Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 25-09-2023 Exécuté par barry (28-09-2023 09:14:51) Exécuté depuis C:\Users\barry\Downloads Microsoft Windows 11 Famille Version 22H2 22621.2361 (X64) (2023-02-12 14:45:25) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-3680218258-1990516733-2007646127-500 - Administrator - Disabled) barry (S-1-5-21-3680218258-1990516733-2007646127-1001 - Administrator - Enabled) => C:\Users\barry DefaultAccount (S-1-5-21-3680218258-1990516733-2007646127-503 - Limited - Disabled) Invité (S-1-5-21-3680218258-1990516733-2007646127-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3680218258-1990516733-2007646127-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.) Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.371 - Adobe) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.) Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_0) (Version: 25.0 - Adobe Inc.) Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_2) (Version: 27.2 - Adobe Inc.) Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_2) (Version: 22.2.0.183 - Adobe Inc.) Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7) (Version: 24.7.0.643 - Adobe Inc.) Aero (Beta) (HKLM-x32\...\AERO_0_23_4) (Version: 0.23.4 - Adobe Inc.) Apple Mobile Device Support (HKLM\...\{44325855-D4CA-4994-A27A-39FE50CE6A8E}) (Version: 16.0.0.30 - Apple Inc.) Assistant d’installation de Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.2063 - Microsoft Corporation) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Contrôle d’intégrité du PC Windows (HKLM\...\{DB3AADA3-0996-4427-87CC-8BA140012410}) (Version: 3.7.2204.15001 - Microsoft Corporation) Driver Booster 11 (HKLM-x32\...\Driver Booster_is1) (Version: 11.0.0 - IObit) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.27.0.5540 - Electronic Arts) Hidden EA app (HKLM-x32\...\{643327aa-0d22-4bdd-82a4-d28be9d8fe50}) (Version: 13.27.0.5540 - Electronic Arts) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden Infatica P2B Network (HKLM-x32\...\{043C71DF-992B-4A8C-B584-DE65480802F8}_is1) (Version: 1.0.6.4 - ) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) IObit Uninstaller 13 (HKLM-x32\...\IObitUninstall) (Version: 13.0.0.13 - IObit) IPTVSmartersPro 1.1.1 (HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\f6c4a7ae-abcb-5b7e-ac53-6c20f026dd0e) (Version: 1.1.1 - WHMCS Smarters) Microsoft .NET Core Host - 3.1.13 (x64) (HKLM\...\{6235E4FE-D062-4518-8C3E-0241C03D6687}) (Version: 24.116.29816 - Microsoft Corporation) Hidden Microsoft .NET Core Host FX Resolver - 3.1.13 (x64) (HKLM\...\{D5B3C7A8-37E1-4451-A0B1-B1ABD1C79E1D}) (Version: 24.116.29816 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.13 (x64) (HKLM\...\{EEC5DD9E-587D-4360-868B-CB5A752A6BD0}) (Version: 24.116.29816 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.43 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.43 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.16731.20234 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\OneDriveSetup.exe) (Version: 23.184.0903.0002 - Microsoft Corporation) Microsoft Project - fr-fr (HKLM\...\ProjectPro2019Retail - fr-fr) (Version: 16.0.16731.20234 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\Teams) (Version: 1.6.00.20776 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{AF47B488-9780-4AB5-A97E-762E28013CA6}) (Version: 5.71.0.0 - Microsoft Corporation) Microsoft Visio - fr-fr (HKLM\...\VisioPro2019Retail - fr-fr) (Version: 16.0.16731.20234 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.6.2115.31769 - Microsoft Corporation) Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{5E8B524C-99ED-4F58-AC9F-3B05036833A4}) (Version: 3.6.2085.9058 - Microsoft Corporation) Hidden Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{47B3704C-3287-4DFC-B019-CCBF305492B3}) (Version: 3.6.2085.9058 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 3.1.13 (x64) (HKLM\...\{C8DA046B-24D8-4A15-B77E-AFC7F44D1BCA}) (Version: 24.116.29816 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 3.1.13 (x64) (HKLM-x32\...\{df32638d-0722-47cb-b084-3dd851b1146e}) (Version: 3.1.13.29816 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM-x32\...\{8d173101-98c1-4e92-97c6-47c6840745a7}) (Version: 6.0.16.32327 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Node.js (HKLM\...\{D6312B04-7F9E-4651-B8E2-3F35DB2FCFB3}) (Version: 18.16.1 - Node.js Foundation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20234 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20234 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.16731.20234 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) RegRun Reanimator (HKLM-x32\...\UnHackMe Update - Reanimator_is1) (Version: - Greatis Software) SWF.max 2.3 (HKLM-x32\...\SWF.max) (Version: - .max) Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.14.0 - Tweaking.com) UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft) UsbDk Runtime Libraries (HKLM\...\{6D4A6ED0-CF41-4615-A4B3-BDA018C3C1CD}) (Version: 1.0.22 - Red Hat, Inc.) uTorrent Web (HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\utweb) (Version: 1.3.0 - Rainberry, Inc.) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - ) Visual Studio Build Tools 2019 (HKLM-x32\...\17053ce8) (Version: 16.11.27 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) vs_FileTracker_Singleton (HKLM-x32\...\{05CA3463-0B45-425D-9AF2-E1964AB85CBB}) (Version: 16.10.31303 - Microsoft Corporation) Hidden WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH) Wondershare Filmora 12 version 12.0.12.1450 (HKLM-x32\...