Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 14-11-2021 Exécuté par didie (21-11-2021 16:37:48) Exécuté depuis C:\Users\didie\Downloads Microsoft Windows 10 Professionnel Version 21H2 19044.1348 (X64) (2020-05-28 15:49:10) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrator (S-1-5-21-2152224487-3077631035-3360280211-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2152224487-3077631035-3360280211-503 - Limited - Disabled) defaultuser1 (S-1-5-21-2152224487-3077631035-3360280211-1021 - Limited - Enabled) => C:\Users\defaultuser1.GENESIS.000 didie (S-1-5-21-2152224487-3077631035-3360280211-1001 - Administrator - Enabled) => C:\Users\didie Guest (S-1-5-21-2152224487-3077631035-3360280211-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2152224487-3077631035-3360280211-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: G DATA TOTAL SECURITY (Disabled - Up to date) {985B4C1F-0949-5361-4D6D-E6923882F28D} AV: G DATA TOTAL SECURITY (Disabled - Up to date) {306EF9D4-90EF-3FB7-151E-73C2982F8C0E} AV: G DATA TOTAL SECURITY (Disabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G DATA TOTAL SECURITY (Disabled) {085578F1-DA80-3EEF-3E41-DAF766FCCB75} FW: G DATA TOTAL SECURITY (Disabled) {A060CD3A-4326-5239-6632-4FA7C651B5F6} FW: G DATA TOTAL SECURITY (Disabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated) AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.5 - RedFox) AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.4.5.0 - GIGABYTE Technology Co.,Inc.) ASUS Essence STX II Audio Device (HKLM-x32\...\{1A01B996-F7F7-473C-9EA4-B22801713A83}) (Version: - ASUSTek Computer Inc.) ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.4 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{c23c281b-0c0f-4c58-b069-92db94049ad0}) (Version: 1.0.4 - ASUS) Hidden Belgium e-ID middleware 4.4.4 (build 3838) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73838}) (Version: 4.4.3838 - Belgian Government) Boilsoft Video Cutter 1.21 (HKLM-x32\...\{C72AB84A-4F9E-4D80-8243-C9547773BE73}_is1) (Version: - Boilsoft, Inc.) Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.4.0 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.) Canon iP8700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP8700_series) (Version: - Canon Inc.) Canon iP8700 series User Registration (HKLM-x32\...\Canon iP8700 series User Registration) (Version: - ‭Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.) Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.7.1.0 - Canon Inc.) Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.7.0.0 - Canon Inc.) Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.) Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.7.0.0 - Canon Inc.) Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.6.30.1 - Canon Inc.) Canon Utilities Map Utility (HKLM-x32\...\Map Utility Parent) (Version: 1.8.2.3 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.19.0.0 - Canon Inc.) Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation) Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - ) Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.3 - CORSAIR COMPONENTS INC.) Hidden Corsair AURA DRAM Component (HKLM-x32\...\{0589c0a4-38f0-40bc-9296-8be22aa26522}) (Version: 1.0.3 - CORSAIR COMPONENTS INC.) Hidden CR-Hexact 2.3 (HKLM-x32\...\CR-Hexact 2.3) (Version: - ) CyberLink PowerDVD 18 (HKLM-x32\...\{0F4F617F-E8D5-46A3-A0F9-43855182A3B1}) (Version: 18.0.3010.62 - CyberLink Corp.) DVDFab (x64) 11.0.0.4 (15/11/2018) (HKLM-x32\...\DVDFab 11(x64)) (Version: 11.0.0.4 - DVDFab Software Inc.) eID Web Browser Middleware (HKLM\...\eID Web Browser Middleware) (Version: 1.1.11 - e-Contract.be BVBA) erLT (HKLM-x32\...\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}) (Version: 1.20.0137 - Logitech, Inc.) Hidden Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff) FAHClient (HKLM-x32\...\FAHClient) (Version: 7.5.1 - Folding@home.org) FLAC Frontend (HKLM-x32\...\{315E5E8B-0560-413A-B604-622A4C8BECBD}) (Version: 2.1.1 - Xiph.org) foobar2000 v1.6.7 (HKLM-x32\...\foobar2000) (Version: 1.6.7 - Peter Pawlowski) FormatFactory 5.8.1.0 (HKLM-x32\...\FormatFactory) (Version: 5.8.1.0 - Free Time) G DATA TOTAL SECURITY (HKLM-x32\...\G DATA TOTAL SECURITY) (Version: 25.5.11.316 - G DATA Software AG) Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google) HashTab 6.0.0.34 (HKLM\...\HashTab) (Version: 6.0.0.34 - Implbits Software) Icecream Password Manager version 1.16 (HKLM-x32\...\{A3C1DB5D-6DC5-420E-A7CA-74D5C091576A}_is1) (Version: 1.16 - Icecream Apps) Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{b4e016a7-e963-49d7-9b66-4d635026af31}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel® Software Guard Extensions Platform Software (HKLM-x32\...