Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 06-11-2022 Exécuté par Meldireen (08-11-2022 20:55:50) Exécuté depuis C:\Users\Meldireen\Desktop Microsoft Windows 11 Professionnel Version 22H2 22621.755 (X64) (2022-09-21 19:02:41) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-616166568-2873663226-2089266563-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-616166568-2873663226-2089266563-503 - Limited - Disabled) Invité (S-1-5-21-616166568-2873663226-2089266563-501 - Limited - Disabled) Meldireen (S-1-5-21-616166568-2873663226-2089266563-1001 - Administrator - Enabled) => C:\Users\Meldireen WDAGUtilityAccount (S-1-5-21-616166568-2873663226-2089266563-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Intego Antivirus (Enabled - Up to date) {B185458D-38B3-A010-10F7-3D378DAA6032} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) "Micron NVMe PCIe Device Driver (64 bit) 2.1.19.0 (HKLM\...\{BB9109A2-49F9-49DB-A579-1A06FA37199E}) (Version: 2.1.19.0 - Micron Technology, Inc.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated) Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.88 - Hulubulu Software) Amazon Appstore (HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\com.amazon.venezia) (Version: release-60.12.1.0.207258.0_237010 - amazon.com) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.1.6 - AnyDesk Software GmbH) BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden Brother iPrint&Scan (HKLM-x32\...\{06e7b8fa-f412-4f47-a8d7-74d4a780099e}) (Version: 10.3.1.1 - Brother Industries, Ltd.) Brother iPrint&Scan (HKLM-x32\...\{79F6CD87-9761-414F-87C4-79767318CBFA}) (Version: 10.3.1.1 - Brother Industries, Ltd.) Hidden Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden Brother Port Driver (HKLM-x32\...\{FFBEB35B-02C2-42ED-8C0C-5A74D5D83253}) (Version: 1.0.4.4 - Brother Industries Ltd.) Hidden Brother Printer Driver (HKLM-x32\...\{E2FFD9C0-F6F4-445F-8B82-B5AE3925E431}) (Version: 3.0.0.0 - Brother Industries Ltd.) Hidden Brother Scanner Driver (HKLM-x32\...\{DE927463-3897-456D-BBAC-47882CAC8AD9}) (Version: 1.0.26.1 - Brother Industries Ltd.) Hidden BrSupportTools (HKLM-x32\...\{D0F69DE9-EE0B-4A7A-8248-6D5EC97D171C}) (Version: 1.0.23.0 - Brother Industries Ltd.) Hidden CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP) ControlCenter4 (HKLM-x32\...\{41EAC89B-B9AF-4C0C-813E-E5813548A8E4}) (Version: 4.6.17.1 - Brother Industries, Ltd.) Hidden ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) Crucial Storage Executive (HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\Crucial Storage Executive 7.12.122021.04) (Version: 7.12.122021.04 - Crucial) CustomFolder (HKLM\...\{484359A6-ED09-4A4E-B009-6418E564CE1C}_is1) (Version: 3.2.0 - GDZ Software) CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.3.0 - Globalscape) DeviceDetect (HKLM-x32\...\{97BCFAD0-8BC5-480B-ADA2-F54809F48267}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden Disk Drill 4.0.487 (HKLM\...\{32F3930F-3956-4185-86D4-013FD49E2575}) (Version: 4.0.487.0 - CleverFiles) Dynamic Application Loader Host Interface Service (HKLM\...\{57E7F403-0CDB-4D34-8AB7-069EB1A389AF}) (Version: 1.0.0.0 - Intel Corporation) Hidden EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.29.0.5286 - Electronic Arts) Hidden EA app (HKLM-x32\...\{34cc2f99-6bb2-4ba7-9f12-d31d9c76b6d2}) (Version: 12.29.0.5286 - Electronic Arts) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) FreeMi UPnP Media Server (HKLM\...\FreeMi UPnP Media Server) (Version: 2.0.10 - Stéphane Mitermite) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 66.0.3.0 - Google LLC) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.88 - Google LLC) HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden HttpToUsbBridge (HKLM-x32\...\{6FF1DBC1-A313-460D-B1F2-6444D2F01DEE}) (Version: 2.0.18.1 - Brother Industries Ltd.) Icecream Ebook Reader version 5.31 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.31 - Icecream Apps) Intego Antivirus (HKLM-x32\...\Intego Antivirus) (Version: 2.0.1.6 - Intego) Intel(R) Chipset Device Software (HKLM\...\{4F954DAC-F23D-4AF8-A730-65C372BF6661}) (Version: 10.1.18508.8239 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{a884defb-81e9-46b8-a7f2-5d27c231bf51}) (Version: 10.1.18508.8239 - Intel(R) Corporation) Intel(R) Icls (HKLM\...