\{E7B9D7E6-D288-4C72-A231-169DCB28DB4B}_is1) (Version: 12.0.12.1450 - RepackSoftware.Com) Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) Wondershare NativePush(Build 1.0.0.8) (HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2023-09-27] (Adobe Systems Incorporated) Adobe Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeCreativeCloudExpress_2.1.1.0_neutral__ynb6jyjzte8ga [2023-09-28] (Adobe Inc.) Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2023-09-27] (Adobe Systems Incorporated) AppleInc.iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa [2023-09-27] (Apple Inc.) [Startup Task] AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-27] (INTEL CORP) [Startup Task] Aquile Reader -> C:\Program Files\WindowsApps\21676OptimiliaStudios.AquileReader_1.1.30.0_x64__k42naep6bwmrc [2023-09-27] (Optimilia Studios) Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-09-27] (Microsoft Corporation) Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2023.531.1.0_x64__8xx8rvfyw5nnt [2023-09-28] (Meta) HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.1.134.0_x64__dt26b99r8h8gj [2023-09-27] (Realtek Semiconductor Corp) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.21.0_neutral__8xx8rvfyw5nnt [2023-09-28] (Instagram) Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-09-27] (INTEL CORP) Intel® Unison™ -> C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.14.5716.0_x64__8j3eq9eme6ctt [2023-09-27] (INTEL CORP) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1950.4.225.0_x64__8xx8rvfyw5nnt [2023-09-27] (Meta) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-09-27] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-09-27] (Microsoft Corporation) [MS Ad] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-27] (Microsoft Corp.) Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-09-28] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-09-27] (Netflix, Inc.) OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2023-09-27] (Microsoft Corporation) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0 [2023-09-27] (Spotify AB) [Startup Task] Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2023-09-27] (Synaptics Incorporated) Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.9.7.0_x64__t4vj0pshhgkwm [2023-09-27] (Telegram Messenger LLP) [Startup Task] TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2023-09-28] (Bytedance Pte. Ltd.) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2337.7.0_x64__cv1g1gvanyjgm [2023-09-27] (WhatsApp Inc.) [Startup Task] Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-09-28] (Microsoft Corporation) Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.928.502.235_neutral__8wekyb3d8bbwe [2023-09-28] (Microsoft Corporation) WinRAR -> C:\Program Files\WinRAR [2023-09-27] (win.rar GmbH) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3680218258-1990516733-2007646127-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\barry\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare) CustomCLSID: HKU\S-1-5-21-3680218258-1990516733-2007646127-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\barry\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23199.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3680218258-1990516733-2007646127-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-3680218258-1990516733-2007646127-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\barry\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3680218258-1990516733-2007646127-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-07] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-09-12] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> ) ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-07] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-09-12] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\barry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1" ==================== Modules chargés (Avec liste blanche) ============= 2023-01-01 09:26 - 2017-09-14 06:46 - 001012224 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\platforms\qwindows.dll 2023-01-01 09:26 - 2022-04-28 20:21 - 004694016 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Core.dll 2023-01-01 09:26 - 2022-04-28 20:21 - 005032960 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Gui.dll 2023-01-01 09:26 - 2022-04-28 20:21 - 000856064 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Network.dll 2023-01-01 09:26 - 2022-04-28 20:21 - 004483072 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Widgets.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData:iSpring Solutions [128] AlternateDataStreams: C:\ProgramData:iSpring Suite 8 [128] AlternateDataStreams: C:\Users\All Users:iSpring Solutions [128] AlternateDataStreams: C:\Users\All Users:iSpring Suite 8 [128] AlternateDataStreams: C:\ProgramData\Application Data:iSpring Solutions [128] AlternateDataStreams: C:\ProgramData\Application Data:iSpring Suite 8 [128] AlternateDataStreams: C:\Users\barry\Application Data:iSpring Solutions [128] AlternateDataStreams: C:\Users\barry\Application Data:iSpring Suite 8 [128] AlternateDataStreams: C:\Users\barry\AppData\Roaming:iSpring Solutions [128] AlternateDataStreams: C:\Users\barry\AppData\Roaming:iSpring Suite 8 [128] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2023-07-21] (IObit CO., LTD -> IObit) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-08-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\sharepoint.com -> hxxps://univmetiers-files.sharepoint.com IE trusted site: HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2023-09-27 19:31 - 2023-09-27 19:31 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2023-06-12 16:26 - 2023-06-13 13:50 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\nodejs\;C:\ProgramData\chocolatey\bin;C:\Users\barry\AppData\Local\Microsoft\WindowsApps;C:\Windows\System32;C:\Program Files\JetBrains\PyCharm Community Edition 2022.3.2\bin;C:\Users\barry\AppData\Roaming\npm HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\barry\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\StartupFolder: => "StartRLCMS.lnk" HKLM\...