Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 08-03-2022 Exécuté par wakan (10-03-2022 10:30:18) Exécuté depuis C:\Users\wakan\Downloads Microsoft Windows 10 Famille Version 20H2 19042.1586 (X64) (2021-11-13 14:34:52) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-1630995361-4188115499-996566064-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1630995361-4188115499-996566064-503 - Limited - Disabled) Invité (S-1-5-21-1630995361-4188115499-996566064-501 - Limited - Disabled) wakan (S-1-5-21-1630995361-4188115499-996566064-1001 - Administrator - Enabled) => C:\Users\wakan WDAGUtilityAccount (S-1-5-21-1630995361-4188115499-996566064-504 - Limited - Disabled) zaite (S-1-5-21-1630995361-4188115499-996566064-1002 - Limited - Enabled) => C:\Users\zaite ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe) Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_10) (Version: 13.0.10 - Adobe Inc.) Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_1) (Version: 23.2.1.303 - Adobe Inc.) Apache NetBeans IDE 12.6 (HKLM\...\nbi-nb-all-12.6.0.0.211122) (Version: 12.6 - Apache NetBeans) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) Avast Antivirus Gratuit (HKLM\...\Avast Antivirus) (Version: 22.2.6003 - Avast Software) BitTorrent (HKU\S-1-5-21-1630995361-4188115499-996566064-1001\...\BitTorrent) (Version: 7.10.5.46097 - BitTorrent Inc.) Blackmagic RAW Common Components (HKLM\...\{C569CAEE-D0BF-45DE-833E-E97988B5CB8B}) (Version: 1.8 - Blackmagic Design) Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) Bravely Default II (HKLM-x32\...\Bravely Default II_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.90 - Piriform) ClickOnce Bootstrapper Package for Microsoft .NET Framework 4.8 on Visual Studio 2017 (HKLM-x32\...\{7556B2FA-6364-47EE-901D-12B23F78F382}) (Version: 4.8.04162 - Microsoft Corporation) Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1762 - Disc Soft Ltd) Discord (HKU\S-1-5-21-1630995361-4188115499-996566064-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.) Discord (HKU\S-1-5-21-1630995361-4188115499-996566064-1002\...\Discord) (Version: 1.0.9003 - Discord Inc.) draw.io 16.0.0 (HKLM\...\27a75bf3-be48-5c35-934f-8491cf108abe) (Version: 16.0.0 - JGraph) ENE RGB HAL (HKLM\...\{89FE0EE6-082A-4F34-825F-690821CE1740}) (Version: 1.00.14 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{543a34bd-9582-4e0f-a351-c999aa780e20}) (Version: 1.00.14 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.9 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{bee27b2f-e41b-4dd1-9c1d-fddb3c155727}) (Version: 1.0.3.9 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{d6c7bfc9-8ecb-45a5-967b-f1c3c04cc972}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Final Fantasy VII: Remake (HKLM-x32\...\Final Fantasy VII: Remake_is1) (Version: - ) FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.15.4.0 - miHoYo Co.,Ltd) Git (HKU\S-1-5-21-1630995361-4188115499-996566064-1002\...\Git_is1) (Version: 2.34.1 - The Git Development Community) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.51 - Google LLC) Helm (HKLM\...\{971514BD-7CC3-414F-9258-B79E6D53EC46}) (Version: 0.9.0.0 - Matt Tytel) Intel(R) Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel(R) Corporation) Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation) Intel(R) Graphics Driver Software (HKLM-x32\...\{ed8a48d8-7f70-4dcd-b524-163792643281}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.8.0.1065 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation) Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation) Java(TM) SE Development Kit 17 (64-bit) (HKLM\...\{7111A3FA-CDA7-58DA-874C-94AAB58DCF67}) (Version: 17.0.0.0 - Oracle Corporation) Java(TM) SE Development Kit 17.0.2 (64-bit) (HKLM\...\{65BA81E7-0238-5B54-9069-A59610247B0B}) (Version: 17.0.2.0 - Oracle Corporation) K-Lite Codec Pack 16.4.6 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.4.6 - KLCP) KMSauto.net (HKLM-x32\...\{6A2B3E01-92B9-4E14-A6A4-59AD5F9479FF}) (Version: 1.0.0 - KMSauto.net) Laragon 5.0.0 (HKU\S-1-5-21-1630995361-4188115499-996566064-1002\...\Laragon_is1) (Version: 5.0.0.210523 - leokhoa) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LDPlayer (HKLM-x32\...\LDPlayer4) (Version: 4.0.76 - XUANZHI INTERNATIONAL CO., LIMITED) LDPlayer (HKLM-x32\...\LDPlayer64) (Version: 4.0.76 - XUANZHI INTERNATIONAL CO., LIMITED) MediaHuman YouTube to MP3 Converter 3.9.9.69 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.69 - MediaHuman) MEmu (HKLM-x32\...\MEmu) (Version: 7.6.5.0 - Microvirt Software Technology Co. Ltd.) Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Microsoft .NET Framework 4.8 Targeting Pack (ENU) (HKLM-x32\...\{A4EA9EE5-7CFF-4C5F-B159-B9B4E5D2BDE2}) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.36 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.36 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Volume - en-us) (Version: 16.0.10383.20027 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - fr-fr (HKLM\...\ProPlus2019Volume - fr-fr) (Version: 16.0.10383.20027 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1630995361-4188115499-996566064-1001\...