F91-4A42B7D65DFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{9FBC35AF-3F0D-4AB1-BA39-C797F813A471}C:\users\muller\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\muller\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{AD9CC1F0-5C73-43CD-9687-8B66B1EC5762}C:\users\muller\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\muller\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{9BD30766-B108-49C8-8AC7-208A6725E0D5}C:\users\muller\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\muller\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{3C8DABFA-5A6F-4EC8-AE1B-642EB8E3589C}C:\users\muller\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\muller\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{16847BB6-8649-408B-A93A-40FDFB961894}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{09AEEAAC-AF9C-42A0-AB80-246B2C5FD4EE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{50424EA0-24FA-48AF-B6E1-BCE6B1DB0EFC}C:\users\muller\appdata\local\programs\upwork\upwork.exe] => (Allow) C:\users\muller\appdata\local\programs\upwork\upwork.exe (Upwork Global Inc. -> Upwork, Inc.) FirewallRules: [UDP Query User{96038288-8A67-4B1E-B8C4-7B2BB8E045F5}C:\users\muller\appdata\local\programs\upwork\upwork.exe] => (Allow) C:\users\muller\appdata\local\programs\upwork\upwork.exe (Upwork Global Inc. -> Upwork, Inc.) FirewallRules: [TCP Query User{3D622A1C-38DD-45E5-BEFE-323AED59255D}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{B2D65CD2-E3AE-4930-B48B-EE0BE6C10696}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [{963D0071-825D-4C29-8FBC-B59BF317C280}] => (Allow) C:\Users\Muller\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{9D4D68B3-259C-461F-9F10-A64220F92F87}] => (Allow) C:\Users\Muller\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{108B63FE-BA72-4470-8422-004B6A03A370}] => (Allow) C:\Users\Muller\AppData\Roaming\Zoom\bin_00\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{CC9A2E76-9D6A-4255-BAA6-D054BF32C4AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{590E95CD-76FE-41B6-B6AF-53702057837C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{511418B5-D9C5-423D-92B7-B1E659410982}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{78E80929-17FA-4F98-9D44-427958C201D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7F77FF26-6DA4-4186-ABFF-C79B6D9FF249}] => (Allow) C:\Users\Muller\AppData\Local\Programs\Opera\78.0.4093.184\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{1CD03EA1-BCB2-43CA-9378-AFCA96D4CBDF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{51EE689E-AE74-475D-AB04-E0E03597E56E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{2A663AC9-BE47-4F73-A4FD-13BC2D0DB959}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{97C9C36E-CE7A-4D83-86D5-B73E5B0C613F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{430F464D-4B48-497F-8300-6C193033C5CE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{648461D1-18AF-4CB4-BB0D-B733EEF26301}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{4F31E290-C715-4E25-B2EF-81C8E5357072}] => (Allow) C:\Users\Muller\AppData\Local\Programs\Opera\78.0.4093.231\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{00F45D66-0355-44D1-BA0C-C75808D9F7C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{B47D9FF2-1D30-4DF3-8F58-ABACC2369C6A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{1C5F816B-A8BF-4F99-8D1D-DB6A43CD84ED}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{7156C9E3-42A0-4CAB-B362-869F7355AD44}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Points de restauration ========================= 25-09-2021 14:06:03 Point de contrôle planifié 26-09-2021 21:01:40 ZHPcleaner ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (10/03/2021 09:33:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante SnippingTool.exe, version : 10.0.19041.746, horodatage : 0xeb13aef9 Nom du module défaillant : ntdll.dll, version : 10.0.19041.1202, horodatage : 0x4f115fac Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000008c56f ID du processus défaillant : 0x3a7c Heure de début de l’application défaillante : 0x01d7b88d6f318ed9 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\SnippingTool.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : e4d8d9e6-80f0-41b0-b446-ada7a0066518 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/03/2021 09:20:44 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Réservé au système car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Error: (10/03/2021 07:44:52 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Stellar Repair for Photo\StellarRepairforPhoto.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest. Error: (10/03/2021 07:13:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante GameBar.exe, version : 5.721.9022.0, horodatage : 0x61318ae5 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1202, horodatage : 0xc9db1934 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000010be3e ID du processus défaillant : 0x5264 Heure de début de l’application défaillante : 0x01d7b879c75e7ddb Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBar.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 249c95c6-d404-42dc-8468-3716eb455612 Nom complet du package défaillant : Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App Error: (10/01/2021 07:59:37 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 30609 Error: (10/01/2021 07:59:37 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 30609 Error: (10/01/2021 07:59:37 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/01/2021 07:59:22 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15250 Erreurs système: ============= Error: (10/03/2021 07:49:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Windows Search n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (10/03/2021 07:49:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Windows Search. Error: (10/01/2021 07:59:10 AM) (Source: DCOM) (EventID: 10010) (User: PCDEFLORIAN) Description: Le serveur {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/01/2021 07:58:44 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (09/29/2021 05:20:25 PM) (Source: DCOM) (EventID: 10005) (User: PCDEFLORIAN) Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service gupdatem avec les arguments « /comsvc » pour exécuter le serveur : {E225E692-4B47-4777-9BED-4FD7FE257F0E} Error: (09/29/2021 05:20:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Service Google Update (gupdatem) n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (09/29/2021 05:20:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Service Google Update (gupdatem). Error: (09/29/2021 07:54:55 AM) (Source: DCOM) (EventID: 10005) (User: PCDEFLORIAN) Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service gupdatem avec les arguments « /comsvc » pour exécuter le serveur : {E225E692-4B47-4777-9BED-4FD7FE257F0E} Windows Defender: ================ Date: 2021-06-03 22:30:22 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {6B7F4C1A-FC75-4DC1-B412-15460AB030F1} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2021-06-03 09:24:16 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {5757D9DF-364C-4003-80A6-56113F1EE24F} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2021-06-03 08:49:47 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {55620FD9-5192-42E3-90B6-1AD54AA2DFE2} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2021-06-01 22:26:05 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {6DE10BE7-FF43-452F-BE44-468412A56672} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2021-06-01 21:53:41 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {7AB69924-CF8F-4E68-8571-5545BCCFF7BF} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2021-09-29 17:24:56 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2021-09-28 23:53:41 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. P1.40 08/31/2015 Carte mère: ASRock 980DE3/U3S3 R2.0 Processeur: AMD FX-8370 Eight-Core Processor Pourcentage de mémoire utilisée: 67% Mémoire physique - RAM - totale: 8191.23 MB Mémoire physique - RAM - disponible: 2678.79 MB Mémoire virtuelle totale: 19148.69 MB Mémoire virtuelle disponible: 8016.08 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:464.4 GB) (Free:99.6 GB) NTFS \\?\Volume{40f9e58d-0000-0000-0000-100000000000}\ (Réservé au système) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{40f9e58d-0000-0000-0000-403974000000}\ () (Fixed) (Total:0.87 GB) (Free:0.41 GB) NTFS ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 40F9E58D) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=886 MB) - (Type=27) ==================== Fin de Addition.txt =======================