Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 14-11-2021 Exécuté par Jack (23-11-2021 15:24:26) Exécuté depuis C:\Users\terre\Desktop Microsoft Windows 11 Famille Version 21H2 22000.348 (X64) (2021-07-05 02:37:57) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-3303177945-2155237167-1278099843-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3303177945-2155237167-1278099843-503 - Limited - Disabled) Invité (S-1-5-21-3303177945-2155237167-1278099843-501 - Limited - Disabled) Jack (S-1-5-21-3303177945-2155237167-1278099843-1001 - Administrator - Enabled) => C:\Users\terre WDAGUtilityAccount (S-1-5-21-3303177945-2155237167-1278099843-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-3303177945-2155237167-1278099843-1001\...\uTorrent) (Version: 3.5.5.46124 - BitTorrent Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe) Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_0) (Version: 23.0.0.36 - Adobe Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.10.2 - Advanced Micro Devices, Inc.) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation) Blue Iris 5 (HKLM\...\{554787D6-0E04-4FDC-8364-321890588742}) (Version: 5.5.2.3 - Perspective Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BorderMaker (HKLM-x32\...\BorderMaker) (Version: 5.0 - SEMANTICA) Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden Cessna 172 Bush Kit G1000 MSFS 2020 (HKLM\...\{68EA944E-99A9-46CD-9436-A0DDE89C22F1}) (Version: 2 - Rikoooo) Contrôle d’intégrité du PC Windows (HKLM\...\{8535D886-84D2-4580-8BC8-F2F7D75BE34B}) (Version: 2.3.2106.25001 - Microsoft Corporation) CSV Editor Pro (HKLM-x32\...\CSV Editor Pro) (Version: 21.0 - Gammadyne Corporation) Cumulus 1.9.4 (HKLM-x32\...\Cumulus_is1) (Version: - Sandaysoft) CyberLink PowerDVD 17 (HKLM-x32\...\{D15BFD7F-6BBA-49A7-A6B1-14C00DCA6842}) (Version: 17.0.1523.60 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DeviceManage (HKLM-x32\...\DeviceManage) (Version: - ) Documentation Manager (HKLM\...\{17C797EF-1D27-41CF-8A52-024F33A8A8FE}) (Version: 22.80.1.1 - Intel Corporation) Hidden Dragon 15 (HKLM-x32\...\{768AC460-237E-45B6-99B8-1DE6D0F391E8}) (Version: 15.00.000 - Nuance Communications Inc.) Easy Photo Scan (HKLM-x32\...\{99364024-626C-4BE1-89C8-2F207023497B}) (Version: 1.00.0018 - Seiko Epson Corporation) Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) Epson Printer Connection Checker (HKLM-x32\...\{C4D8E138-C67B-41D5-B493-F54BB72B43E0}) (Version: 3.3.0.0 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation) EPSON XP-520 Series Printer Uninstall (HKLM\...\EPSON XP-520 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) Everything 1.4.1.1009 (x64) (HKLM\...\Everything) (Version: 1.4.1.1009 - voidtools) FlyByWire Installer (HKU\S-1-5-21-3303177945-2155237167-1278099843-1001\...\fbw_installer) (Version: 1.2.0 - FlyByWire Simulations) Fokker D.21 1938-40 MSFS2020 (HKLM\...\{899D650D-309B-41BF-A045-534C0F4469AB}) (Version: 1 - Rikoooo) Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC) GraphWeather Version 2.0.321 (HKLM-x32\...\GraphWeather_is1) (Version: - Antoine Guilmard) Heredis 2021 (HKLM\...\Heredis 2021_is1) (Version: 21 - BSD Concept) Heredis 2022 (HKLM\...\Heredis 2022_is1) (Version: 22 - BSD Concept) Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden ImageScan_V1.06.133d7 (HKLM-x32\...\ImageScan) (Version: - ) Intel® Software Installer (HKLM-x32\...\{5ecf7030-5435-4120-8158-11bd7640aa90}) (Version: 22.80.1.1 - Intel Corporation) Hidden Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Logiciel de téléchargement pour Généatique 2021 (HKLM-x32\...\{782EC744-85CA-457B-9974-E8DA68E7AF95}_is1) (Version: - CDIP) Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes) Manuels EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation) MaskVPN (HKLM-x32\...\{4A4ACF2E-4A98-4D18-80E3-5A5E5706F81E}_is1) (Version: 1.1.0.31 - Global Media (Thailand) Co., Ltd) MegaPack Loire castle France MSFS 2020 (HKLM\...\{1AD3168F-186A-4C72-91A4-784784876488}) (Version: 1 - Rikoooo) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.29 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.29 - Microsoft Corporation) Microsoft Flight Simulator – DVD Content (HKLM-x32\...\{0EE844B4-4833-46AB-B307-75DBF52FC226}) (Version: 1.0.0.0 - Xbox Game Studios) Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.230.1107.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 94.0.1 (x64 fr)) (Version: 94.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0.2 - Mozilla) Multilizer PDF Translator (Build 10.3.2) (HKLM-x32\...