\OneDriveSetup.exe) (Version: 22.022.0130.0001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1630995361-4188115499-996566064-1002\...\OneDriveSetup.exe) (Version: 22.022.0130.0001 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1630995361-4188115499-996566064-1002\...\Teams) (Version: 1.4.00.35564 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1630995361-4188115499-996566064-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.63.2 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1630995361-4188115499-996566064-1002\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.63.2 - Microsoft Corporation) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 95.0.2 (x64 fr)) (Version: 95.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0 - Mozilla) MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.150.10.6302 - BlueStack Systems, Inc.) MSI NBFoundation Service (HKLM-x32\...\{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI) Hidden MSI NBFoundation Service (HKLM-x32\...\InstallShield_{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2111.1501 - MSI) MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI) MTG Arena (HKLM\...\{388E784F-2128-4BA8-8449-0A2241163B47}) (Version: 0.1.4008 - Wizards of the Coast) MuMu Player (HKLM\...\Nemu) (Version: 2.6.13.0 - Netease) MySQL Installer - Community (HKLM-x32\...\{7AFBC3D1-9FA6-4DBF-93AB-5B5BC97C7717}) (Version: 1.6.1.0 - Oracle Corporation) MySQL Server 8.0 (HKLM\...\{AA7D2F66-AAB9-4634-BA16-FA9BD822921B}) (Version: 8.0.28 - Oracle Corporation) MySQL Workbench 8.0 CE (HKLM\...\{825E2861-F5B4-4A5A-A3B4-6AA27EEBF499}) (Version: 8.0.28 - Oracle Corporation) Netmarble Launcher 0.1.99 (HKLM\...\ebab0fa0-3e67-5055-898a-0b6ee5815a99) (Version: 0.1.99 - Netmarble corporation) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.5 - Notepad++ Team) NoxPlayer (HKLM-x32\...\Nox) (Version: 7.0.2.1 - Duodian Technology Co. Ltd.) NVIDIA FrameView SDK 1.2.7321.30900954 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7321.30900954 - NVIDIA Corporation) NVIDIA GeForce Experience 3.25.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.0.84 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation) NVIDIA Pilote graphique 511.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.79 - NVIDIA Corporation) NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10383.20027 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10383.20027 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.10383.20027 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.10383.20027 - Microsoft Corporation) Hidden Opera Stable 84.0.4316.31 (HKU\S-1-5-21-1630995361-4188115499-996566064-1001\...\Opera 84.0.4316.31) (Version: 84.0.4316.31 - Opera Software) Oracle VM VirtualBox 6.1.26 (HKLM\...\{FF58283C-7360-4B79-A23B-EAD2F6B4A25A}) (Version: 6.1.26 - Oracle Corporation) Package de pilotes Windows - Silicon Laboratories Inc. (silabser) Ports (05/23/2018 6.7.6.2130) (HKLM\...\C9C3E5CCB43EEF685DD0E2BB4263DDC88C9B3834) (Version: 05/23/2018 6.7.6.2130 - Silicon Laboratories Inc.) ParseHub 54.0.1 (x86 en-US) (HKLM-x32\...\ParseHub 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla) PuTTY release 0.76 (64-bit) (HKLM\...\{1E0D5689-40F1-4E46-ABBB-EAAC68B5CD89}) (Version: 0.76.0.0 - Simon Tatham) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.36.701.2019 - Realtek) SketchCassette II version 2.1 (HKLM\...\SketchCassette II_is1) (Version: 2.1 - Aberrant DSP) Slack (HKU\S-1-5-21-1630995361-4188115499-996566064-1002\...\slack) (Version: 4.23.0 - Slack Technologies Inc.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spitfire Audio version 3.3.18 (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.3.18 - Spitfire Audio Holdings Ltd) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 8.0.0 (HKLM\...\SteelSeries Engine 3) (Version: 8.0.0 - SteelSeries ApS) Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VEGAS Pro 17.0 (HKLM\...\{133F908F-4A0B-11EA-A819-00155D6302F2}) (Version: 17.0.421 - VEGAS) Vinyl (HKLM\...\Vinyl) (Version: 1.10.0 - iZotope, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.5.6 - Black Tree Gaming Ltd.) VSDC Free Video Editor version 6.7.3.298 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.7.3.298 - Flash-Integro LLC) WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden WebTorrent (HKU\S-1-5-21-1630995361-4188115499-996566064-1001\...\WebTorrent) (Version: 0.24.0 - WebTorrent, LLC) WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) WinSCP 5.19.3 (HKLM-x32\...