\StartupApproved\Run: => "Restoro" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run32: => "AgentMonitor" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => ".ses" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "(sQQCXUxGy5PXuki.tmp.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "118d9bdb-1974-4d26-86e5-023768298121.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "1360dfef-15e1-4d34-bd86-aa800b14ddfc.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "19d2baaa-0730-4b37-9ad9-eb870a2e3ff3.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "39d52af84fb85bdee697aafa1400b442-{87A94AB0-E370-4cde-98D3-ACC110C5967D}" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "4RcXgfYx8Y3rE8@z.tmp.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "6ab43dc2-0831-40e9-812b-59f867784cc6.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "6dbe3c70-b1ab-4957-b1a0-1bc6e9bdddd6.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "7dfb9533-502f-4423-8f27-e464089d0e52.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "89a00df1-78a5-4ca2-88f1-58973ab8dd56.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "8b167390-6b68-42ce-866b-50bf8a008f31.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "a0147f70-e959-478f-9f8a-e4d2fa6e415f.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "a0bf4a41-1165-4191-9904-63b791ec8f84.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "a4e6bcc3-f17f-40ca-80c7-13416f31e13d.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "adobegc.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "amt3.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "b30143c4-b446-49a0-a3d0-abb826b789fb.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "bc3902d8132f43e3ae086a009979fa88.db" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "bc3902d8132f43e3ae086a009979fa88.db.ses" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "{F031F8EC-5E1F-4D46-9524-6F3B853D6632} - OProcSessId.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "{DD7CD27A-ACB4-4024-8173-A94AF8129BA5} - OProcSessId.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "{6ACFBA95-0793-4AF3-A3EA-A19B54734CFD} - OProcSessId.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "{5A21DB1E-E088-48CB-B987-2DF068A67C81} - OProcSessId.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "{57E522F2-D9AD-4B8E-98A8-0EC201517D54} - OProcSessId.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wctD3D7.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wctBB79.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wctB5ED.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wctB11F.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct9BCD.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct95CB.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct91AE.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct8CC8.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct6FC7.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct6700.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct61CC.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct61CB.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct48BC.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct2A74.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct2841.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct10CE.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "usoft.dbd" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "upgrade_sensors" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "trim.txt" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "swtag.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "StructuredQuery.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "StartApps.txt" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "Setup Log 2023-09-22 #001.txt" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "Setup Log 2023-09-20 #004.txt" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "Setup Log 2023-09-20 #003.txt" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "sdresult.db" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "sda0.0.bat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "schtasks_list_45189,5861470486.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "schtasks_45189,5861470486.bat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "sbis.0.bat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "sUpdate.dbd" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "sMarUpdateInfo.dbd" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "s4o.0.bat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "qtsingleapp-reside-c761-1-lockfile" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "qtsingleapp-reside-70f6-4-lockfile" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "qtsingleapp-reside-70f6-1-lockfile" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "PSExt2.dbd" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "PSExt.dbd" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "PDF6C3A.mp3" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "PDF6C3A.