\Multilizer PDF Translator_is1) (Version: - Rex Partners) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.3.6 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - Seiko Epson Corporation) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.5 - Notepad++ Team) Nuance PaperPort 14 (HKLM-x32\...\{14CB3B82-FBDC-4462-919E-86147983F09B}) (Version: 14.5.0000 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (HKLM-x32\...\{FC984E39-43D0-4AB2-ACC7-A7B87977B009}) (Version: 7.20.3274 - Nuance Communications, Inc.) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden PDF-XChange 2012 (HKLM\...\{504022CD-6A58-42D5-ACC9-966F695AAD93}_is1) (Version: 5.5.316.1 - Tracker Software Products Ltd) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: - Realtek) Renault CONNECT Toolbox (HKLM\...\{com.retail.toolbox.customer.renault.}}_is1) (Version: 3.2.14 - Renault) RyzenMasterSDK (HKLM\...\{589A596F-2C65-4AF7-B1C3-C8697B1F327A}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden Samsung DeX (HKLM-x32\...\{2EB6072C-55E0-4AA0-A851-A34A5D64F6C9}) (Version: 2.0.1.2 - Samsung Electronics Co., Ltd.) Hidden Samsung DeX (HKLM-x32\...\{3d6025db-b129-4813-84ac-91328af71882}) (Version: 2.0.1.2 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.) T.Flight Hotas drivers (HKLM-x32\...\{E08E6F77-E66C-47FC-8565-0AA3389D48C8}) (Version: 1.TFHT.2021 - Thrustmaster) Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Thorium 1.4.0 (HKU\S-1-5-21-3303177945-2155237167-1278099843-1001\...\13998dff-ad91-57f4-b530-aa7ad6d4fea5) (Version: 1.4.0 - EDRLab) Topaz Gigapixel AI (HKLM\...\Topaz Gigapixel AI 5.6.1) (Version: 5.6.1 - Topaz Labs LLC) Toulouse France MSFS2020 (HKLM\...\{28476768-A17A-4169-B1D7-D56E5A8D9AA4}) (Version: 5 - Rikoooo) Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.10.0 - Unified Intents AB) Update for Skype for Business 2016 (KB4493155) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{5376168B-3DBF-4B19-9F74-2ECBDC1BFB46}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4493155) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.STANDARD_{5376168B-3DBF-4B19-9F74-2ECBDC1BFB46}) (Version: - Microsoft) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) VMS (HKLM-x32\...\VMS) (Version: - ) VNC Server 6.7.4 (HKLM\...\{94AD1D1B-12BE-4AF5-8498-10EB22C9B0A7}) (Version: 6.7.4.43891 - RealVNC Ltd) Weather (HKLM-x32\...\Weather) (Version: 9.1.0A - Weather) Weather Display 10.37R Build 81 (HKLM-x32\...\Weather Display_is1) (Version: - ) WicReset version 5.60.0.0 (HKLM-x32\...\{20379D3A-321B-4830-96A6-37183B713AE8}_is1) (Version: 5.60.0.0 - WWW.WIC.SUPPORT) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH) WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) Packages: ========= Adobe Photoshop Express : éditeur d’images, ajustements, filtres, effets, bordures -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.5.381.0_x64__ynb6jyjzte8ga [2021-11-22] (Adobe Inc.) Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.82.0_x64__pwbj9vvecjh7j [2021-11-22] (Amazon Development Centre (London) Ltd) Any eBook Reader -> C:\Program Files\WindowsApps\30008NitroOfficeDVDApp.AnyeBookReader_2.0.0.0_x64__k9060n443y9rm [2021-11-22] (Nebula PDF Office & FileExt Apps) ASUS Business Manager -> C:\Program Files\WindowsApps\B9ECED6F.ASUSBusinessManager_3.0.14.0_x64__qmba6cd70vzyy [2021-11-22] (ASUSTeK COMPUTER INC.) AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.29.0_x64__dxp88312j1fgj [2021-11-22] (ICEpower) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-22] (Microsoft Corporation) McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy [2021-11-22] (McAfee LLC.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-22] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-22] (Microsoft Corporation) [MS Ad] Microsoft Flight Simulator -> C:\Program Files\WindowsApps\Microsoft.FlightSimulator_1.21.13.0_x64__8wekyb3d8bbwe [2021-11-19] (Microsoft Studios) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-22] (Microsoft Studios) [MS Ad] MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.29.0_x64__qmba6cd70vzyy [2021-11-22] (ASUSTeK COMPUTER INC.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.258.0_x64__dt26b99r8h8gj [2021-11-22] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0 [2021-11-22] (Spotify AB) [Startup Task] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3303177945-2155237167-1278099843-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [$PowerDVD] -> {E72C61D0-C453-42BA-84C9-88AEE3DEE676} => C:\ProgramData\CyberLink\PowerDVD17\OpenWith\PDVD_Shell64.dll [2017-03-21] (CyberLink Corp. -> CyberLink Corp.) