Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01 Exécuté par provo (17-02-2022 19:16:14) Exécuté depuis C:\Users\provo\Desktop Microsoft Windows 11 Famille Version 21H2 22000.493 (X64) (2021-10-25 20:44:20) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-3877846697-1903612677-2616073484-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3877846697-1903612677-2616073484-503 - Limited - Disabled) Invité (S-1-5-21-3877846697-1903612677-2616073484-501 - Limited - Disabled) provo (S-1-5-21-3877846697-1903612677-2616073484-1001 - Administrator - Enabled) => C:\Users\provo WDAGUtilityAccount (S-1-5-21-3877846697-1903612677-2616073484-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe) Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_2_1) (Version: 24.2.1 - Adobe Inc.) Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_1) (Version: 21.1.1 - Adobe Systems Incorporated) Amazon Music (HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\...\Amazon Amazon Music) (Version: 7.8.3.2109 - Amazon Services LLC) ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.0.8 - ASUS) ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.8.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{a07ea84e-7b0b-457c-911f-85bf661fea5b}) (Version: 2.5.8.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.25 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{94267bd0-fa8a-4aa4-925d-ec3e0d130fba}) (Version: 1.1.25 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.02.11 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{a7e3981a-c2c6-4500-baa0-7ae652c5ed54}) (Version: 1.02.11 - ASUSTek COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden ASUS Framework Service (HKLM-x32\...\{0432b7d3-a0dd-4049-81e3-c052fdd269d5}) (Version: 2.0.0.11 - ASUSTek COMPUTER INC.) ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.0.11 - ASUSTek COMPUTER INC.) Hidden ASUS HID Control Service (HKLM\...\{0F2EECD1-9CCE-4907-8D9A-11629B0608CE}) (Version: 1.2.0 - ASUS) ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{52400cff-4628-4ca3-a922-3767b198c1fd}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.31 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{41fd1901-1c71-453a-b440-dbe756a2cdc6}) (Version: 1.0.31 - ASUSTeK Computer Inc.) Hidden ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{22477f71-11a8-4764-886a-20335ec9bc20}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden ASUS MultiAntenna Service (HKLM\...\{D90BF0DC-36BD-438F-A7CC-2C63C0A3A3FA}) (Version: 2.0.4 - ASUSTeK COMPUTER INC.) ASUS Promotion (HKLM\...\{10FE8E2F-7BDD-4430-8D63-3D3BA3F708D9}) (Version: 1.0.0 - ASUSTeK COMPUTER INC.) ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.67 - ASUSTeK Computer Inc.) Hidden ASUS_FRQ_Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.1.1 - ASUSTek COMPUTER INC.) AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS) AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS) AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.29 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{abff099e-96f5-4bf4-9c6e-6f435f9f6c55}) (Version: 3.05.29 - ASUSTeK Computer Inc.) Aurora 3D Text & Logo Maker version 12.09.26 (HKLM-x32\...\{4F6B6582-B9F6-42B2-AAFC-48E097D07837}_is1) (Version: 12.09.26 - Aurora3D Software) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira Operations GmbH & Co. KG) Hidden Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.38.1.15219 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.61.26762 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;) Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.15.0.11263 - Avira Operations GmbH & Co. KG) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) calibre 64bit (HKLM\...\{0133867D-8A58-4FFF-94C6-F8628F413334}) (Version: 5.23.0 - Kovid Goyal) Citra (HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\...\{470bbfde-df4f-4927-adfc-1c2427dac774}) (Version: 1.0.0 - Citra Team) CyberLink PhotoDirector 9 (HKLM-x32\...\{90BB14DB-2494-40fe-AE58-4930B3CFB4BD}) (Version: 9.0.2310.0 - CyberLink Corp.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1456 - Disc Soft Ltd) Étude pour l'amélioration du produit HP Deskjet 1510 series (HKLM\...\{4FC8905C-0B85-4A31-B30B-F3CD3917F7D6}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) GameFirst V (HKLM-x32\...\{6C9909F1-4703-4A1A-B2B2-CB305B54BB3C}) (Version: 5.0.24.1 - ASUSTeK COMPUTER INC.) Hidden GameFirst V (HKLM-x32\...\GameFirst V 5.0.24.1) (Version: 5.0.24.1 - ASUSTeK COMPUTER INC.) GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC) HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.) HP Deskjet 1510 series Aide (HKLM-x32\...