\ARP_for_prd_SGX_1.8.108.41160) (Version: 1.8.108.41160 - Intel Corporation) Iside (HKLM-x32\...\{C4F3484C-CC13-4E5A-B202-956B0C9049C2}) (Version: 3.0.1007 - LittleLite Software) Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.3 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{a1697240-f3cf-483c-a9d2-3cd9e5bf3615}) (Version: 1.0.3 - KINGSTON COMPONENTS INC.) Hidden Kyodai Mahjongg 2006 v1.0 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt) Logiciel Logitech Unifying 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech) Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech) Logitech SetPoint 6.70 (HKLM\...\sp6) (Version: 6.70.55 - Logitech) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) MiniTool Partition Wizard 12 DEMO (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 94.0.1 (x64 fr)) (Version: 94.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla) Mp3tag v3.10 (HKLM-x32\...\Mp3tag) (Version: 3.10 - Florian Heidenreich) MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.32 - MSI) MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.12 - MSI) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA Pilote graphique 472.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.47 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.02 - Patriot Memory) Hidden Patriot Viper RGB (HKLM-x32\...\{d549ba94-f6a7-4153-9c75-2e40ec8e1c8e}) (Version: 1.00.02 - Patriot Memory) R-Drive Image 6.2 (HKLM-x32\...\R-Drive Image 6.2NSIS) (Version: 6.2.6206 - R-Tools Technology Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.24.1208.2017 - Realtek) RealWorld Cursor Editor (HKLM-x32\...\{25A344BB-378D-4E51-9A39-780755012B2D}) (Version: 13.1.0 - RealWorld Graphics) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.18.1018.1 - GIGABYTE) Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: 3.3.0.2003 - Samsung Electronics) Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{DC753502-B4E6-4E0A-90C7-14A264853344}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-23733 - Synology) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) VueScan x64 (HKLM\...\VueScan x64) (Version: 9.7.42 - Hamrick Software) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software) WinTrack version 11.0 3D (HKLM-x32\...\wintrack6_is1) (Version: 11.0 3D - Ing.-Büro Schneider) WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24119}) (Version: 22.0.12706 - Corel Corporation) WinZip Driver Updater (HKLM\...\WinZip Driver Updater) (Version: 5.40.0.20 - Corel Corporation) Wolfram Mathematica 11.3 (M-WIN-L 11.3.0 5944644) (HKLM\...\M-WIN-L 11.3.0 5944644_is1) (Version: 11.3.0 - Wolfram Research, Inc.) WolframScript (A-WIN32-WolframScript 11.3.0 2018030401) (HKLM-x32\...\{F8D88AF3-43F1-4818-B6DB-0D38F8E42833}) (Version: 11.3.49 - Wolfram Research, Inc.) Packages: ========= Autumn Colors -> C:\Program Files\WindowsApps\Microsoft.AutumnColors_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-03] (Microsoft Corporation) Colorful Birds -> C:\Program Files\WindowsApps\Microsoft.ColorfulBirds_1.0.0.0_neutral__8wekyb3d8bbwe [2018-06-22] (Microsoft Corporation) Fibonacci Sequence in Nature -> C:\Program Files\WindowsApps\Microsoft.FibonacciSequenceinNature_10.0.0.0_neutral__8wekyb3d8bbwe [2018-06-05] (Microsoft Corporation) Fields of Flowers -> C:\Program Files\WindowsApps\Microsoft.FieldsofFlowers_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-02] (Microsoft Corporation) Forest for the Trees -> C:\Program Files\WindowsApps\Microsoft.ForestfortheTrees_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-01] (Microsoft Corporation) Futuristic Fractals by Duncan Lawler -> C:\Program Files\WindowsApps\Microsoft.FuturisticFractalsbyDuncanLawler_1.0.0.0_neutral__8wekyb3d8bbwe [2018-06-15] (Microsoft Corporation) Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2018-11-03] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2018-11-03] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-17] (NVIDIA Corp.) Porsche 911 GT2 RS - Forza Motorsport 7 -> C:\Program Files\WindowsApps\MicrosoftCorporation.Porsche911GT2RS-ForzaMotorspo_1.0.0.0_neutral__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) Sights of Russia -> C:\Program Files\WindowsApps\Microsoft.SightsofRussia_1.0.0.0_neutral__8wekyb3d8bbwe [2018-07-24] (Microsoft Corporation) The Animal Kingdom -> C:\Program Files\WindowsApps\Microsoft.TheAnimalKingdom_1.0.0.0_neutral__8wekyb3d8bbwe [2018-11-02] (Microsoft Corporation) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\didie\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll () [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: ) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: ) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\didie\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\didie\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: ) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: ) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: ) [Fichier non signé] ContextMenuHandlers1: [$PowerDVD18] -> {EF1ED1FB-2224-4150-B12A-CDDE6D442D5A} => C:\ProgramData\CyberLink\PowerDVD18\OpenWith\PDVD_Shell64.dll [2018-10-02] (CyberLink Corp. -> CyberLink Corp.) ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\TotalProtection\AVK\ShellExt64.dll [2021-07-22] (G DATA CyberDefense AG -> G DATA Software AG) ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (TGRMN Software -> Bulk Rename Utility) ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [Fichier non signé] ContextMenuHandlers1: [IsideShellExtension] -> {69D701AF-64F5-40FA-A280-2C7C02AC4921} => C:\Program Files (x86)\LittleLite Software\Iside\IsideShellExt64.dll [2009-06-10] (LittleLite Software) [Fichier non signé] ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org) [Fichier non signé] ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-15] (Corel Corporation -> WinZip Computing, S.L.) ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (TGRMN Software -> Bulk Rename Utility) ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org) [Fichier non signé] ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\TotalProtection\Shredder\Reisswlf64.dll [2021-07-21] (G DATA CyberDefense AG -> G DATA Software AG) ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (TGRMN Software -> Bulk Rename Utility) ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [Fichier non signé] ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org) [Fichier non signé] ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-15] (Corel Corporation -> WinZip Computing, S.L.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_a316fd2790791cc1\nvshext.dll [2021-10-27] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org) [Fichier non signé] ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\TotalProtection\AVK\ShellExt64.dll [2021-07-22] (G DATA CyberDefense AG -> G DATA Software AG) ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\TotalProtection\Shredder\Reisswlf64.dll [2021-07-21] (G DATA CyberDefense AG -> G DATA Software AG) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-15] (Corel Corporation -> WinZip Computing, S.L.) ContextMenuHandlers1_S-1-5-21-2152224487-3077631035-3360280211-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2019-07-31] () [Fichier non signé] ContextMenuHandlers4_S-1-5-21-2152224487-3077631035-3360280211-1001: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => C:\Program Files (x86)\foobar2000\ShellExt64.dll [2019-12-02] (Piotr Pawłowski -> Peter Pawlowski) [Fichier non signé] ContextMenuHandlers6_S-1-5-21-2152224487-3077631035-3360280211-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2019-07-31] () [Fichier non signé] ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2021-11-19 19:16 - 2005-07-18 13:43 - 000160256 _____ () [Fichier non signé] C:\Program Files (x86)\MSI\APP Manager\unrar.dll 2018-12-20 18:52 - 2013-12-16 04:05 - 000143360 _____ () [Fichier non signé] C:\Program Files\ASUS Essence STX II Audio Device\Customapp\VmixP8.dll 2019-07-31 15:21 - 2019-07-31 15:21 - 001367552 _____ () [Fichier non signé] C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll 2019-07-31 15:21 - 2019-07-31 15:21 - 000198144 _____ () [Fichier non signé] C:\Users\didie\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\WinCFWrapper.dll 2018-05-18 19:50 - 2013-09-11 07:50 - 000360448 _____ (CANON INC.) [Fichier non signé] C:\WINDOWS\System32\CNMN6PPM.DLL 2018-12-20 18:52 - 2014-02-05 07:00 - 000430080 _____ (C-Media Electronics Inc.) [Fichier non signé] C:\Program Files\ASUS Essence STX II Audio Device\CustomApp\cmdeviceSTXII.dll 2017-09-01 12:15 - 2017-09-01 12:15 - 002227456 _____ (Corel Corporation -> WinZip) [Fichier non signé] C:\Program Files\WinZip\WinZip Smart Monitor\SystemInfo-vc100-mt.dll 2018-07-23 09:33 - 2013-02-02 14:41 - 000079360 _____ (hxxp://winmerge.org) [Fichier non signé] C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll 2009-06-10 09:57 - 2009-06-10 09:57 - 000110080 _____ (LittleLite Software) [Fichier non signé] C:\Program Files (x86)\LittleLite Software\Iside\IsideShellExt64.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D082120-A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D082120-N0700A21ABFDD9D88F4162B1F&form=CONBDF&conlogo=CT3332016&q={searchTerms} SearchScopes: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D082120-N0700A21ABFDD9D88F4162B1F&form=CONBDF&conlogo=CT3332016&q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.) DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\...