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-08-21] (Notepad++ -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-23] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0003\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-10-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-23] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6_S-1-5-21-3303177945-2155237167-1278099843-1001: [UltraEdit] -> {b5eedee0-c06e-11cf-8c56-444553540000} => -> Pas de fichier ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [msacm.pspgru] => C:\Windows\SysWOW64\pspgru.acm [401920 2010-03-22] (Philips Austria GmbH - Speech Processing) [Fichier non signé] ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\terre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VMS\clean.lnk -> C:\Program Files (x86)\VMS\clean.bat () ShortcutWithArgument: C:\Users\terre\Documents\Neyrat\Devis Fibre\Google Photos.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ncmjhecbjeaamljdfahankockkkdmedg ShortcutWithArgument: C:\Users\terre\Desktop\Google Photos.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ncmjhecbjeaamljdfahankockkkdmedg ShortcutWithArgument: C:\Users\terre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Photos.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ncmjhecbjeaamljdfahankockkkdmedg ==================== Modules chargés (Avec liste blanche) ============= 2021-04-21 02:21 - 2021-04-21 02:21 - 000017920 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 003567616 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2019-09-10 07:15 - 2019-09-10 07:15 - 022228480 _____ () [Fichier non signé] C:\Program Files\Blue Iris 5\dhnetsdk.dll 2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [Fichier non signé] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll 2017-12-12 19:19 - 2017-12-12 19:19 - 011771392 _____ (HangZhou Hikvision Digital Technology Co.,Ltd) [Fichier non signé] C:\Program Files\Blue Iris 5\DS40xxSDK-X64.dll 2017-09-04 23:15 - 2017-09-04 23:15 - 004396032 _____ (Microsoft Corporation) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll 2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Fichier non signé] C:\WINDOWS\System32\enppmon.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000031744 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000039424 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000031232 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000415232 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000025088 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000025088 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000023552 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000532992 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 001455104 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 001227776 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000135680 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 006270976 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 006947328 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000740352 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000123392 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 001110528 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000326656 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 003798528 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000440832 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000054784 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 004255744 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000171520 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 001128448 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000206336 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000334336 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000133120 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000396800 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 102854656 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 005611008 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000463360 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000210432 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 002877440 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000056832 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000059392 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000267776 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000017408 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000017920 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000290816 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000336896 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000134144 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000106496 