\{00645C10-53C9-46DC-B7D0-6F7B006972E9}) (Version: 30.0.0 - Hewlett Packard) HP LaserJet Pro MFP M25-M27 (HKLM-x32\...\{6f61eb21-bed8-4110-99c0-df985ca05b33}) (Version: 15.0.16103.89 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPLJM25M27 (HKLM-x32\...\{1612D7B8-386E-4FAD-8059-0415F6918F36}) (Version: 0.00.0005 - Hewlett-Packard) Hidden HPLJUTCore (HKLM-x32\...\{06C9D648-CFC6-48CC-A11B-C4A21BEDDAF1}) (Version: 018.000.0001 - HP) Hidden HPLJUTM25_27 (HKLM-x32\...\{90CEE3E5-971D-4A2D-AF76-BC6B7F4DBEE8}) (Version: 020.000.0001 - HP) Hidden hppM25_M27LaserJetService (HKLM-x32\...\{ED85D11B-25FE-4389-8FF6-B02EAB672D8C}) (Version: 001.034.00693 - HP Inc.) Hidden hpStatusAlerts (HKLM-x32\...\{32DE03E8-D0B3-4D13-A885-D3EDFC959EEC}) (Version: 180.040.00267 - HP Development Company, L.P.) Hidden hpStatusAlertsM25-M27 (HKLM-x32\...\{42C49CAE-7225-41D0-9336-9A4FB163B26A}) (Version: 080.046.00114 - Hewlett-Packard) Hidden Huion Tablet v14.8.137.1273 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.137.1273 - ) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.37.15 - Tonec Inc.) Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation) Kobo (HKLM-x32\...\Kobo) (Version: 4.30.16653 - Rakuten Kobo Inc.) Logiciel de base du périphérique HP Deskjet 1510 series (HKLM\...\{54C00C25-16ED-4035-BAEC-1C5F9B83B113}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.55 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.50 - Microsoft Corporation) Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.14827.20158 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation) Microsoft Project - fr-fr (HKLM\...\ProjectProRetail - fr-fr) (Version: 16.0.14827.20158 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation) Microsoft Visio - fr-fr (HKLM\...\VisioProRetail - fr-fr) (Version: 16.0.14827.20158 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 97.0 (x64 fr)) (Version: 97.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 81.0.2 - Mozilla) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation) NVIDIA Pilote graphique 457.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.63 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden Package de pilotes Windows - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet) PDF-XChange Editor (HKLM\...\{AF434B25-E32D-4BBB-B8DB-3FFD1B95594E}) (Version: 8.0.333.0 - Tracker Software Products (Canada) Ltd.) RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.1.0 - ASUSTeK COMPUTER INC.) ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.3.10.0 - ASUSTek COMPUTER INC.) Slack (HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\...\slack) (Version: 4.23.0 - Slack Technologies Inc.) VideoFile ActiveX 3.4.1.5 (HKLM-x32\...\VideoFile ActiveX_is1) (Version: - VDec Company Ltd.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) VSDC Free Video Editor version 6.5.4.217 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.5.4.217 - Flash-Integro LLC) Web Companion (HKLM-x32\...\{383a5784-93a6-4b22-b8ba-85b04feaa4eb}) (Version: 8.9.0.371 - Lavasoft) WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) Packages: ========= ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.0.11.0_x64__qmba6cd70vzyy [2022-01-02] (ASUSTeK COMPUTER INC.) GameVisual -> C:\Program Files\WindowsApps\B9ECED6F.GameVisual_2.2.2.0_x64__qmba6cd70vzyy [2020-08-12] (ASUSTeK COMPUTER INC.) [Startup Task] HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-30] (HP Inc.) Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-10-15] (INTEL CORP) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad] MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy [2022-01-12] (ASUSTeK COMPUTER INC.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-25] (NVIDIA Corp.) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-03-16] (Adobe Systems Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.183.0_x64__dt26b99r8h8gj [2020-08-12] (Realtek Semiconductor Corp) Sonic Studio 3 -> C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.21.0_x64__w2gh52qy24etm [2022-01-28] (A-Volute) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0 [2022-02-04] (Spotify AB) [Startup Task] WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2202.12.0_x64__cv1g1gvanyjgm [2022-02-06] (WhatsApp Inc.) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3877846697-1903612677-2616073484-1001_Classes\CLSID\{5405618e-4c42-4fb9-a80a-d24d89911296}\localserver32 -> C:\Users\provo\AppData\Local\NhNotifSys\sonicstudio\asusns.exe (A-Volute SAS -> A-Volute) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-11-02] (Notepad++ -> ) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-11-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-11-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_3525035a46ed38b0\nvshext.dll [2021-02-01] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-11-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Fichier non signé] HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Fichier non signé] HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Fichier non signé] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Fichier non signé] HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [Fichier non signé] HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Fichier non signé] HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Fichier non signé] HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Fichier non signé] HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Fichier non signé] HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [Fichier non signé] HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Fichier non signé] HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Fichier non signé] HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Fichier non signé] HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Fichier non signé] HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [Fichier non signé] HKLM\...\Drivers32: [VIDC.VP80] => C:\Windows\SysWOW64\vp8vfw.dll [667648 2011-04-10] (Optima SC Inc.) [Fichier non signé] ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2020-07-08 16:42 - 2020-07-08 16:42 - 000477696 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node 2020-07-08 16:42 - 2020-07-08 16:42 - 000471040 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node 2020-07-14 16:16 - 2020-07-14 16:16 - 000454656 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node 2020-10-17 11:54 - 2019-12-23 17:51 - 000093184 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll 2020-10-17 11:54 - 2019-06-26 15:07 - 000094208 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\MacroControl.dll 2020-04-22 14:35 - 2020-04-22 14:35 - 000081920 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll 2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\LightingService\log4cxx.dll 2020-10-17 11:54 - 2019-10-24 10:15 - 002676736 _____ (ASUSTeK Computer Inc.) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll 2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [Fichier non signé] C:\WINDOWS\System32\hptcpmib.dll 2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [Fichier non signé] C:\WINDOWS\System32\HpTcpMon.dll 2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [Fichier non signé] C:\WINDOWS\System32\hpzjrd01.dll 2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [Fichier non signé] C:\WINDOWS\System32\HPTcpMUI.dll 2020-10-15 23:27 - 2020-10-15 23:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2020-10-15 23:27 - 2020-10-15 23:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll 2020-10-17 11:54 - 2019-06-26 15:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll 2020-10-17 11:54 - 2019-06-26 15:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll 2020-10-17 11:54 - 2019-07-31 13:48 - 000072704 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Protocol\Interrupt\InterruptTransfer.dll 2019-12-04 00:12 - 2019-12-04 00:12 - 000467456 _____ (TODO: ) [Fichier non signé] C:\Program Files\ASUS\Aac_Keyboard\AacKbHal_x86.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D101520-A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016 BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-05-28] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-10-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-05-28] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Python39\Scripts\;C:\Python39\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Calibre2\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\ProgramData\chocolatey\bin HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\Control Panel\Desktop\\Wallpaper -> E:\Incoming\mrio 3.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "TabletDriver" HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\...\StartupApproved\Run: => "Amazon Music Helper" HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3877846697-1903612677-2616073484-1001\...