\winscp3_is1) (Version: 5.19.3 - Martin Prikryl) x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - ) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.4 - Xvid Team) Packages: ========= AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2022-03-09] (CyberLink) Avee Player -> C:\Program Files\WindowsApps\11314DaawAww.AveePlayer_0.8.25.0_x64__3mhsykt1m20fj [2022-03-09] (Daaw Aww) [MS Ad] Bureau à distance Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1817.0_x64__8wekyb3d8bbwe [2022-03-09] (Microsoft Corporation) Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-03-09] (INTEL CORP) [Startup Task] ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2022-03-09] (CyberLink) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-03-09] (Microsoft Corporation) DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2022-03-09] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task] Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2022-03-09] (INTEL CORP) Kauna -> C:\Program Files\WindowsApps\13545x2.Kauna_1.36.11.0_x64__s6p2eat6f0r4t [2022-03-09] (x2) KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_2.0.0.3_neutral__s63fsn2sety0r [2022-03-09] (KONICA MINOLTA INC) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2022-03-09] (LinkedIn) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-03-09] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-03-09] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-03-09] (Microsoft Studios) [MS Ad] Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2022-03-09] (Microsoft Studios) [MS Ad] Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2022-03-09] (Microsoft Studios) [MS Ad] Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2022-03-09] (MAGIX) Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.5.0_x64__w2gh52qy24etm [2022-03-09] (A-Volute) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-03-09] (NVIDIA Corp.) PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2022-03-09] (CyberLink) PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2022-03-09] (CyberLink) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.32.261.0_x64__dt26b99r8h8gj [2022-03-09] (Realtek Semiconductor Corp) Spectrum - Music Visualizer -> C:\Program Files\WindowsApps\48347Vollmond.Spectrum-MusicVisualizer_5.8.0.0_x64__9zj4dsv6pb04c [2022-03-09] (Y. Mochiduki) [MS Ad] Traducteur -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-03-09] (Microsoft Corporation) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1630995361-4188115499-996566064-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1630995361-4188115499-996566064-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1630995361-4188115499-996566064-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1630995361-4188115499-996566064-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1630995361-4188115499-996566064-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1630995361-4188115499-996566064-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1630995361-4188115499-996566064-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\wakan\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-10] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-10] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-09-26] (Notepad++ -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-10] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-09-20] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-10] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-09-20] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_1cacf25fc4e8a006\nvshext.dll [2022-02-10] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-10] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Fichier non signé] HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Fichier non signé] HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Fichier non signé] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Fichier non signé] HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [Fichier non signé] HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Fichier non signé] HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2015-06-21] () [Fichier non signé] HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Fichier non signé] HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Fichier non signé] HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Fichier non signé] HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Fichier non signé] HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [Fichier non signé] HKLM\...\Drivers32: [vidc.x264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Fichier non signé] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [Fichier non signé] HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Fichier non signé] HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Fichier non signé] HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Fichier non signé] HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2015-06-21] () [Fichier non signé] HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Fichier non signé] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [Fichier non signé] ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2021-12-17 17:06 - 2021-12-17 17:06 - 000046080 _____ () [Fichier non signé] C:\Program Files\MySQL\MySQL Server 8.0\lib\plugin\component_reference_cache.dll 2022-01-28 00:51 - 2022-01-28 00:53 - 020637184 _____ () [Fichier non signé] C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.5.0_x64__w2gh52qy24etm\Nahimic3.dll 2020-03-04 19:48 - 2020-03-04 19:48 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Fichier non signé] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll 2021-12-17 17:04 - 2021-12-17 17:04 - 000554496 _____ (Google Inc.) [Fichier non signé] C:\Program Files\MySQL\MySQL