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000325120 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000045568 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2021-04-21 02:21 - 2021-04-21 02:21 - 000093184 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData\TEMP:FD9CE1F3 [274] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE SearchScopes: HKU\S-1-5-21-3303177945-2155237167-1278099843-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3303177945-2155237167-1278099843-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\x64\dgnriaie_x64.dll [2017-02-13] (Nuance Communications, Inc. -> Nuance Communications, Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-10-26] (Oracle America, Inc. -> Oracle Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-26] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDFViewer\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation) BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\dgnriaie.dll [2017-02-13] (Nuance Communications, Inc. -> Nuance Communications, Inc.) BHO-x32: Web Companion -> {9917296A-97CB-4836-B04E-F85DC27DDC34} -> C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionExtensionIE.dll => Pas de fichier BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adaware Ad Block -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Users\terre\AppData\Roaming\Lavasoft\Web Companion\Adblocker\AdblockPlus.dll => Pas de fichier Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3303177945-2155237167-1278099843-1001\...\localhost -> localhost ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-12-07 10:14 - 2021-10-26 18:02 - 000001321 ____R C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 www.aomeitech.com 127.0.0.1 liveupdate.acronis.com 127.0.0.1 activation.acronis.com 127.0.0.1 web-api-tih.acronis.com 127.0.0.1 download.acronis.com 127.0.0.1 orders.acronis.com 127.0.0.1 ns1.acronis.com 127.0.0.1 ns2.acronis.com 127.0.0.1 ns3.acronis.com 127.0.0.1 account.acronis.com 127.0.0.1 gateway.acronis.com 127.0.0.1 topazlabs.com 127.0.0.1 et.topazlabs.com 127.0.0.1 104.22.33.115 127.0.0.1 172.67.37.186 2021-07-03 22:31 - 2021-07-03 22:36 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared HKU\S-1-5-21-3303177945-2155237167-1278099843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\terre\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "EPPCCMON" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "ISUSPM" HKLM\...\StartupApproved\Run32: => "EEventManager" HKLM\...\StartupApproved\Run32: => "PPort14reminder" HKLM\...\StartupApproved\Run32: => "IndexSearch" HKLM\...\StartupApproved\Run32: => "PaperPort PTD" HKLM\...\StartupApproved\Run32: => "PDFProHook" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "DNS7reminder" HKU\S-1-5-21-3303177945-2155237167-1278099843-1001\...\StartupApproved\Run: => "ISUSPM" HKU\S-1-5-21-3303177945-2155237167-1278099843-1001\...\StartupApproved\Run: => "Unified Remote V3" HKU\S-1-5-21-3303177945-2155237167-1278099843-1001\...\StartupApproved\Run: => "ut" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{B0C00B40-459E-4206-9A96-49997F8EA526}C:\program files (x86)\vms\vms.exe] => (Allow) C:\program files (x86)\vms\vms.exe () [Fichier non signé] FirewallRules: [TCP Query User{E9259E44-33AE-41A2-99D9-7AC3EC4EB292}C:\program files (x86)\vms\vms.exe] => (Allow) C:\program files (x86)\vms\vms.exe () [Fichier non signé] FirewallRules: [UDP Query User{A039C9B2-37B5-420F-AFC7-35DA0D13E4FA}D:\heredis 2021\heredis21.exe] => (Allow) D:\heredis 2021\heredis21.exe (HEREDIS S.C.O.P -> Heredis) FirewallRules: [TCP Query User{1F0E6A58-2CFE-4DAE-A933-64CEC9BEDC56}D:\heredis 2021\heredis21.exe] => (Allow) D:\heredis 2021\heredis21.exe (HEREDIS S.C.O.P -> Heredis) FirewallRules: [UDP Query User{45C55C7A-FBC7-4B5F-9B3A-D21AB4842B8A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [TCP Query User{A07BC12A-AE7E-449F-9284-A059D85C177C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{3AFF5505-50C6-4875-8D93-D08AB583C31A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{51986D33-BA05-48A8-BA20-CCACEA4791BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{3CC214E6-18B6-42C7-90F2-41A4290DA860}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB) FirewallRules: [{54A34874-65CF-4DCF-851C-4562A99064C9}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB) FirewallRules: [{5D64CEFC-3EDB-4F54-ADC5-18D87DA843F5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{23B113E7-3F2A-4496-A30A-6207DF8E2666}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\Kernel\DMS\CLMSServerPDVD17.