\bnpparibasfortis.net -> hxxps://bnpparibasfortis.net IE trusted site: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-10-30 08:24 - 2019-07-22 18:46 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 gdpwmgrlocalhost 2018-05-24 23:20 - 2021-11-21 16:08 - 000000529 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.27.144.1 GENESIS.mshome.net # 2026 11 5 20 15 8 41 435 2020 11 1 23 17 33 49 520 192.168.224.1 GENESIS.mshome.net # 2025 11 6 22 11 45 41 487 ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Wolfram Research\WolframScript\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\didie\Desktop\Audi S3.JPG HKU\S-1-5-21-2152224487-3077631035-3360280211-1021\Control Panel\Desktop\\Wallpaper -> DNS Servers: 195.238.2.21 - 195.238.2.22 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\StartupFolder: => "PlexTools Professional LE.lnk" HKLM\...\StartupApproved\Run: => "EvtMgr6" HKLM\...\StartupApproved\Run: => "IntelliPoint" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "Cmaudio8788GX64" HKLM\...\StartupApproved\Run: => "Cmaudio8788GX" HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run: => "LogiOptions" HKLM\...\StartupApproved\Run32: => "GDFirewallTray" HKLM\...\StartupApproved\Run32: => "MSIRegister" HKLM\...\StartupApproved\Run32: => "PowerDVD18Agent" HKLM\...\StartupApproved\Run32: => "MiniBin" HKLM\...\StartupApproved\Run32: => "APP Manager" HKLM\...\StartupApproved\Run32: => "Fast Boot" HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk" HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\...\StartupApproved\StartupFolder: => "eventcountdownclock.exe" HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\...\StartupApproved\StartupFolder: => "Folding@home.lnk" HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\...\StartupApproved\Run: => "Startup\Perfect-Table-Plan-Clock_eventcountdownclock" HKU\S-1-5-21-2152224487-3077631035-3360280211-1001\...\StartupApproved\Run: => "Icecream Password Manager" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{0E81E5DA-DB4F-4118-B6A6-132F48A5E8A0}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier FirewallRules: [{C5989726-5F9F-418D-B253-5C4FA6BE3B01}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{A48866C2-E08E-4853-8ACB-A36D12589AFF}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{562DDB24-E203-4784-A3E9-A86C384E11D6}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier FirewallRules: [{FDE7E498-97EC-4572-9814-840D88588E00}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier FirewallRules: [{D5137580-FB83-46AC-8E7B-C64E9DD3B36E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{AA8DA4E5-25EF-439B-A3C1-3D8D0370ADAB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{2DA00E57-51C8-4FC7-8C13-95D8B27635DE}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier FirewallRules: [{AAAB12CD-CE4F-4900-A9DD-BC16B8145C3D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier FirewallRules: [{4430A2D8-6CE6-4D5A-B136-976E746E8F12}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{7FCDFC9B-6A10-4037-83C2-461B72AEC198}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier FirewallRules: [{F61D4787-68BD-4E8D-AF3A-E80F8679D62B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{978EBD0B-52BC-4BA1-BA9D-7C4DDBC80FA0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C64B0C0B-E330-47D7-A228-D404BE11A241}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{4DC1BFC9-281F-48F5-AFDF-DD9B480DDF78}] => (Allow) LPort=26822 FirewallRules: [{73849989-38ED-4759-8D3A-4D5D59855E50}] => (Allow) LPort=26820 FirewallRules: [{A9BC5106-6A04-4CAB-BD1B-B1A6954DCBA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5294FFED-5FB1-41E2-9DA4-057204BD5D37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2C572C05-11C1-4C15-8B32-2737669BB2D1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3D349BAC-D4EC-49F4-ACB4-2BE720490C85}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{829E8632-64FD-4C7B-A367-EB122F2101F1}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time) FirewallRules: [{325F61FD-DF32-482B-9A09-55F3AABEF172}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{6B195408-8073-4AE9-AA13-EA0FE9AD3C15}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier FirewallRules: [{B3F192D6-272E-462C-9715-9169DF0954FD}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{426CCF9A-A434-4DDC-8A36-E46B3BB6C2A5}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier FirewallRules: [{95655A3B-C6BC-41C5-A41E-C0C4AA4E4BC7}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe => Pas de fichier FirewallRules: [{824CF842-FA12-421E-99D6-FAF8FC370409}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD\PowerDVD18\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{5C82CE03-46E8-4C67-9B2B-9B5A69183FBE}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{67BB0411-4D97-4C6A-A275-8E87F2D65F08}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD\PowerDVD18\PowerDVD18Agent.