\StartupApproved\Run: => "IDMan" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{44514415-807A-49A5-BB0D-AB2AD824B5DD}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> ) FirewallRules: [{B957FEA5-72E7-473B-81CC-23ED294143CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{70AC3BDE-0CB8-4988-BA51-A386610B6FBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8B151BFC-19A4-41A5-8D21-D40C5B105BCD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9BD6555F-C618-4FF5-96CE-9C2A3764DC47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{723145A1-33B3-419F-BC5A-729DD00F6470}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{00317181-5CDE-4A27-BAD1-79946FDDF80A}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{92BC9C57-729B-44EB-886A-F41D0A57167D}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{4E5D432C-FE80-4817-82DC-9E982D667B17}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{FA018CE6-C1D2-42D2-A209-5849854EFFC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4E2B4ED6-2429-48FF-B8DB-7C595E5F6407}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DF852F6C-222A-4F37-BF25-52309E8420D0}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Jotun Technology Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{353D9781-C627-49FE-B985-5D5FCFFCDB12}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Jotun Technology Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{E478B5F3-83A3-430A-9255-22878DF31B10}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\GameFirst_V.exe (Jotun Technology Inc. -> ASUS) FirewallRules: [{00CD4F6B-8E8B-40A0-A53C-D21CC6D06F33}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{7A914C35-5C60-4060-9733-97293E0CF406}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{313B248A-C4AD-41E4-B0A3-C11DA063DB4E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{00F1EFC0-0E81-42F8-A2BC-6E2F3DA127CA}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC) FirewallRules: [{6B431EEC-2DE4-4EF1-A539-9F2213422770}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC) FirewallRules: [{118D5551-648F-4F4A-A9DA-90E806AC8AE8}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC) FirewallRules: [{FB88EF0C-B4A4-44C6-A095-F4FE1320D1F6}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC) FirewallRules: [{2CBEF84D-E78B-4778-9E9E-56501D0BF81F}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC) FirewallRules: [{6D277F8F-6EB5-45A7-9314-4B93E87DADAC}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC) FirewallRules: [{FB78369C-D044-4D61-8397-94F16AEBE0D0}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{127566EF-88C1-4D5E-B9C9-3945B7548F3F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{A01C957C-5AD7-40BE-BE5C-264698F5628F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{8E15A1FB-C73C-4734-8256-8C8C69CE5C2E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{34948D2F-7C21-4CB1-8E9D-1823B56EE5CC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9D4B4B39-E20A-4DC8-8BB5-68D625AEA880}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{05CB7C09-29CD-42C4-8C28-799534B60744}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{C2031963-3406-445E-AD65-2B80E3BBDEC9}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [TCP Query User{0EAC1731-0AE9-4E28-BD13-F6580A6EB034}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{7F69C15C-65A5-49BF-91DF-90232D1F8C90}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{817E54EE-F482-47B5-8A3B-736F869351C7}C:\users\provo\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\provo\appdata\local\citra\nightly-mingw\citra-qt.exe () [Fichier non signé] FirewallRules: [UDP Query User{EA25F177-7E93-4E36-B482-ABB3D4E1EF08}C:\users\provo\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\provo\appdata\local\citra\nightly-mingw\citra-qt.exe () [Fichier non signé] FirewallRules: [{1085313F-71BB-49B8-AEAE-F9D84D734E81}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M25-M27\bin\EWSProxy.exe (Hewlett Packard -> HP Inc., LP) FirewallRules: [{E4204951-6A07-42CC-8251-96F046C657E3}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M25-M27\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc., LP) FirewallRules: [{E27DC572-56EB-440E-B759-9B05E984FDC0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{934D40C8-606C-461E-BF33-8E438FE10116}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CA3BDDCC-6545-458C-A55C-5A4EFFB06BF7}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{37392DEB-E386-4186-B020-4CCDEF22DA6F}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{529BB2ED-2123-4292-ABE4-52BA8AE46983}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{B718858E-8345-495D-A792-8AC1E24B8D09}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{AC9330F0-1496-43D4-898F-064255A28C6C}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{D8C9256B-3237-4568-B708-9F1C3917B75E}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.0.