Server 8.0\bin\libprotobuf-lite.dll 2019-07-02 15:07 - 2019-07-02 15:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [Fichier non signé] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll 2022-01-06 23:57 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\Newtonsoft.Json.dll 2021-07-23 10:36 - 2021-07-23 10:36 - 002122240 _____ (SQLite Development Team) [Fichier non signé] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2021-11-19 14:15 - 2021-11-19 14:15 - 002866176 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Fichier non signé] C:\Program Files\MySQL\MySQL Server 8.0\bin\libcrypto-1_1-x64.dll 2021-11-19 14:15 - 2021-11-19 14:15 - 000686592 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Fichier non signé] C:\Program Files\MySQL\MySQL Server 8.0\bin\libssl-1_1-x64.dll 2022-01-06 23:57 - 2017-03-01 10:30 - 000087040 _____ (Wondershare) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCollect.dll 2022-01-06 23:57 - 2017-03-01 10:30 - 000197632 _____ (Wondershare) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCommon.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\wakan\Application Data:cbb0660c87f0ef13f0dc1af5fc07272a [394] AlternateDataStreams: C:\Users\wakan\Application Data:da1532868ed92ad4ab2c96bd4bf15fa5 [394] AlternateDataStreams: C:\Users\wakan\AppData\Roaming:cbb0660c87f0ef13f0dc1af5fc07272a [394] AlternateDataStreams: C:\Users\wakan\AppData\Roaming:da1532868ed92ad4ab2c96bd4bf15fa5 [394] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== SearchScopes: HKU\S-1-5-21-1630995361-4188115499-996566064-1001 -> DefaultScope {5D29FF0D-72FD-44CE-8446-D30EE3DBB18E} URL = SearchScopes: HKU\S-1-5-21-1630995361-4188115499-996566064-1001 -> {5D29FF0D-72FD-44CE-8446-D30EE3DBB18E} URL = SearchScopes: HKU\S-1-5-21-1630995361-4188115499-996566064-1002 -> DefaultScope {5D29FF0D-72FD-44CE-8446-D30EE3DBB18E} URL = SearchScopes: HKU\S-1-5-21-1630995361-4188115499-996566064-1002 -> {5D29FF0D-72FD-44CE-8446-D30EE3DBB18E} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-02-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-02-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-1630995361-4188115499-996566064-1002\...\sharepoint.com -> hxxps://ifametz-files.sharepoint.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-03-19 05:49 - 2021-11-21 17:44 - 000000881 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.boulangerie.fr 127.0.0.1 drupaltest.fr 2021-12-08 08:51 - 2022-01-27 12:27 - 000000517 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PuTTY\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1630995361-4188115499-996566064-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wakan\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\evangelion-wallpaper-whatspaper-1.jpg HKU\S-1-5-21-1630995361-4188115499-996566064-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\zaite\Pictures\Animal_Koala_HD_Wallpaper.jpg DNS Servers: 172.16.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "SteelSeriesGG" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant" HKU\S-1-5-21-1630995361-4188115499-996566064-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{6fa84ce2-c74e-4486-82fc-127dcfcada00}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{033a503a-f37f-4e4a-84dd-3e6d6f6c63fa}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{581c93ab-8d11-4964-938f-b684f9327c8a}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{dcb74f05-fd05-4b6f-b975-b532bfd9ab56}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{a513096f-7a76-4690-8c43-16791bde0235}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{99058f60-9037-4700-aca1-fdf1d4dd57be}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{fa6a5c45-740f-4b52-986c-030567429558}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{760D57DD-BBCF-468A-9B8C-487657B09091}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{9CA3AF9D-7B79-47E5-804D-A6455BB4F41A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{819ADEAB-6899-4664-BAC6-60B840E5F701}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{DBD3019B-2E49-4B33-A6B3-BF4A9123AF7A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5968448a-59c0-43bc-808c-56fab2cd606e}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{a4d2834c-baf0-4e4a-a168-265e8d1f309d}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{102EDE48-ECB1-4B91-AC37-C20E7A15439D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{1E26D377-BAB9-45BF-8B62-87D98F5A0A5F}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{418B8E5A-2F1F-4BD3-8C43-31F3C975E0BE}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{5DABA712-5945-4C16-9FCD-3E5232F96DC3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{FB28CE12-3F14-4A9A-AEDA-515B642E6AC0}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Multilab LLC) FirewallRules: [{B18A5D10-DDBB-4888-B3D1-F47CE3B3EA36}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Multilab LLC) FirewallRules: [{EEC2E95D-41E6-480C-A54B-4E27FC0EF26E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Multilab LLC) FirewallRules: [{59F26C23-8A7E-48F3-857C-5159A70BB3E9}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Multilab LLC) FirewallRules: [{7846D142-640D-4AB2-B44C-0FF2931A62C6}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Multilab LLC) [Fichier non signé] FirewallRules: [{CE66AC00-CD58-480F-B8C4-1CA0DDD8273A}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Multilab LLC) [Fichier non signé] FirewallRules: [{5377BF12-98FE-448E-91B7-041FF8F43E67}] => (Allow) C:\Program Files\MuMu\emulator\nemu\EmulatorShell\NemuPlayer.