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{8FDB3637-9A1E-42DB-AF64-D6E8175C9ABB}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD\PowerDVD18\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{FBA85500-7667-4913-AAF6-D4CC2DC88578}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD\PowerDVD18\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [DNS Server Forward Rule - TCP - 6c51f762-8a6f-4c5f-8206-dc7ff0be5d41 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - 6c51f762-8a6f-4c5f-8206-dc7ff0be5d41 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - 94a23a9f-72c3-4301-a216-cfc2179dfa0d - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - 94a23a9f-72c3-4301-a216-cfc2179dfa0d - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - c18d8c09-b8fc-40e6-a4a5-3b611b9c3b0a - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - c18d8c09-b8fc-40e6-a4a5-3b611b9c3b0a - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - 2b7222e2-d7a9-4f04-98e1-cd1dae69534e - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - 2b7222e2-d7a9-4f04-98e1-cd1dae69534e - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - ac7d6e02-b1e6-4909-a4d9-4c1b1ea524bc - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - ac7d6e02-b1e6-4909-a4d9-4c1b1ea524bc - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - d9a1c042-5ba9-4561-aea5-c9ff13237827 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - d9a1c042-5ba9-4561-aea5-c9ff13237827 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - dd95e9c9-b843-4294-8616-57680a7c490c - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - dd95e9c9-b843-4294-8616-57680a7c490c - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - f9f3c9f1-2c40-40da-ab18-f1a54ef90beb - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - f9f3c9f1-2c40-40da-ab18-f1a54ef90beb - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - 9c486995-b9fe-4037-b32e-4eb15214a2c1 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - 9c486995-b9fe-4037-b32e-4eb15214a2c1 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - b98cf8cd-0139-4f98-acb5-e842aa26fc63 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - b98cf8cd-0139-4f98-acb5-e842aa26fc63 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - 886301cb-ea24-4179-af86-6fcf066e2454 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - 886301cb-ea24-4179-af86-6fcf066e2454 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - c41c7844-54ae-477e-aa76-0b4191b9595b - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - c41c7844-54ae-477e-aa76-0b4191b9595b - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - 62e5543f-8dbe-4ef8-a6ea-adb85c44789d - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - 62e5543f-8dbe-4ef8-a6ea-adb85c44789d - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - aa823c97-a3ce-4678-a798-e4cf49b92800 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - aa823c97-a3ce-4678-a798-e4cf49b92800 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - TCP - 823d817e-c551-4635-b65a-b4ebf8488bf7 - 0] => (Allow) LPort=53 FirewallRules: [DNS Server Forward Rule - UDP - 823d817e-c551-4635-b65a-b4ebf8488bf7 - 0] => (Allow) LPort=53 FirewallRules: [{4144AC67-B0BD-43D6-AA50-5C220EB90CFE}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{70E595CA-F30D-4048-BBE6-CC7DCFD6B55B}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software) FirewallRules: [{D466D453-D0AB-4CA5-AF55-0EABDEB32C22}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software) FirewallRules: [{781089E8-CD37-4740-ABA1-7D6598CCC01F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{79250C77-6B6B-4B99-8E22-2DE48C1D2B5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DB75CC0D-10EE-4C4A-B9D0-AF592B9BFE11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{511A5043-2FBB-4A81-A15C-471E4B278764}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{90A1F2EF-0037-4EE4-B453-D8AD8B832632}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) FirewallRules: [{DBB277AB-1DC2-439F-9EB9-3DA787B1AF2E}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [{B0102453-A710-48D6-965C-724920596E32}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AE9641BC-265E-401F-940C-EBDEA888C8FC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1EFE142F-9427-471E-8D65-2FEC2EB2C81C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\SimpleCopier6\simplecopier.exe] => Enabled:SimpleCopier StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\SimpleCopier6\simplecopier.exe] => Enabled:SimpleCopier ==================== Points de restauration ========================= 17-11-2021 