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{EF2525CD-2DB2-401C-B4A3-2B7BA86B3A57}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{248002AF-9A1B-413C-9620-0CA7CD42D159}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1DF7B67A-2244-4B61-9F34-141D26917538}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C3E988BC-E54F-48B5-8FAD-7021CAB74EC7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22006.600.1133.7409_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EBA858A5-6ACC-4DA9-A14E-486980DE7124}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22006.600.1133.7409_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A2BAA008-C465-404F-9A29-299C8F2F773E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C0DBFF9F-95EE-44B8-843B-74C80E9B0F1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C11B523E-B422-4698-ACE3-C598E54CCC1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{398AD50F-8036-4991-9C36-D1D9D1885FD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DDB93FFB-4BB6-4C9E-8C59-119486DB7017}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{26DFC75C-C9E9-4610-B85C-AA41604539AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3A054074-0D99-4EFF-B471-B199CB5818D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{105356ED-D2FC-4D0E-8A04-7E082B88D71E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{10499A47-A79C-4F0D-A8E2-3D119A368DBE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{80DFDE5B-46E9-4ED2-BA7E-3CD182818DE5}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{A8E08B1D-E751-48B5-90AF-4D70C5E4B5B6}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{E2D7EA21-0C13-496D-A893-90A4276AD9F9}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{5C9D8637-D895-4A19-B91D-563BABBE2DAB}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{CC8189EB-B3EC-4100-9092-C0F195FCDF89}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_8c13dfd9a3013c06\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{D1EFC0D7-7397-4044-8AD6-6CEC5A2313C4}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{CCB996D0-CBC4-4810-8E52-1FCA82525C47}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{5F3E7533-DC15-42FB-B9F6-9702E9DA83B2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{75B0DB7D-30E8-480A-9B61-0043DBE2820C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BF7ACEEA-4433-4B22-874F-6CA000DC4E39}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A898A768-F98A-45DF-B3CF-339110705DA5}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> ) FirewallRules: [{C50E20DF-1DDC-4C23-AB94-A7C3DD43152E}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTEK COMPUTER INCORPORATION -> ) FirewallRules: [{28C7556E-1075-4214-8137-636F1CCDFF47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AA543B1A-990A-43E2-A961-5490F6C941FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1A80626B-0D44-43F8-8F4A-90B44859C362}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{38CC2C1A-4A86-44A8-99C9-98B9911CBFAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Points de restauration ========================= 31-01-2022 19:09:28 Point de contrôle planifié 12-02-2022 15:06:38 Programme d’installation pour les modules Windows ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (02/17/2022 06:52:42 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT) Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126). Error: (02/12/2022 04:13:11 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT) Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126). Error: (02/12/2022 04:13:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante HPLaserJetService.exe, version : 9.33.926.0, horodatage : 0x53aa5ec3 Nom du module défaillant : KERNELBASE.dll, version : 10.0.22000.434, horodatage : 0x78dc11b6 Code d’exception : 0xe0434352 Décalage d’erreur : 0x0013ec52 ID du processus défaillant : 0x11cc Heure de début de l’application défaillante : 0x01d8202305b0cad7 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : e001958c-18f3-43fd-948b-8b18cffb90b9 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/12/2022 04:13:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : HPLaserJetService.