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase, Inc.) FirewallRules: [{32F422A9-2EE5-4643-90FF-082B86B1546C}] => (Allow) C:\Program Files\NemuVbox\Hypervisor\NemuHeadless.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) FirewallRules: [{0408E75B-62AE-4AEB-A9CB-B772D9DCF2DC}] => (Allow) C:\Program Files\NemuVbox\Hypervisor\NemuSVC.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) FirewallRules: [{3AC5ED7C-09AB-48E2-BA1A-543A31C7EC25}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{20521538-2048-42BB-B041-1D5E57A83FA9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EAC8D4F0-7628-4FDD-81C4-2C8EEBBE6214}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{61C80C1A-6214-4950-BF22-69A4F77B77AA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BDA718DB-2656-40E2-8892-25B46B27E42C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DB8C6698-3F93-404A-9EA6-126722E01A0B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{98970B13-2F26-4118-B8BD-B57056447796}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{478EE755-7411-43F8-AB30-DB061A2B736E}] => (Allow) C:\Users\wakan\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{B7993F51-7FA0-4878-9C2E-304A58F0F9F4}] => (Allow) C:\Users\wakan\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{61A1A0D1-F258-45B9-9EFB-628E8437A0D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{0692E1AD-C491-4A12-BB2C-C99EF3EA876C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{cd1768b4-6492-4f30-b602-272e1809dad6}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{0ECA3DC7-62CD-49AB-8611-8E56ECA80C32}] => (Allow) C:\Program Files\NemuVbox\Hypervisor\NemuHeadless.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) FirewallRules: [{EAE691BF-A9A6-443C-A03E-443229B72171}] => (Allow) C:\Program Files\NemuVbox\Hypervisor\NemuSVC.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) FirewallRules: [{B460AD65-E638-49E4-BC15-8C79C313F913}] => (Allow) C:\Program Files\NemuVbox\Hypervisor\NemuSVC.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) FirewallRules: [{69BC4B53-BA88-4917-A7F1-F8D692AE823E}] => (Allow) C:\Program Files\NemuVbox\Hypervisor\NemuHeadless.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) FirewallRules: [{EB8CE670-9AC0-444E-8A8B-B5CC34DD8920}] => (Allow) C:\Program Files\MuMu\emulator\nemu\EmulatorShell\NemuPlayer.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase, Inc.) FirewallRules: [{0FC9B3CA-18C7-43C0-BD8C-657F18072792}] => (Allow) C:\Program Files (x86)\ParseHub\parsehub.exe (Mozilla Corporation) [Fichier non signé] FirewallRules: [{DF8866D7-DFE4-4DE4-8B28-FF6E425DF8B4}] => (Allow) C:\Program Files (x86)\ParseHub\parsehub.exe (Mozilla Corporation) [Fichier non signé] FirewallRules: [TCP Query User{DD2C5515-0A66-40FC-9866-0FE5ED17EBBA}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe (COGNOSPHERE PTE. LTD. -> ) FirewallRules: [UDP Query User{9E20B8D8-E7AA-4B76-AC59-61BBB46FAA03}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe (COGNOSPHERE PTE. LTD. -> ) FirewallRules: [TCP Query User{74AC0C05-3E15-4484-B6B4-1E9481E3FFAF}C:\users\wakan\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\wakan\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{12C82CC6-ED1C-430A-B521-0FA4385F3A02}C:\users\wakan\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\wakan\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{7D18BED3-13FE-4E63-A853-0854C2CB8140}] => (Allow) LPort=8686 FirewallRules: [TCP Query User{F4227611-75B7-400D-9788-84718B6F8D9B}C:\programdata\lidarr\bin\lidarr.exe] => (Allow) C:\programdata\lidarr\bin\lidarr.exe (lidarr.audio) [Fichier non signé] FirewallRules: [UDP Query User{DFFFFAF2-234B-4419-BBCD-C4DFE55B666B}C:\programdata\lidarr\bin\lidarr.exe] => (Allow) C:\programdata\lidarr\bin\lidarr.exe (lidarr.audio) [Fichier non signé] FirewallRules: [{60D83D5F-876A-43A6-92FE-88417F951C25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{14D6C765-4E3F-43A2-B848-C798DE88520A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{E5ED5B83-BF99-4149-8E96-9739B8C01653}C:\users\zaite\documents\arduino-nightly-windows\arduino-nightly\java\bin\javaw.exe] => (Allow) C:\users\zaite\documents\arduino-nightly-windows\arduino-nightly\java\bin\javaw.exe FirewallRules: [UDP Query User{735B044C-B544-42D8-AAD9-BE5FD3CF7FC8}C:\users\zaite\documents\arduino-nightly-windows\arduino-nightly\java\bin\javaw.exe] => (Allow) C:\users\zaite\documents\arduino-nightly-windows\arduino-nightly\java\bin\javaw.exe FirewallRules: [TCP Query User{E76130A2-E734-4EB1-9DD4-2B2CD9779B3F}C:\program files (x86)\gog galaxy\games\the witcher 3 wild hunt goty\witcherscriptmerger\tools\wcc_lite\bin\x64\wcc_lite.exe] => (Allow) C:\program files (x86)\gog galaxy\games\the witcher 3 wild hunt