19:05:25 Windows Modules Installer 18-11-2021 15:33:26 WinZip Driver Updater (18/11/2021 15:33) 19-11-2021 20:08:25 Windows Modules Installer ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (11/21/2021 04:14:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Le déchargement des chaînes de compteurs de performances pour le service WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code d’erreur. Error: (11/21/2021 04:14:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error: (11/21/2021 04:14:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données. Error: (11/21/2021 02:01:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer retrim sur BACKUP GENESIS (A:) car : The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (11/21/2021 02:01:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer retrim sur BACKUP ACER SWIFT 3 (H:) car : The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (11/21/2021 01:39:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer retrim sur BACKUP ACER SWIFT 3 (H:) car : The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (11/21/2021 01:39:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer retrim sur BACKUP GENESIS (A:) car : The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (11/21/2021 01:36:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Le déchargement des chaînes de compteurs de performances pour le service WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code d’erreur. Erreurs système: ============= Error: (11/21/2021 04:08:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service LMS n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (11/21/2021 04:08:35 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: Le service SNMP a rencontré une erreur lors de l’accès à la clé de Registre SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (11/21/2021 01:30:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service LMS n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (11/21/2021 01:30:35 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: Le service SNMP a rencontré une erreur lors de l’accès à la clé de Registre SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (11/20/2021 08:21:58 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM a reçu l’erreur « 1115 » lors de la tentative de démarrage du service SecurityHealthService avec les arguments « Unavailable » pour exécuter le serveur : {8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0} Error: (11/20/2021 08:20:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service LMS n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (11/20/2021 08:20:15 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: Le service SNMP a rencontré une erreur lors de l’accès à la clé de Registre SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (11/20/2021 08:19:16 PM) (Source: DCOM) (EventID: 10010) (User: GENESIS) Description: Le serveur {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. CodeIntegrity: =============== Date: 2021-11-21 16:32:26 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\G Data\TotalProtection\AVK\avkwscpe.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-11-21 16:32:25 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Common Files\G Data\AVKProxy\GDAMSIx64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 2.C0 06/04/2020 Carte mère: Micro-Star International Co., Ltd. Z370-A PRO (MS-7B48) Processeur: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz Pourcentage de mémoire utilisée: 27% Mémoire physique - RAM - totale: 30641.23 MB Mémoire physique - RAM - disponible: 22218.73 MB Mémoire virtuelle totale: 35249.23 MB Mémoire virtuelle disponible: 24469.2 MB ==================== Lecteurs ================================ Drive a: (BACKUP GENESIS) (Fixed) (Total:931.51 GB) (Free:391.78 GB) NTFS Drive c: (Windows 10 Professional 64 bits) (Fixed) (Total:177.77 GB) (Free:89.89 GB) NTFS Drive d: (DOCUMENTS) (Fixed) (Total:25 GB) (Free:20.88 GB) NTFS Drive e: (DISCOTHEQUE) (Fixed) (Total:150 GB) (Free:86.89 GB) NTFS Drive f: (PHOTOTHEQUE) (Fixed) (Total:500 GB) (Free:441.18 GB) NTFS Drive g: (TELEVISIONS) (Fixed) (Total:99.96 GB) (Free:51.7 GB) NTFS Drive h: (BACKUP ACER SWIFT 3) (Fixed) (Total:465.76 GB) (Free:326.29 GB) NTFS \\?\Volume{f3fb2412-50a8-45ac-af73-fe4ba56ae5f9}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS \\?\Volume{1523fafd-f647-40c5-86a2-c2af9b338b89}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS \\?\Volume{22787e8a-ac92-42a4-aa0c-053d8d2e4bb5}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 1C160280) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Size: 953.9 GB) (Disk ID: 47AE6C50) Partition: GPT. ==================== Fin de Addition.txt =======================