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.FormatException à System.Net.IPAddress.InternalParse(System.String, Boolean) à HPLaserJetService.HPDevice.AddressChangedCallback(System.Object, System.EventArgs) à System.Net.NetworkInformation.NetworkChange+AddressChangeListener.RunHandlerCallback(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à System.Net.NetworkInformation.NetworkChange+AddressChangeListener.AddressChangedCallback(System.Object, Boolean) à System.Threading._ThreadPoolWaitOrTimerCallback.PerformWaitOrTimerCallback(System.Object, Boolean) Error: (02/12/2022 04:12:26 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] Error: (02/12/2022 04:12:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Error: (02/12/2022 04:12:26 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] Error: (02/11/2022 12:47:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante AcrobatNotificationClient.exe, version : 0.0.0.0, horodatage : 0x5b98af46 Nom du module défaillant : combase.dll, version : 10.0.22000.282, horodatage : 0x201189d2 Code d’exception : 0xc000027b Décalage d’erreur : 0x00212761 ID du processus défaillant : 0x2ddc Heure de début de l’application défaillante : 0x01d816afcac40074 Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\combase.dll ID de rapport : 6c53fa19-cc9d-4540-8cf7-77f412873863 Nom complet du package défaillant : ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r ID de l’application relative au package défaillant : App Erreurs système: ============= Error: (02/17/2022 06:44:24 PM) (Source: Server) (EventID: 2505) (User: ) Description: Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{5607104A-CC1B-49A9-B2DF-9F503A66F9A1} car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer. Error: (02/16/2022 12:27:06 PM) (Source: Server) (EventID: 2505) (User: ) Description: Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{5607104A-CC1B-49A9-B2DF-9F503A66F9A1} car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer. Error: (02/16/2022 09:17:51 AM) (Source: Server) (EventID: 2505) (User: ) Description: Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{5607104A-CC1B-49A9-B2DF-9F503A66F9A1} car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer. Error: (02/13/2022 06:06:10 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-E467J4M3) Description: Le serveur microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (02/13/2022 06:06:09 AM) (Source: Server) (EventID: 2505) (User: ) Description: Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{5607104A-CC1B-49A9-B2DF-9F503A66F9A1} car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer. Error: (02/13/2022 02:34:12 AM) (Source: Server) (EventID: 2505) (User: ) Description: Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{5607104A-CC1B-49A9-B2DF-9F503A66F9A1} car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer. Error: (02/12/2022 11:02:17 PM) (Source: Server) (EventID: 2505) (User: ) Description: Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{5607104A-CC1B-49A9-B2DF-9F503A66F9A1} car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer. Error: (02/12/2022 07:30:41 PM) (Source: Server) (EventID: 2505) (User: ) Description: Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{5607104A-CC1B-49A9-B2DF-9F503A66F9A1} car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer. CodeIntegrity: =============== Date: 2022-01-24 14:31:17 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2021-12-18 09:16:16 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2147.16.0_x64__cv1g1gvanyjgm\app\WhatsApp.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.SonicStudio3\Modules\ScheduledModules\x64\AudioDevProps2.dll that did not meet the Microsoft signing level requirements. Date: 2021-12-11 20:06:47 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2144.11.0_x64__cv1g1gvanyjgm\app\WhatsApp.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.SonicStudio3\Modules\ScheduledModules\x64\AudioDevProps2.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. G531GT.308 02/01/2021 Carte mère: ASUSTeK COMPUTER INC. G531GT Processeur: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz Pourcentage de mémoire utilisée: 51% Mémoire physique - RAM - totale: 16236.06 MB Mémoire physique - RAM - disponible: 7895.79 MB Mémoire virtuelle totale: 24172.06 MB Mémoire virtuelle disponible: 11865.9 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:475.35 GB) (Free:348.71 GB) NTFS Drive e: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:794.66 GB) NTFS \\?\Volume{8732be61-5d6e-4f26-8043-a4896d971a97}\ (RECOVERY) (Fixed) (Total:1.32 GB) (Free:0.78 GB) NTFS \\?\Volume{c9fe83e9-7571-41b1-91d1-0c16daa4e27c}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 6DB8A2AC) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E883B75C) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================