\{491C4B62-F0B3-4AD2-852A-C61F65C01BD2}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1399D5E5-AF60-406D-BBA9-9DF92F2AC593}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2216.16.0.2805 - Intel Corporation) Intel(R) Management Engine Driver (HKLM\...\{421D9767-3134-4510-9237-79D93FF37F3F}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME WMI Provider (HKLM\...\{3B1BDB47-C042-4A07-9868-234F832027BE}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 25.4 - Intel) Kings (HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\com.and.riseofthekings) (Version: 1.9.20 - and.com) MediaHuman YouTube Downloader 3.9.9.76 (HKLM-x32\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.76 - MediaHuman) Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.35 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.35 - Microsoft Corporation) Microsoft Office LTSC Standard 2021 - fr-fr (HKLM\...\Standard2021Volume - fr-fr) (Version: 16.0.14332.20400 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation) Microsoft Visio LTSC Professionnel 2021 - fr-fr (HKLM\...\VisioPro2021Volume - fr-fr) (Version: 16.0.14332.20400 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation) Microsoft Project Professionnel 2021 - fr-fr (HKLM\...\ProjectPro2021Volume - fr-fr) (Version: 16.0.14332.20400 - Microsoft Corporation) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 106.0.5 (x64 fr)) (Version: 106.0.5 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0.1 - Mozilla) NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation) NVIDIA Pilote graphique 516.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.59 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14332.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20375 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.14332.20375 - Microsoft Corporation) Hidden PC-FAXReceive (HKLM-x32\...\{9C609AF4-9CC1-45F0-B954-29DF7DD40329}) (Version: 1.8.004.0 - Brother Insutries Ltd.) Hidden PCFaxTx (HKLM-x32\...\{03BF5A21-6363-410C-B3BE-0946B0012704}) (Version: 3.7.3.1 - Brother Industries Ltd.) Hidden PhotoFiltre 11.4.1 (HKLM\...\{562D5B35-6D7E-415D-8554-30A2D0146FE6}_is1) (Version: 11.4 - PhotoFiltre) Photomatix Pro version 6.0.3 (HKLM\...\PhotomatixPro5x64_is1) (Version: 6.0.3 - HDRsoft Ltd) PhotoStage - Créateur de diaporamas (HKLM-x32\...\PhotoStage) (Version: 6.01 - NCH Software) PowerToys (Preview) (HKLM\...\{06F18418-D1F4-4C41-A45A-DA86079A9823}) (Version: 0.64.0 - Microsoft Corporation) Hidden PowerToys (Preview) x64 (HKLM-x32\...\{5aed9284-1ef0-4dbe-86f4-64b4731b508c}) (Version: 0.64.0 - Microsoft Corporation) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9282.1 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.60.615.2022 - Realtek) RemoteSetup (HKLM-x32\...\{6C3BCC5F-16B6-45FD-BE6E-46AF73A2C4A7}) (Version: 3.9.4.1 - Brother Industries Ltd.) Hidden Revo Uninstaller 2.4.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.1 - VS Revo Group, Ltd.) ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden Screenpresso (HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\Screenpresso) (Version: 2.1.7.0 - Learnpulse) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) SoftwareUpdateNotification (HKLM-x32\...\{013A706A-C8FA-4F56-8641-B8C792BB3CEE}) (Version: 1.0.18.0 - Brother Industries, Ltd.) Hidden StatusMonitor (HKLM-x32\...\{917FA52F-AFA9-46C0-BEE0-895B29160631}) (Version: 1.22.7.0 - Brother Insutries Ltd.) Hidden TeraCopy (HKLM\...\{C38F85E6-6E93-4963-A29E-B871C8A28D13}) (Version: 3.9.2 - Code Sector) UltraMon (HKLM\...\{2CB51501-DA86-4216-9C9B-2C52A64BA047}) (Version: 3.4.1 - Realtime Soft AG) UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Zoom(64bit) (HKLM\...\{C689C838-7C4A-403E-B176-31FD6654FB33}) (Version: 5.11.6569 - Zoom) Packages: ========= Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.4.0_neutral__yxz26nhyzhsrt [2022-11-08] (Microsoft Corp.) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.41.5.0_x64__6rarf9sa4v8jt [2022-11-02] (Disney) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-10-01] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-10-01] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-01] (Microsoft Studios) [MS Ad] ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-01] (Microsoft Corp.) ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32061.0_x64__8wekyb3d8bbwe [2022-10-01] (Microsoft Corporation) ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-01] (Microsoft Corporation) ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-11-01] (ms-resource:ProductPublisherDisplayName) ms-resource:WsaDisplayName -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2209.40000.26.0_x64__8wekyb3d8bbwe [2022-11-04] (Microsoft Corp.) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-25] (NVIDIA Corp.) PowerToys ImageResizer Context Menu -> C:\Program Files\PowerToys\modules\ImageResizer [2022-11-07] (0) PowerToys PowerRename Context Menu -> C:\Program Files\PowerToys\modules\PowerRename [2022-11-07] (0) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2022-10-01] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0 [2022-10-29] (Spotify AB) [Startup Task] Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2022.711.123.201_neutral__8wekyb3d8bbwe [2022-10-01] (Microsoft Corporation) WinRAR -> C:\Program Files\WinRAR [2022-10-01] (0) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-616166568-2873663226-2089266563-1001_Classes\CLSID\{36B27788-A8BB-4698-A756-DF9F11F64F84}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-616166568-2873663226-2089266563-1001_Classes\CLSID\{45769bcc-e8fd-42d0-947e-02beef77a1f5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-616166568-2873663226-2089266563-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => Pas de fichier CustomCLSID: HKU\S-1-5-21-616166568-2873663226-2089266563-1001_Classes\CLSID\{8BC8AFC2-4E7C-4695-818E-8C1FFDCEA2AF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-616166568-2873663226-2089266563-1001_Classes\CLSID\{afbd5a44-2520-4ae0-9224-6cfce8fe4400}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-616166568-2873663226-2089266563-1001_Classes\CLSID\{BFEE99B4-B74D-4348-BCA5-E757029647FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-616166568-2873663226-2089266563-1001_Classes\CLSID\{d93ed569-3b3e-4bff-8355-3c44f6a52bb5}\InprocServer32 -> => Pas de fichier CustomCLSID: HKU\S-1-5-21-616166568-2873663226-2089266563-1001_Classes\CLSID\{ddee2b8a-6807-48a6-bb20-2338174ff779}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-616166568-2873663226-2089266563-1001_Classes\CLSID\{ec52dea8-7c9f-4130-a77b-1737d0418507}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2018-07-02] (GlobalSCAPE, Inc.) [Fichier non signé] ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2018-07-02] (GlobalSCAPE, Inc.) [Fichier non signé] ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Pas de fichier ContextMenuHandlers4: [CuteShellExt] -> {A09315EC-39D3-4ED3-B6A1-262DDC54A3C5} => C:\Program Files (x86)\Globalscape\CuteFTP\CuteShell64.dll [2018-07-02] (GlobalSCAPE, Inc.) [Fichier non signé] ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Pas de fichier ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-07] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_246e95e4066041ad\nvshext.dll [2022-06-24] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\Drivers32: [vidc.spv1] => C:\Users\Meldireen\AppData\Local\Learnpulse\Screenpresso\ScreenpressoCodec.dll [167656 2022-10-17] (Learnpulse -> LearnPulse) ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\Meldireen\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat () ==================== Modules chargés (Avec liste blanche) ============= 2021-03-06 05:32 - 2021-03-06 05:32 - 000022016 _____ (Adobe Systems Inc.) [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\fr_fr\Acrobat Elements\ContextMenuShim64.fra ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [302] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Association (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) HKU\S-1-5-21-616166568-2873663226-2089266563-1001\Software\Classes\regfile: <==== ATTENTION HKU\S-1-5-21-616166568-2873663226-2089266563-1001\Software\Classes\.reg: regfile => <==== ATTENTION