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{D0805FD3-CA8F-426D-A4D0-56AD2AECE71C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\PowerDVD17Agent.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{DAF6F9C0-45D4-4670-98E5-5C046053C3BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{5E30DF65-8EA5-4BFD-9ACE-6A59EC283B30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{6B4F24FC-882A-4C3D-8A8C-85D212F7E7DF}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) FirewallRules: [{0D556DCD-AE4D-4E7C-975C-2D4D497363AF}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) FirewallRules: [{A8B2EA9C-D7ED-4044-8CEF-4C19674EADB9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5D038334-41AE-4E75-8D3C-AD24D8A1A079}] => (Allow) LPort=2869 FirewallRules: [{5EBD2E4B-308E-4FF8-AB51-2ABDDF4A313C}] => (Allow) LPort=1900 FirewallRules: [{D7A162C8-39F5-4D09-8048-6E892F211BB0}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC Ltd) FirewallRules: [{730F651D-FEDE-43B3-911B-9DA63ED82E83}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC Ltd) FirewallRules: [TCP Query User{05AABDE9-ED88-45AC-8408-9AC29DA41B77}C:\program files (x86)\bsd concept\heredis 2022\heredis22.exe] => (Allow) C:\program files (x86)\bsd concept\heredis 2022\heredis22.exe (HEREDIS S.C.O.P -> Heredis) [Fichier non signé] FirewallRules: [UDP Query User{4789B8BD-1BB1-4197-9B74-7D83F516448A}C:\program files (x86)\bsd concept\heredis 2022\heredis22.exe] => (Allow) C:\program files (x86)\bsd concept\heredis 2022\heredis22.exe (HEREDIS S.C.O.P -> Heredis) [Fichier non signé] FirewallRules: [{FB906333-E019-40FC-97F0-DD925BB46CF6}] => (Allow) C:\Program Files (x86)\CSV Editor Pro\csvedit.exe (Gammadyne Corporation -> Gammadyne Corporation) FirewallRules: [{B017E9F0-6377-4096-AEE9-70141136F297}] => (Allow) C:\Program Files (x86)\CSV Editor Pro\csvedit.exe (Gammadyne Corporation -> Gammadyne Corporation) FirewallRules: [TCP Query User{39FC7487-EAB4-4824-846C-14B7B711666D}C:\users\terre\appdata\local\programs\edrlab.thoriumreader\thorium.exe] => (Allow) C:\users\terre\appdata\local\programs\edrlab.thoriumreader\thorium.exe (EDRLab) [Fichier non signé] FirewallRules: [UDP Query User{D89D92D6-7177-4C59-AD77-C463970EC0A4}C:\users\terre\appdata\local\programs\edrlab.thoriumreader\thorium.exe] => (Allow) C:\users\terre\appdata\local\programs\edrlab.thoriumreader\thorium.exe (EDRLab) [Fichier non signé] FirewallRules: [{98E32C55-1772-4106-A528-6DE7A10CB658}] => (Allow) C:\Program Files\Topaz Labs LLC\Topaz Gigapixel AI\Topaz Gigapixel AI.exe (Topaz Labs, LLC -> ) FirewallRules: [{C76460B8-59A7-43E1-AA16-3CB7779400CA}] => (Allow) C:\Program Files\Topaz Labs LLC\Topaz Gigapixel AI\Topaz Gigapixel AI.exe (Topaz Labs, LLC -> ) FirewallRules: [{18379584-E3CB-4211-B3BE-D4DD705800DB}] => (Block) C:\Program Files\Topaz Labs LLC\Topaz Gigapixel AI\Topaz Gigapixel AI.exe (Topaz Labs, LLC -> ) FirewallRules: [{DD842B5A-56D9-4D56-9FF5-BAD7FF1E7297}] => (Block) C:\Program Files\Topaz Labs LLC\Topaz Gigapixel AI\Topaz Gigapixel AI.exe (Topaz Labs, LLC -> ) FirewallRules: [{7BDE8A81-5913-4D3A-881F-CC7C3FC4C327}] => (Allow) C:\wdisplay\WeatherD.exe (Weather Display) [Fichier non signé] FirewallRules: [{46C408FA-9555-4F60-98EB-646130BC78A1}] => (Allow) C:\wdisplay\WeatherD.exe (Weather Display) [Fichier non signé] FirewallRules: [{1D64474C-2531-4A7A-91E1-769B258A426C}] => (Allow) C:\wdisplay\WeatherD.exe (Weather Display) [Fichier non signé] FirewallRules: [{D3BA0D82-6A71-4EF5-ADE0-0E201C96D0A0}] => (Allow) C:\wdisplay\WeatherD.exe (Weather Display) [Fichier non signé] FirewallRules: [{5A3C866D-D208-46D6-A498-1377B761A24D}] => (Allow) C:\wdisplay\WeatherD.exe (Weather Display) [Fichier non signé] FirewallRules: [{B244C018-A89E-47ED-A9E4-5484F7E17297}] => (Allow) C:\wdisplay\WeatherD.exe (Weather Display) [Fichier non signé] FirewallRules: [{5C40F105-07C6-4AF8-9475-700B1D858E47}] => (Allow) C:\wdisplay\WeatherD.exe (Weather Display) [Fichier non signé] FirewallRules: [TCP Query User{B88E2020-EDAD-4D9D-AC97-06A5B4FD1534}G:\graphweather\graphweather.exe] => (Allow) G:\graphweather\graphweather.exe => Pas de fichier FirewallRules: [UDP Query User{16295B04-7085-4811-BE5E-7D92723B8B04}G:\graphweather\graphweather.exe] => (Allow) G:\graphweather\graphweather.exe => Pas de fichier FirewallRules: [TCP Query User{8B6D303A-B43D-4BEC-87F8-280CCA280E56}C:\program files (x86)\graphweather\graphweather.exe] => (Allow) C:\program files (x86)\graphweather\graphweather.exe () [Fichier non signé] FirewallRules: [UDP Query User{3CC99A66-64DE-4E38-97FB-8BF24AFD8112}C:\program files (x86)\graphweather\graphweather.exe] => (Allow) C:\program files (x86)\graphweather\graphweather.exe () [Fichier non