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "PDApp.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "OptaneIconOverlay.ico" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "oobelib.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "O$1k!OcrVMcB(4d4.tmp.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "NotifyIconGeneratedAumid_5687173475908505687.png" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "NotifyIconGeneratedAumid_4021035665093359375.png" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "NotifyIconGeneratedAumid_14809229402050155498.png" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "NotifyIconGeneratedAumid_11268499900964543874.png" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "native_push_sensors" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "NGLClient_default.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "NGLClient_Photoshop122.2.0.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "NGLClient_Photoshop1.ngllogcontrolconfig" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "burkrsjoxcdinoumus.exe" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wblvbqjrmvum.exe" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "msedge_installer.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-9924.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-9256.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-9212.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-8816.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-8792.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-8744.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-8672.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-8452.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-8184.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-7368.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-6668.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-6008.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-5828.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-5768.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-5268.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-3888.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-3660.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-3440.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-3348.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-3124.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-3116.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-2804.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-2692.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-2416.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-1968.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-1820.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-1776.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-17264.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-172.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-17172.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-17044.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-16960.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-16936.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-16932.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-1688.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-16840.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-16624.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-16188.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-16128.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-15928.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-15916.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-15616.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-15332.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-15256.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-14800.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-14512.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-14500.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-14464.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-14328.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-14272.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-14112.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-14072.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-14020.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-13784.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-13356.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-13044.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-12924.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-12844.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-12788.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-12712.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-12564.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-12484.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-12172.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-12100.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-1204.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-12032.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-11792.