HKU\S-1-5-21-616166568-2873663226-2089266563-1001\Software\Classes\.bat: batfile => <==== ATTENTION HKU\S-1-5-21-616166568-2873663226-2089266563-1001\Software\Classes\.cmd: cmdfile => <==== ATTENTION ==================== Internet Explorer (Avec liste blanche) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-06-26] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-26] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-26] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-26] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-06-26] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-12-07 10:14 - 2022-10-01 19:13 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2022-09-22 18:14 - 2022-10-22 19:09 - 000000441 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.21.32.1 MELDIREEN-HOME.mshome.net # 2027 10 4 21 18 9 48 965 ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-616166568-2873663226-2089266563-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Meldireen\AppData\Local\Realtime Soft\UltraMon\UltraMon Wallpaper.bmp DNS Servers: 1.1.1.1 - 1.0.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) MSCONFIG\Services: !SASCORE => 2 MSCONFIG\Services: AnyDesk => 2 MSCONFIG\Services: BrYNSvc => 3 MSCONFIG\Services: cfbackd => 3 MSCONFIG\Services: EABackgroundService => 3 MSCONFIG\Services: EaseUS UPDATE SERVICE => 2 MSCONFIG\Services: Everything => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: RstMwService => 2 MSCONFIG\Services: RtkAudioUniversalService => 2 MSCONFIG\Services: SandraAgentSrv => 3 MSCONFIG\Services: TeraCopyService.exe => 2 MSCONFIG\Services: WMIRegistrationService => 2 MSCONFIG\Services: ZoomCptService => 2 HKLM\...\StartupApproved\StartupFolder: => "Wireless Connection Manager.lnk" HKLM\...\StartupApproved\StartupFolder: => "RustDesk Tray.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "MouseDriver" HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run: => "Everything" HKLM\...\StartupApproved\Run: => "WinCompose" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKLM\...\StartupApproved\Run32: => "I17B" HKLM\...\StartupApproved\Run32: => "uni mouse driver" HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{15288FEA-FF7D-47C1-A735-12A4BEE0F46D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{285D3F3D-255F-404C-89A3-9508DFE83605}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7D9E1997-12AB-4B96-9355-84D1189BEA59}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{FDE6F890-49EF-4029-B5C8-F80EBDFE0E47}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{5D6DEC8D-1AED-4255-9946-DD41A744E928}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{BCAE4FAC-423B-48A7-B1AC-4F84CB8C1C87}] => (Allow) C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe (Stéphane Mitermite) [Fichier non signé] FirewallRules: [{6BCD6287-36E3-4DBA-ABBF-F98F0B3FF945}] => (Allow) C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe (Stéphane Mitermite) [Fichier non signé] FirewallRules: [{146662D5-FCD8-49EA-BE99-57234B3BFFD1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{7C455D51-A47B-4FC6-9057-A6F1AEE1F596}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [Fichier non signé] FirewallRules: [{55B15100-4472-41E0-B4A5-7DDF070B7D80}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [Fichier non signé] FirewallRules: [{FA6076FE-4206-4EFE-9A2A-A087BB4A96E5}] => (Allow) LPort=54950 FirewallRules: [{D7D36C96-375B-4016-9479-E78E58382AAE}] => (Allow) LPort=54955 FirewallRules: [TCP Query User{4FDCBA0A-1D63-4205-9E4B-C66F2776A9A0}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe FirewallRules: [UDP Query User{1FE2D6FC-DFFE-4FF6-98C3-8CACAA9D30D8}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe FirewallRules: [TCP Query User{142BFC43-CCFC-4D97-856D-8631555F755D}C:\program files\freemi upnp media server\freemi upnp media server.exe] => (Allow) C:\program files\freemi upnp media server\freemi upnp media server.exe (Stéphane Mitermite) [Fichier non signé] FirewallRules: [UDP Query User{14EAD908-623C-4BE1-BFF8-B84F1623CD9F}C:\program files\freemi upnp media server\freemi upnp media server.exe] => (Allow) C:\program files\freemi upnp media server\freemi upnp media server.exe (Stéphane Mitermite) [Fichier non signé] FirewallRules: [{6DF0FE46-3ED9-45B4-953C-C107B0A281BC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CDE7184A-27DB-421C-99F3-4F234933C689}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D03073F4-7644-49B9-9D67-B9781FBF580B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{28000B34-7BF2-474D-9D5D-A15578AE25B1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{F2F668F5-7DD7-4809-8282-B637488776F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{0648CB0F-B5CC-4C12-A3F0-3581F5704FF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{B2860D58-2015-49D3-8683-993CD30B91C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe => Pas de fichier FirewallRules: [{17EFE77D-9BB4-4BE7-A785-BE5AADA9B675}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe => Pas de fichier FirewallRules: [{634DF2CC-1628-4690-BE3D-8C7569D9E647}] => (Allow) C:\Program Files\EA Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{837C793A-8CB1-445D-904A-8EB9DF3FA6FC}] => (Allow) C:\Program Files\EA Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{3B4618C6-7C2C-48A2-BE5D-DFAA3A27198F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B18E8916-3755-4BA0-83F8-BA6AE8D62CE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A1C2E669-D187-4E24-BBB3-2A395F99C577}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C4ECF77A-42CE-417D-AC96-BC3619C49264}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EC132348-3129-478C-9EBC-27D495EBB107}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9747E914-2B4F-4DEE-AEB7-84C807C85554}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3C3581C2-64B4-4FAE-9DC6-493008A9D793}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CE103B6A-75A6-48B8-8AA4-5F443FF50B9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B5D19A2B-D53C-4632-815E-1AEA87C73D8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5B345B21-4E7A-4121-92FB-013652F9C445}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FB90B090-EC21-4E8D-A2B3-2AE461680C60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D6283353-0A0E-4246-A6B9-4388B8B3B963}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FB373765-9FEA-436B-B0EB-CC1873398CFB}] => (Allow) C:\Program Files (x86)\Intego\IavService.exe (Intego Inc -> Intego Inc) FirewallRules: [{CFCA7A3C-83A5-48DB-8800-BA462698A154}] => (Allow) C:\Program Files (x86)\Intego\IavWebfilter.exe (Intego Inc -> Intego Inc) FirewallRules: [{E27BD11E-716D-4E02-A114-1B5F2D35B083}] => (Allow) C:\Program Files (x86)\Intego\IavService.exe (Intego Inc -> Intego Inc) FirewallRules: [{1945DE46-2549-43CA-92CE-26273D9BDF2C}] => (Allow) C:\Program Files (x86)\Intego\IavService.exe (Intego Inc -> Intego Inc) FirewallRules: [{D1AFE928-BAEF-43F8-BCE0-10D42725C74B}] => (Allow) C:\Program Files (x86)\Intego\IavService.exe (Intego Inc -> Intego Inc) FirewallRules: [{62E548C6-CF8E-4457-97CC-1F634E68EC1E}] => (Allow) C:\Program Files (x86)\Intego\IavService.exe (Intego Inc -> Intego Inc) FirewallRules: [{6BB49FD1-1035-4C56-B92A-8E15F8D076A8}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2021\WNt600x64\RpcSandraSrv.exe => Pas de fichier FirewallRules: [{E28475FB-E1F2-47CC-AE73-B43E165CA448}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{733A33CE-42D5-4D34-A459-CEB08D54D2A2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2209.40000.26.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe () [Fichier non signé] FirewallRules: [{633A0A5E-5603-488E-AFD9-4F07410991F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{06E0CE6D-33AC-428B-84C1-91BEEBCBA4E8}C:\users\meldireen\desktop\sdio_1.12.8.748\sdio_1.12.8.748\sdio_x64_r748.exe] => (Block) C:\users\meldireen\desktop\sdio_1.12.8.748\sdio_1.12.8.748\sdio_x64_r748.exe (Glenn Stuart Delahoy -> Glenn Delahoy) FirewallRules: [UDP Query User{5D38EB26-26AB-40D1-9AE7-C20F3AC78E3F}C:\users\meldireen\desktop\sdio_1.12.8.748\sdio_1.12.8.748\sdio_x64_r748.exe] => (Block) C:\users\meldireen\desktop\sdio_1.12.8.748\sdio_1.12.8.748\sdio_x64_r748.exe (Glenn Stuart Delahoy -> Glenn Delahoy) FirewallRules: [{389FFD86-C77A-4C2D-9590-86C2E728CF60}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{878A9E82-DF21-438A-AF70-EBB92F8F4D35}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{BC4B2B68-5304-4C8B-9CDD-C8DC243E6B29}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{7ED6B271-B8E6-4D5C-B73D-3BAD8B131025}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{DB740F3D-1D81-4DB1-84DD-489BC6DCBB1C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{76596B50-6E53-4C5D-BD88-B0B343994941}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) ==================== Points de restauration ========================= 26-10-2022 07:29:00 Programme d’installation pour les modules Windows 01-11-2022 11:40:07 Programme d’installation pour les modules Windows 04-11-2022 21:14:40 Revo Uninstaller's restore point - Curiosity 22.10.33670 05-11-2022 19:18:12 SiSoftware Sandra Lite 06-11-2022 20:49:16 Installed drivers 07-11-2022 21:09:45 PowerToys (Preview) x64 07-11-2022 21:45:16 Revo Uninstaller's restore point - SIW DEMO 07-11-2022 21:46:01 Revo Uninstaller's restore point - SIW 2022 v12.5.1103 Trial (64-bit) 07-11-2022 21:53:53 Revo Uninstaller's restore point - Outbyte Driver Updater ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (11/08/2022 07:22:55 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Wait Workflow Commands request from device. Error: (11/08/2022 07:22:55 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Start Broadcast Receiver Server... Error: (11/08/2022 07:22:55 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Start Server... Error: (11/08/2022 07:22:55 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Start Server... Error: (11/08/2022 07:22:55 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Host.AddressList[1]: 127.0.0.1 Error: (11/08/2022 07:22:55 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Host.AddressList[0]: fe80::a9ed:7482:589c:d434%12 Error: (11/08/2022 07:22:55 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: Host.AddressList.Length: 2 Error: (11/08/2022 07:22:54 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: ) Description: La valeur ne peut pas être null. Nom du paramètre : ipString Erreurs système: ============= Error: (11/08/2022 07:25:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (11/08/2022 07:25:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Error: (11/08/2022 07:24:44 PM) (Source: DCOM) (EventID: 10010) (User: MELDIREEN-HOME) Description: Le serveur {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/08/2022 07:24:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (11/08/2022 07:24:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Error: (11/08/2022 07:23:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (11/08/2022 07:23:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Error: (11/08/2022 07:23:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. CodeIntegrity: =============== Date: 2022-11-08 19:25:26 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements. Date: 2022-11-08 19:25:26 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements. Date: 2022-11-08 19:17:24 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 1.40 06/09/2022 Carte mère: Micro-Star International Co., Ltd. MAG B460 TOMAHAWK (MS-7C81) Processeur: Intel(R) Core(TM) i5-10400F CPU @ 2.90GHz Pourcentage de mémoire utilisée: 40% Mémoire physique - RAM - totale: 16320.41 MB Mémoire physique - RAM - disponible: 9669.87 MB Mémoire virtuelle totale: 32704.41 MB Mémoire virtuelle disponible: 22782.36 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:930.75 GB) (Free:705 GB) (Model: CT1000P5SSD8) NTFS Drive e: (Seed HDD) (Fixed) (Total:3725.9 GB) (Free:258.85 GB) (Model: TOSHIBA External USB 3.0 USB Device) NTFS Drive f: (HD Meldireen III) (Fixed) (Total:931.51 GB) (Free:84.08 GB) (Model: PHD 3.0 Silicon-Power USB Device) NTFS Drive g: (Google Drive) (Fixed) (Total:17 GB) (Free:9.22 GB) (Model: CT1000P5SSD8) FAT32 \\?\Volume{ca2653ae-fe70-42e8-b609-6b5b33205434}\ () (Fixed) (Total:0.65 GB) (Free:0.08 GB) NTFS \\?\Volume{1de76f75-31b8-41ce-ad50-5404b93351d9}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7A17A8E8) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (Size: 3726 GB) (Disk ID: 28C7CA14) Partition: GPT. ==================== Fin de Addition.txt =======================