goty\witcherscriptmerger\tools\wcc_lite\bin\x64\wcc_lite.exe () [Fichier non signé] FirewallRules: [UDP Query User{A45AAFBD-FD77-4549-9543-8A35DC6C211A}C:\program files (x86)\gog galaxy\games\the witcher 3 wild hunt goty\witcherscriptmerger\tools\wcc_lite\bin\x64\wcc_lite.exe] => (Allow) C:\program files (x86)\gog galaxy\games\the witcher 3 wild hunt goty\witcherscriptmerger\tools\wcc_lite\bin\x64\wcc_lite.exe () [Fichier non signé] FirewallRules: [TCP Query User{0E4C2B3D-AA2C-48F6-B22E-529C81FAFEBE}C:\users\zaite\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\zaite\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{2A4C0463-5859-45EF-AFFE-772549A13B3E}C:\users\zaite\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\zaite\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{BEEDDF47-7D89-434B-8826-8530CF980058}C:\projectignis\edopro.exe] => (Allow) C:\projectignis\edopro.exe (Project Ignis) [Fichier non signé] FirewallRules: [UDP Query User{CE8055F7-C77B-458A-9F3E-EE8E38FCB2FC}C:\projectignis\edopro.exe] => (Allow) C:\projectignis\edopro.exe (Project Ignis) [Fichier non signé] FirewallRules: [{DF8444E8-6DED-4E00-A592-009EFC4C84F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{FDA51F66-3CDB-4640-9911-317D3371DB6E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{3F28A9AF-0202-4EF9-8983-EBECCCFAAE14}C:\users\wakan\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\wakan\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{88DDD404-D474-4A9A-9A52-D3D6C2BF923F}C:\users\wakan\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\wakan\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{6088310C-BF94-4C4A-AEFC-4B684F43E88D}C:\users\wakan\appdata\local\webtorrent\app-0.24.0\webtorrent.exe] => (Allow) C:\users\wakan\appdata\local\webtorrent\app-0.24.0\webtorrent.exe (WEBTORRENT, LLC -> WebTorrent) FirewallRules: [UDP Query User{CF18A020-C690-4E88-9C51-B6C635EE43EF}C:\users\wakan\appdata\local\webtorrent\app-0.24.0\webtorrent.exe] => (Allow) C:\users\wakan\appdata\local\webtorrent\app-0.24.0\webtorrent.exe (WEBTORRENT, LLC -> WebTorrent) FirewallRules: [TCP Query User{33BA8C40-6876-4CEB-AE55-DFB1BAE04A09}C:\laragon\bin\apache\httpd-2.4.47-win64-vs16\bin\httpd.exe] => (Allow) C:\laragon\bin\apache\httpd-2.4.47-win64-vs16\bin\httpd.exe (Apache Software Foundation) [Fichier non signé] FirewallRules: [UDP Query User{667E4712-9CDC-4AB0-ACBD-58146DC0B8B2}C:\laragon\bin\apache\httpd-2.4.47-win64-vs16\bin\httpd.exe] => (Allow) C:\laragon\bin\apache\httpd-2.4.47-win64-vs16\bin\httpd.exe (Apache Software Foundation) [Fichier non signé] FirewallRules: [TCP Query User{B1FE40BF-BC40-4B0D-B46F-9017857815E7}C:\laragon\bin\mysql\mysql-5.7.33-winx64\bin\mysqld.exe] => (Allow) C:\laragon\bin\mysql\mysql-5.7.33-winx64\bin\mysqld.exe () [Fichier non signé] FirewallRules: [UDP Query User{38D0BABA-0D09-4045-A866-98C9DBF35DAA}C:\laragon\bin\mysql\mysql-5.7.33-winx64\bin\mysqld.exe] => (Allow) C:\laragon\bin\mysql\mysql-5.7.33-winx64\bin\mysqld.exe () [Fichier non signé] FirewallRules: [{BFCD6ED1-2688-435D-9C5B-B07D77CEDEF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yu-Gi-Oh! Master Duel\masterduel.exe () [Fichier non signé] FirewallRules: [{946AAA07-BC4E-4F2B-AF0D-141B4DAE523D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yu-Gi-Oh! Master Duel\masterduel.exe () [Fichier non signé] FirewallRules: [{CD2A55B5-DAE0-4E74-B768-DCC7F9F8FC12}] => (Allow) LPort=3306 FirewallRules: [{AC266AB9-E77A-4F0E-B3BE-583DDB55BE6B}] => (Allow) LPort=33060 FirewallRules: [TCP Query User{D4A0CA57-F8E6-4BFD-9DA0-801E9C83C7AD}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> ) FirewallRules: [UDP Query User{1A2E7372-AA07-46B2-A8B0-24849A9420F5}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> ) FirewallRules: [{E2E29145-D7BD-4EB1-A7F5-C70B7CD7984A}] => (Allow) C:\Program Files\NemuVbox\Hypervisor\NemuHeadless.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) FirewallRules: [{F90D8DF2-E62C-4A9A-991D-5A00F36B9C3C}] => (Allow) C:\Program Files\NemuVbox\Hypervisor\NemuSVC.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) FirewallRules: [{B626BB2E-B3B9-448C-8803-0EB038CD6BE2}] => (Allow) C:\Program Files\MuMu\emulator\nemu\EmulatorShell\NemuPlayer.exe (NetEase(Hangzhou) Network Co. Ltd. -> NetEase, Inc.) FirewallRules: [{c269a7cf-0793-4704-8666-f3e1eddb71aa}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{8B95153C-C7EA-4C8C-88E1-A0E1A1CB54A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland) [Fichier non signé] FirewallRules: [{B1E6F8A3-8546-41CF-BF8B-23B30D084923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland) [Fichier non signé] FirewallRules: [{51c9d5c8-0d7a-4fe1-9d97-5f13af3b11b7}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{7e44be39-ba91-4432-a854-9b53cfa01017}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{C2E365A2-E348-4EC7-BA36-9E6E8EF81739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lost Ark\Binaries\Win64\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{3A23573E-1F97-4760-B4F9-082A38C411BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lost Ark\Binaries\Win64\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [TCP Query User{F39034BC-DB11-4FA2-A281-9B7770E23665}C:\program files (x86)\steam\steamapps\common\lost ark\binaries\win64\lostark.