signé] FirewallRules: [TCP Query User{ACE9CBC2-24AE-464B-BC08-847984D92D58}D:\graphweather\graphweather.exe] => (Allow) D:\graphweather\graphweather.exe () [Fichier non signé] FirewallRules: [UDP Query User{F0389221-48F1-4E38-ABE0-0D9EF5948DA8}D:\graphweather\graphweather.exe] => (Allow) D:\graphweather\graphweather.exe () [Fichier non signé] FirewallRules: [TCP Query User{53E1453E-71D1-453A-956D-2EA94594CC86}D:6\flightsimulator.exe] => (Allow) D:6\flightsimulator.exe => Pas de fichier FirewallRules: [UDP Query User{4EFA11D9-F85F-4770-8031-E166371DDB68}D:6\flightsimulator.exe] => (Allow) D:6\flightsimulator.exe => Pas de fichier FirewallRules: [{97C5CF12-F76A-4A86-B705-C09DC849FB41}] => (Allow) C:\Program Files (x86)\Geneatique2020\Geneatique.exe => Pas de fichier FirewallRules: [{57235C33-D97D-4B45-B0F1-44AD37470DA3}] => (Allow) C:\Program Files (x86)\Geneatique2020\Geneatique.exe => Pas de fichier FirewallRules: [{974A3656-A596-4927-99F8-F4040F4C0041}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{92CA5F8A-AA05-4B21-9DA5-A7903E2BCE47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9B58AD93-7E60-4BE6-BBB1-6EF9D7FB177A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{60C49F4A-E572-4248-A5D0-DBF23E1BB985}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{AC3EE416-0129-41C3-A153-7B2557786607}C:\program files\blue iris 5\blueiris.exe] => (Allow) C:\program files\blue iris 5\blueiris.exe (Perspective Software -> Perspective Software) FirewallRules: [UDP Query User{79513DDA-9523-4CE3-BFCB-4A63B6FDCA55}C:\program files\blue iris 5\blueiris.exe] => (Allow) C:\program files\blue iris 5\blueiris.exe (Perspective Software -> Perspective Software) FirewallRules: [TCP Query User{3B79C02D-A6BC-490F-85FE-06B955F418E7}C:\program files\blue iris 4\blueiris.exe] => (Allow) C:\program files\blue iris 4\blueiris.exe => Pas de fichier FirewallRules: [UDP Query User{749FBA7F-1362-41EB-9DD8-774406EB6DEA}C:\program files\blue iris 4\blueiris.exe] => (Allow) C:\program files\blue iris 4\blueiris.exe => Pas de fichier FirewallRules: [{5809C7D3-E864-4367-9686-F8CCE90C6FAD}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DF6F55F2-E50A-4B31-B0C8-D09105D799FE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3DDB3378-7548-416F-ACB5-A9991BE3AD0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E4DF8FFD-6453-4197-9F7B-D18083D0A516}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{84E50F11-26B0-4A5E-9AF5-0993F622210B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FD58C631-D1FA-4829-AC57-3BA8CC314D5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BEF7C16F-8708-4940-B4C5-94EECC35647B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1652607F-8FB5-4249-8D02-3DBA5D262E2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4A66A310-223A-4397-B394-C1D3B0CD35EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B8C2738A-57FE-48FA-836E-E5728DBFEED3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E1CEF0EE-1563-4CDC-B79E-FB87EB66EE60}] => (Block) %USERPROFILE%\Desktop\HitmanPro Alert 3.8.18 Build 921 Win x32x64 Multi Préactivé\HitmanPro Alert 3.8.18 Build 921.exe => Pas de fichier FirewallRules: [{8CC11EE0-9AAC-4D2E-8821-47DA72E8BF56}] => (Block) %USERPROFILE%\Desktop\HitmanPro Alert 3.8.18 Build 921 Win x32x64 Multi Préactivé\HitmanPro Alert 3.8.18 Build 921.exe => Pas de fichier FirewallRules: [{2FC3CB19-DF01-4683-A78E-8A3A2D969D4E}] => (Allow) C:\Users\terre\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{70FCF91D-8CFB-404F-AD9B-E7CFE9A8CABF}] => (Allow) C:\Users\terre\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{7BCD9DAA-53E2-447F-9A35-E706457E3275}C:\program files (x86)\devicemanage\devicemanage.exe] => (Allow) C:\program files (x86)\devicemanage\devicemanage.exe () [Fichier non signé] FirewallRules: [UDP Query User{3C524D53-D76F-45B2-BB48-5AA4EA2ADAF2}C:\program files (x86)\devicemanage\devicemanage.exe] => (Allow) C:\program files (x86)\devicemanage\devicemanage.exe () [Fichier non signé] FirewallRules: [{82258A08-CFF8-4F34-BEC2-7B33E6A5FE9F}] => (Allow) C:\Program Files (x86)\Multilizer\MultilizerPDFTranslator\PDFTRanslationWizard.exe () [Fichier non signé] FirewallRules: [{B8FCEF78-30D1-40A5-A0B1-769D2E8A926D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{1548C257-DABD-4C2F-9B99-4E6EC853A0DE}] => (Allow) C:\Program Files (x86)\Multilizer\MultilizerPDFTranslator\PDFTRanslationWizard.exe () [Fichier non signé] FirewallRules: [{75D5F5EA-5DBB-4923-AA6A-525F19692630}] => (Allow) C:\Program Files (x86)\Multilizer\MultilizerPDFTranslator\PDFTRanslationWizard.exe () [Fichier non signé] FirewallRules: [{DCAF0D51-49AE-4542-B676-139FFD660BD8}] => (Allow) C:\Program Files (x86)\Multilizer\MultilizerPDFTranslator\PDFTRanslationWizard.exe () [Fichier non signé] FirewallRules: [{11ED6A1D-3824-45F5-96F2-45DE4E8E0956}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DA381444-4E3B-48EE-8885-D02F8B425237}] => (Allow) C:\Program Files (x86)\MaskVPN\mask_svc.