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-11484.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-11308.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-1092.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-1084.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-10648.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-10640.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-10472.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-1032.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "mat-debug-10300.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "jVo)N)0oFnSuL2Q8.tmp.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "InterOP_CCD_Logs.txt" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "HardInfo.txt" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "f9c70651-6f9c-4dd6-b879-0fefed792bc9.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "f3efe0e0-8766-4b80-b9f2-7795e90519d2.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "f3c1608c-2b74-48b7-9e58-71656e3af8d0.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "ea86b752-30ef-4c04-a086-fa37de56a697.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "df15cb03-498e-45e4-b69b-a6a0951d8c52.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "cv_debug.log" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "crash_repo_pref.txt" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "37ca580f-7e94-41ea-bfc4-f0f015bf3257.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "8gP3igjTsNrGxlb(.tmp.dat" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "d2cceed8-b5f8-4caa-a741-0218524275a9.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "f894a4f2-7268-4414-92f3-ff616e93fb59.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "46b2d6cb-d500-4e17-b4d5-b32bf1abd674.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "ae278b25-76eb-4e62-aadb-86c9796d5106.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "NotifyIconGeneratedAumid_13238834794545695966.png" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "qtsingleapp-reside-70f6-2-lockfile" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "qtsingleapp-reside-70f6-3-lockfile" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "~DFF094261C26541E8D.TMP" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "a54e12ed-4ca7-417e-be4f-a13e2beea66e.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "ab77907a-334e-4a61-83ff-7723e382b332.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "ae049594-ba5e-449c-85d6-a6c44f6afe9a.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "e826a8fc-08f4-46fb-9599-66356ef3c8cb.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "MSI1f4ab.LOG" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct89A0.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct91FD.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wct899F.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "wctAE6C.tmp" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "~DFB26137ECFF2A0E2B.TMP" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\StartupFolder: => "~DF3F811680C0AD5854.TMP" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "btweb" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "Bright VPN" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "ProgLauncher" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "Advanced SystemCare" HKU\S-1-5-21-3680218258-1990516733-2007646127-1001\...\StartupApproved\Run: => "LEAJ" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{4348FDB0-B4D0-42F0-B397-F8FA88181CF2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{24757897-8DC3-4996-BBEF-0FBDEA705E1E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E161C7A6-F22D-4E26-A169-072896F2C444}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BA4711DA-C4E7-4DAB-B87B-6308A132B0D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [UDP Query User{03AABE92-CAA0-4B8F-84C4-2EC400DFB188}F:\fifa 21\fifa21.exe] => (Allow) F:\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{AC35BB8C-CFF8-4FF4-806A-6D0C73FBF56E}F:\fifa 21\fifa21.exe] => (Allow) F:\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{C35A95DA-042E-4EF0-8823-4169AD6DCEBC}] => (Allow) LPort=27015 FirewallRules: [{1281F9F7-50D7-4575-8609-07D3B3AB1F2D}] => (Allow) LPort=80 FirewallRules: [{2B45C589-17BB-408E-A96E-1DD734FFF380}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{6BD63CAC-2044-496A-9FE7-6F8BE0441D48}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{7D5E420D-5E16-4782-9A56-18F920771299}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{1DCB9125-0375-4C0B-8554-751FFB2F09F5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{27145A28-E638-4B16-9EA5-73C7EBF4FCEE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{6ED78C50-9DE3-4575-BAC3-6A62C6E5F584}] => (Allow) C:\Users\barry\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare) FirewallRules: [{C450BA7D-53A7-44B1-BF2E-15CC09E6D7C6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{81688F2B-2CE4-4E05-97A2-CB5A6A7453A0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{7D9B5F62-7F80-4117-B244-2BACCDFB8229}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{300A2ED3-0A43-42B4-AD2B-8F5005D92DC8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{EC531863-133E-4A6E-AC03-F5D81EB70FFF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{85448076-BC38-4D1C-9C00-56278BA7C67D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A16CF616-E765-4BA9-84C3-58ED1B850A80}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9E304DCC-BCBC-4D7C-90CD-3EA2B61F0AF7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8B0EB0B9-46F5-447A-A65B-4C440286989C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AA736699-AF22-45B8-B1BE-100A3D956F35}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FFA2AE5F-A68F-40E0-BC95-3DF1F9D1E755}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A9574FE0-B7BF-4474-82CA-8804BB3E44FA}] => (Allow) C:\Users\barry\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.) FirewallRules: [{68144871-0527-44BB-8908-A424FC6F2FE8}] => (Allow) C:\Users\barry\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{0FC24ABA-4203-4274-A96F-0656D6DEBDA0}C:\users\barry\downloads\anydesk.exe] => (Block) C:\users\barry\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [UDP Query User{C4BAB91C-8B96-456D-99FF-75BD5D014239}C:\users\barry\downloads\anydesk.exe] => (Block) C:\users\barry\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [TCP Query User{F38A423D-1471-4B60-92AE-9B35C1877FFB}C:\users\barry\downloads\anydesk (1).exe] => (Allow) C:\users\barry\downloads\anydesk (1).exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [UDP Query User{16E6495A-9A12-4C37-B262-7D59D2029DD3}C:\users\barry\downloads\anydesk (1).exe] => (Allow) C:\users\barry\downloads\anydesk (1).exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [TCP Query User{5D2EFD2A-C6E5-4EB9-8339-C7432CEE6207}C:\users\barry\downloads\winbox64.exe] => (Allow) C:\users\barry\downloads\winbox64.exe (Mikrotikls SIA -> ) FirewallRules: [UDP Query User{C4CD4D3F-4841-47C8-A8D6-3ABE543F2C07}C:\users\barry\downloads\winbox64.exe] => (Allow) C:\users\barry\downloads\winbox64.exe (Mikrotikls SIA -> ) FirewallRules: [TCP Query User{626C8B50-6F98-4168-888E-9D606AF4C0CD}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{32236602-4A5D-49E4-8634-F74EED364886}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{A2FC1EE8-C86C-4606-B3AF-7C43D976B09D}] => (Allow) C:\Users\barry\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare) FirewallRules: [TCP Query User{1D5DF293-A1D4-4BCD-9DA5-99131D56914A}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [UDP Query User{C5B918EA-CEFB-4DFF-926F-9CEBF25CA5C7}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{EF0C4F09-DBF9-4FF3-89D0-0BA628C138CD}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23247.1102.2360.5430_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{57FC1F4D-846E-4805-A60C-7754C4719D45}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23247.1102.2360.5430_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EF2C3185-90A3-4D08-8B87-167A4D514337}] => (Allow) C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.14.5716.0_x64__8j3eq9eme6ctt\IntelUnison.exe (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) FirewallRules: [{D53D0902-AE6F-4F39-ACCF-B3BF66D96527}] => (Allow) C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.14.5716.0_x64__8j3eq9eme6ctt\IntelUnison.exe (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) FirewallRules: [{BEABFB19-E4E1-46AA-9472-E4C1F384D3BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{29F1BC7D-E15F-46ED-BE41-D81539A2A37A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{71C568D6-387E-46DA-BECD-FCE1778F0DB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{4D309D34-1E0B-4800-8E3E-B78DB91ABCCC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{5FC9C4B5-9D7B-40F0-A62B-B5D90603B8FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{FA384404-05F2-454B-B967-54D3DC92521D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{2629D26D-B18C-440F-BF27-A64B11EF852A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{F1A303F4-A453-4433-811A-9139E475C5BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{F478411D-68E6-45B2-A640-D77B01542595}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{80798FE5-1156-4733-B21B-385B6F014308}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{D03073F4-7644-49B9-9D67-B9781FBF580B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{28000B34-7BF2-474D-9D5D-A15578AE25B1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{F2F668F5-7DD7-4809-8282-B637488776F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{0648CB0F-B5CC-4C12-A3F0-3581F5704FF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{B2860D58-2015-49D3-8683-993CD30B91C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe => Pas de fichier FirewallRules: [{17EFE77D-9BB4-4BE7-A785-BE5AADA9B675}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe => Pas de fichier FirewallRules: [{FD5C18BC-3101-4FB1-9764-1C54A12EE0A1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Points de restauration ========================= 27-09-2023 13:49:37 Installed Windows 11 Manager 27-09-2023 13:50:22 Windows 11 Manager v1.3.1 (27/09/2023 13:50:21) 27-09-2023 19:36:19 Installed Windows 11 Manager ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (09/28/2023 12:09:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements mispace a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from SPACES_StorageModificationEvent » dont la classe cible « SPACES_StorageModificationEvent » n’existe pas. La requête sera ignorée. Error: (09/28/2023 12:09:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements mispace a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from SPACES_StorageHealthStatusChangeEvent » dont la classe cible « SPACES_StorageHealthStatusChangeEvent » n’existe pas. La requête sera ignorée. Error: (09/28/2023 