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lost ark\binaries\win64\lostark.exe (SmileGate RPG Inc. -> Smilegate RPG) FirewallRules: [UDP Query User{7B2A6029-F764-4819-883D-7BBC8D03D8DC}C:\program files (x86)\steam\steamapps\common\lost ark\binaries\win64\lostark.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lost ark\binaries\win64\lostark.exe (SmileGate RPG Inc. -> Smilegate RPG) FirewallRules: [{147E77A2-EA27-4D84-BEC7-869C0EB2E3CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{38BFCA0D-92C9-4AB9-9586-A548579DE562}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E892A239-00D2-4F53-990B-F336E2E3A2FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3993499C-961C-4635-886F-815AB3CA973D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2D04EBD5-D236-40CB-876D-676553EE01F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{415C5E9D-5FBE-488B-AFB6-5CA7451A3489}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{2BCB1B12-F90A-460D-A53B-6962E06741F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{54BA605A-545D-40CB-B7BA-35B2224306C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{19aa74d3-7237-4eaf-b5d1-61f7dac2cbdc}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{1E22D749-E06C-43E2-9B80-F78AF2B3BE27}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.) FirewallRules: [{29FE8B2D-372A-414F-A2C7-B3EB2560A1EB}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation) FirewallRules: [{BE36CC3F-77FA-439E-9C66-A80BB3944AB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowverse\Shadowverse.exe () [Fichier non signé] FirewallRules: [{4CD1887F-D972-4497-864D-E621AEA18465}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowverse\Shadowverse.exe () [Fichier non signé] FirewallRules: [TCP Query User{A268A679-EEA0-4D01-B689-FDBEF1DE4562}C:\users\wakan\eclipse\jee-2021-12\eclipse\eclipse.exe] => (Allow) C:\users\wakan\eclipse\jee-2021-12\eclipse\eclipse.exe (Eclipse.org Foundation, Inc. -> ) FirewallRules: [UDP Query User{F40C3707-BE0F-4231-93DE-485055A2A1C4}C:\users\wakan\eclipse\jee-2021-12\eclipse\eclipse.exe] => (Allow) C:\users\wakan\eclipse\jee-2021-12\eclipse\eclipse.exe (Eclipse.org Foundation, Inc. -> ) FirewallRules: [TCP Query User{46B1852A-5A39-4295-B31D-2046E7B87644}C:\program files\java\jdk-17\bin\javaw.exe] => (Allow) C:\program files\java\jdk-17\bin\javaw.exe FirewallRules: [UDP Query User{CFE0D6EE-A932-425A-9214-E009E225AD83}C:\program files\java\jdk-17\bin\javaw.exe] => (Allow) C:\program files\java\jdk-17\bin\javaw.exe FirewallRules: [{B4A20FC2-17B5-42D8-AA05-91F0368C527B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{15321BAE-8082-406A-933E-0A7061972329}] => (Allow) C:\Program Files (x86)\Jorgen\Cf.exe => Pas de fichier FirewallRules: [{92906F3C-7A89-4A07-8FEB-E2579D683A03}] => (Allow) C:\Program Files (x86)\Rowers\Cf.exe => Pas de fichier FirewallRules: [{024767A4-49E5-4CF6-8A05-E467C6AD59D1}] => (Allow) C:\Program Files (x86)\heaven\Podiatrist.exe => Pas de fichier FirewallRules: [{2FA3DC83-4BEF-4F5C-AA74-F7AD59F8C086}] => (Allow) C:\Program Files (x86)\Rowers\Podiatrist.exe => Pas de fichier FirewallRules: [{BA1A2562-EF5F-4E3C-8295-00911F387E2C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{00B91705-56B6-4964-BF71-EB64FED3EBCE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{425CAA74-6583-49FE-A276-0148D6223979}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.36\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{099C5C6A-8C74-4330-AD09-821BC411C003}] => (Allow) LPort=32682 ==================== Points de restauration ========================= 09-03-2022 22:02:42 Programme d’installation pour les modules Windows 09-03-2022 22:12:42 Programme d’installation pour les modules Windows 09-03-2022 22:14:18 Opération de restauration 09-03-2022 23:09:09 Programme d’installation pour les modules Windows 09-03-2022 23:51:24 Auslogics Registry Cleaner - avant le nettoyage des éléments détectés 09-03-2022 23:58:37 Point de restauration premier 10-03-2022 09:18:44 Programme d’installation pour les modules Windows ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (03/10/2022 10:26:31 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname MSI.local already in use; will try MSI-2.local instead Error: (03/10/2022 10:26:31 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 MSI.local. Addr 172.16.1.62 Error: (03/10/2022 10:26:31 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 172.16.1.36:5353 16 MSI.local. AAAA FE80:0000:0000:0000:0004:191D:0AAD:6057 Error: (03/10/2022 10:25:31 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante svchost.exe, version : 10.0.19041.1566, horodatage : 0x1f37eb46 Nom du module défaillant : aphostservice.dll, version : 10.0.19041.746, horodatage : 0x096db171 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000001ca9f ID du processus défaillant : 0x730 Heure de début de l’application défaillante : 0x01d83451813170cf Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\svchost.exe Chemin d’accès du module défaillant: c:\windows\system32\aphostservice.dll ID de rapport : dc30e079-b752-481d-9099-7fd519a7b7d3 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (03/10/2022 10:22:04 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Un périphérique attaché au système ne fonctionne pas correctement. . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (03/10/2022 08:39:52 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname MSI.local already in use; will try MSI-2.local instead Error: (03/10/2022 08:39:52 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 MSI.local. Addr 172.16.1.62 Error: (03/10/2022 08:39:52 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 172.16.1.36:5353 16 MSI.local. AAAA FE80:0000:0000:0000:0004:191D:0AAD:6057 Erreurs système: ============= Error: (03/10/2022 10:26:28 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: Le nom "MSI :0" n’a pas pu être enregistré sur l’interface avec l’adresse IP 172.16.1.62. L’ordinateur avec l’adresse IP 172.16.1.5 n’a pas permis que le nom soit réclamé par cet ordinateur. Error: (03/10/2022 10:26:28 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: Le nom "MSI :20" n’a pas pu être enregistré sur l’interface avec l’adresse IP 172.16.1.62. L’ordinateur avec l’adresse IP 172.16.1.5 n’a pas permis que le nom soit réclamé par cet ordinateur. Error: (03/10/2022 10:26:28 AM) (Source: Server) (EventID: 2505) (User: ) Description: Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{479DDD33-A631-4C31-9D69-565420BF7197} car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer. Error: (03/10/2022 10:25:32 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue. Chemin d’accès du module : C:\WINDOWS\system32\IntelIHVRouter08.dll Error: (03/10/2022 10:25:32 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue. Chemin d’accès du module : C:\WINDOWS\system32\IntelIHVRouter08.dll Error: (03/10/2022 10:25:21 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue. Chemin d’accès du module : C:\WINDOWS\system32\IntelIHVRouter08.dll Error: (03/10/2022 10:22:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Installer s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service. Error: (03/10/2022 10:21:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Intel(R) Rapid Storage Technology s’est terminé de façon inattendue pour la 1ème fois. Windows Defender: ================ Date: 2022-03-09 21:39:37 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {3AE05059-6F80-42AB-B657-950814EB0551} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : MSI\wakan Date: 2022-03-09 21:32:29 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0 Nom : VirTool:Win32/DefenderTamperingRestore ID : 2147741622 Gravité : Grave Catégorie : Outil Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware Origine de la détection : Inconnu Type de détection : Concret Source de détection : Système Utilisateur : MSI\wakan Nom du processus : Unknown Version de la veille de sécurité : AV: 1.359.1623.0, AS: 1.359.1623.0, NIS: 1.359.1623.0 Version du moteur : AM: 1.1.18900.3, NIS: 1.1.18900.3 Date: 2022-03-09 21:32:04 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Bearfoos.B!ml&threatid=2147731849&enterprise=0 Nom : Trojan:Win32/Bearfoos.B!ml ID : 2147731849 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\wakan\AppData\Local\Temp\nsw9B75.tmp\28326.exe Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : MSI\wakan Nom du processus : C:\Windows\System32\conhost.exe Version de la veille de sécurité : AV: 1.359.1623.0, AS: 1.359.1623.0, NIS: 1.359.1623.0 Version du moteur : AM: 1.1.18900.3, NIS: 1.1.18900.3 Date: 2022-03-09 18:08:17 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {3B16BADB-50E4-45A8-BD1C-50835DD5645E} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-03-08 17:26:23 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {9D26A98C-F845-427D-93B9-8C397A23C605} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Event[0]: Date: 2022-03-06 16:59:16 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.359.1418.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.18900.3 Code d’erreur : 0x80240022 Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions. CodeIntegrity: =============== Date: 2022-03-10 10:30:03 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2022-03-10 10:28:07 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. E16U7IMS.10B 10/23/2020 Carte mère: Micro-Star International Co., Ltd. MS-16U7 Processeur: Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz Pourcentage de mémoire utilisée: 43% Mémoire physique - RAM - totale: 16205.11 MB Mémoire physique - RAM - disponible: 9216.02 MB Mémoire virtuelle totale: 27469.11 MB Mémoire virtuelle disponible: 18211.74 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:932.13 GB) (Free:335.16 GB) NTFS \\?\Volume{2cdc77a8-6ada-4de4-94a5-2a5358b5efc2}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.43 GB) NTFS \\?\Volume{428c2335-08a9-44e7-b1d6-8321b8998012}\ (BIOS_RVY) (Fixed) (Total:20.45 GB) (Free:0.66 GB) NTFS \\?\Volume{4af922fa-855a-423d-b36e-2e01d04d0c8c}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 953.9 GB) (Disk ID: BCC5C9D9) Partition: GPT. ==================== Fin de Addition.txt =======================