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) FirewallRules: [{8A016A81-9C59-49D3-9547-CA29E008D407}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPN.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) FirewallRules: [{48171FE5-2192-48A7-8299-BA9A942F7754}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPNUpdate.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) FirewallRules: [{D9B832E4-8DEC-4600-93E5-5DA41E92B01B}] => (Allow) C:\Program Files (x86)\MaskVPN\tunnle.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) FirewallRules: [TCP Query User{3FE5CA56-52DD-4D8A-B31B-3D726D73D869}C:\users\terre\appdata\local\temp\jg4_4jaa.exe] => (Block) C:\users\terre\appdata\local\temp\jg4_4jaa.exe => Pas de fichier FirewallRules: [UDP Query User{2ACBFAB7-9D47-49F5-99B5-6876814F458E}C:\users\terre\appdata\local\temp\jg4_4jaa.exe] => (Block) C:\users\terre\appdata\local\temp\jg4_4jaa.exe => Pas de fichier FirewallRules: [{080866B4-15FE-46D8-B155-98E064205CE8}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0bc4d1cbbe22f0db\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{89B162F3-4CF5-4E95-9461-AB406316FF35}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0bc4d1cbbe22f0db\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{688F3929-5023-4417-B84A-3E1CFF7543CE}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0bc4d1cbbe22f0db\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [TCP Query User{66B2E6B6-F7FC-453C-89E5-6DDD9E697D03}D:\graphweather\graphweather.exe] => (Allow) D:\graphweather\graphweather.exe () [Fichier non signé] FirewallRules: [UDP Query User{9286C569-40ED-4AB3-90CB-E4D453509E93}D:\graphweather\graphweather.exe] => (Allow) D:\graphweather\graphweather.exe () [Fichier non signé] ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (11/23/2021 12:16:54 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme dllhost.exe version 10.0.22000.1 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 374c Heure de début : 01d7e0577f636951 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\SysWOW64\dllhost.exe ID de rapport : 594bf802-dd07-4fa9-93eb-35e5fdb01b56 Nom complet du package défectueux : Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c ID de l'application relative à un package défectueux : App Type de blocage : Quiesce Error: (11/23/2021 11:46:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante cpumetricsserver.exe, version : 10.1.2.1884, horodatage : 0x615c7dd8 Nom du module défaillant : cpumetricsserver.exe, version : 10.1.2.1884, horodatage : 0x615c7dd8 Code d’exception : 0xc0000409 Décalage d’erreur : 0x00000000000076bc ID du processus défaillant : 0x940 Heure de début de l’application défaillante : 0x01d7e0576800ae66 Chemin d’accès de l’application défaillante : C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe Chemin d’accès du module défaillant: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe ID de rapport : e4be75f6-2988-4d81-a77e-49fb8bda2b05 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (11/23/2021 11:17:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante cpumetricsserver.exe, version : 10.1.2.1884, horodatage : 0x615c7dd8 Nom du module défaillant : cpumetricsserver.exe, version : 10.1.2.1884, horodatage : 0x615c7dd8 Code d’exception : 0xc0000409 Décalage d’erreur : 0x00000000000076bc ID du processus défaillant : 0x1efc Heure de début de l’application défaillante : 0x01d7e053457f83f9 Chemin d’accès de l’application défaillante : C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe Chemin d’accès du module défaillant: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe ID de rapport : eec198ea-8858-48ea-bf6a-e34c244a280f Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (11/22/2021 11:50:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante cpumetricsserver.exe, version : 10.1.2.1884, horodatage : 0x615c7dd8 Nom du module défaillant : cpumetricsserver.exe, version : 10.1.2.1884, horodatage : 0x615c7dd8 Code d’exception : 0xc0000409 Décalage d’erreur : 0x00000000000076bc ID du processus défaillant : 0x2f64 Heure de début de l’application défaillante : 0x01d7dff3668f89cc Chemin d’accès de l’application défaillante : C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe Chemin d’accès du module défaillant: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe ID de rapport : c9e55ccc-df3e-461a-b0cc-ac126d8af007 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (11/22/2021 11:50:26 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3908,R,98) SRUJet: L’erreur -1811 (0xfffff8ed) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\SRU\SRU0ADBA.log. Error: (11/22/2021 06:45:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname DESKTOP-MDGG33U.local already in use; will try DESKTOP-MDGG33U-2.local instead Error: (11/22/2021 06:45:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-MDGG33U.local. Addr 192.168.1.38 Error: (11/22/2021 06:45:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.41:5353 16 DESKTOP-MDGG33U.local. AAAA FE80:0000:0000:0000:F476:DBF2:2DCC:AF4F Erreurs système: ============= Error: (11/23/2021 02:58:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Adobe Genuine Software Integrity Service s’est terminé de façon inattendue pour la 1ème fois. Error: (11/23/2021 11:44:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service DCIService n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (11/23/2021 11:44:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service AMDRyzenMasterDriverV17 n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (11/23/2021 11:43:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue. Chemin d’accès du module : C:\WINDOWS\system32\IntelIHVRouter06.dll Error: (11/23/2021 11:43:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue. Chemin d’accès du module : C:\WINDOWS\system32\IntelIHVRouter06.dll Error: (11/23/2021 11:17:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Adobe Genuine Monitor Service s’est terminé de façon inattendue pour la 1ème fois. Error: (11/23/2021 11:17:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Dragon Service s’est terminé de façon inattendue pour la 1ème fois. Error: (11/23/2021 11:17:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service CredentialEnrollmentManagerUserSvc_7b54c s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service. Windows Defender: ================ Date: 2021-11-23 00:00:01 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/AdUpdater!MSR&threatid=314081&enterprise=0 Nom : Adware:Win32/AdUpdater!MSR ID : 314081 Gravité : Élevée Catégorie : Logiciel de publicité Chemin : file:_C:\Program Files (x86)\AW Manager\Windows Manager\Windows Updater.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : AUTORITE NT\Système Nom du processus : C:\Windows\System32\svchost.exe Version de la veille de sécurité : AV: 1.353.1409.0, AS: 1.353.1409.0, NIS: 1.353.1409.0 Version du moteur : AM: 1.1.18700.4, NIS: 1.1.18700.4 ਍ Date: 2021-11-22 18:15:28 Description: N/A Date: 2021-11-22 18:05:02 Description: N/A Date: 2021-11-22 17:36:03 Description: N/A Date: 2021-11-22 17:34:03 Description: N/A Event[0] Date: 2021-11-22 23:50:31 Description: Antivirus Microsoft Defender a rencontré une erreur lors du chargement de la veille de sécurité et va tenter de rétablir une version approprié. Veille de sécurité tentée : Actuelle Code d’erreur : 0x80070003 Description de l’erreur : Le chemin d’accès spécifié est introuvable. Version de la veille de sécurité : 0.0.0.0;0.0.0.0 Version du moteur : 0.0.0.0 ਍ CodeIntegrity: =============== Date: 2021-11-23 11:44:38 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ਍ ==================== Infos Mémoire =========================== BIOS: ASUSTeK COMPUTER INC. V241DA.303 10/04/2021 Carte mère: ASUSTeK COMPUTER INC. V241DA Processeur: AMD Ryzen 7 3700U with Radeon Vega Mobile Gfx Pourcentage de mémoire utilisée: 36% Mémoire physique - RAM - totale: 14283.27 MB Mémoire physique - RAM - disponible: 9060.86 MB Mémoire virtuelle totale: 23459.27 MB Mémoire virtuelle disponible: 16824 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:237.32 GB) (Free:116.8 GB) NTFS Drive d: (DATA) (Fixed) (Total:451.85 GB) (Free:263.05 GB) NTFS Drive e: (SAUVEGARDE) (Fixed) (Total:479.09 GB) (Free:386.28 GB) NTFS Drive f: (MFS DISK 1) (CDROM) (Total:7.95 GB) (Free:0 GB) UDF \\?\Volume{cbe0613e-726e-46c5-b772-49ae3c5d0810}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS \\?\Volume{8bd2e15e-8d46-4550-9782-abb0f5a20c0b}\ (RECOVERY) (Fixed) (Total:0.88 GB) (Free:0.38 GB) NTFS \\?\Volume{94cf1c64-4dae-d97b-ffd3-6b28316fc000}\ () (Fixed) (Total:1.16 GB) (Free:0 GB) NTFS \\?\Volume{fe21b566-804a-40ac-99dd-19b9622d4f54}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 51063977) Partition: GPT. ========================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: 78522A29) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 2. ==================== Fin de Addition.txt =======================