12:09:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements mispace a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from SPACES_StorageFaultEvent » dont la classe cible « SPACES_StorageFaultEvent » n’existe pas. La requête sera ignorée. Error: (09/28/2023 12:09:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements mispace a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from SPACES_StorageDepartureEvent » dont la classe cible « SPACES_StorageDepartureEvent » n’existe pas. La requête sera ignorée. Error: (09/28/2023 12:09:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements mispace a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from SPACES_StorageArrivalEvent » dont la classe cible « SPACES_StorageArrivalEvent » n’existe pas. La requête sera ignorée. Error: (09/28/2023 12:09:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements mispace a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from SPACES_StorageAlertEvent » dont la classe cible « SPACES_StorageAlertEvent » n’existe pas. La requête sera ignorée. Error: (09/28/2023 12:09:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements mispace a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from SPACES_HealthActionEvent » dont la classe cible « SPACES_HealthActionEvent » n’existe pas. La requête sera ignorée. Error: (09/28/2023 12:09:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: AUTORITE NT) Description: Le fournisseur d’événements a tenté d’inscrire dans l’espace de noms //./root/Microsoft/Windows/Storage/Providers_v2 la requête « select * from SPACES_StorageModificationEvent » dont la classe cible « SPACES_StorageModificationEvent » n’existe pas. La requête sera ignorée. Erreurs système: ============= Error: (09/28/2023 08:04:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AT5QH78) Description: Le serveur windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (09/28/2023 07:27:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AT5QH78) Description: Le serveur {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (09/27/2023 10:40:56 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AT5QH78) Description: Le serveur {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (09/27/2023 07:29:57 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-AT5QH78) Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service WSearch avec les arguments « Non disponible » pour exécuter le serveur : {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (09/27/2023 07:29:56 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-AT5QH78) Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service RmSvc avec les arguments « Non disponible » pour exécuter le serveur : {581333F6-28DB-41BE-BC7A-FF201F12F3F6} Error: (09/27/2023 07:29:55 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-AT5QH78) Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service EventSystem avec les arguments « Non disponible » pour exécuter le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (09/27/2023 07:29:55 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-AT5QH78) Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service WpnUserService_57b0e avec les arguments « Non disponible » pour exécuter le serveur : {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} Error: (09/27/2023 07:29:55 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-AT5QH78) Description: DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service WpnUserService_57b0e avec les arguments « Non disponible » pour exécuter le serveur : {1FFE4FFD-25B1-40B1-A1EA-EF633353BB4E} Windows Defender: ================ Date: 2023-06-09 07:54:29 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win64/NSudo!MSR&threatid=2147839617&enterprise=0 Nom : Trojan:Win64/NSudo!MSR ID : 2147839617 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_F:\Windows\NSudo.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-AT5QH78\barry Nom du processus : C:\Windows\explorer.exe Version de la veille de sécurité : AV: 1.391.745.0, AS: 1.391.745.0, NIS: 1.391.745.0 Version du moteur : AM: 1.1.23050.3, NIS: 1.1.23050.3 Date: 2023-04-06 18:58:11 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Phonzy.A!ml&threatid=2147772966&enterprise=0 Nom : Trojan:Script/Phonzy.A!ml ID : 2147772966 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_F:\Games\WWE 2K15\steam_api64.dll Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : DESKTOP-AT5QH78\barry Nom du processus : F:\Games\WWE 2K15\WWE2K15Launcher.exe Version de la veille de sécurité : AV: 1.387.163.0, AS: 1.387.163.0, NIS: 1.387.163.0 Version du moteur : AM: 1.1.20200.4, NIS: 1.1.20200.4 Date: 2023-04-06 18:57:32 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Phonzy.A!ml&threatid=2147772966&enterprise=0 Nom : Trojan:Script/Phonzy.A!ml ID : 2147772966 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_F:\Games\WWE 2K15\steam_api64.dll Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : DESKTOP-AT5QH78\barry Nom du processus : F:\Games\WWE 2K15\WWE2K15Launcher.exe Version de la veille de sécurité : AV: 1.387.163.0, AS: 1.387.163.0, NIS: 1.387.163.0 Version du moteur : AM: 1.1.20200.4, NIS: 1.1.20200.4 Date: 2023-04-06 18:57:26 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Phonzy.A!ml&threatid=2147772966&enterprise=0 Nom : Trojan:Script/Phonzy.A!ml ID : 2147772966 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_F:\Games\WWE 2K15\steam_api64.dll Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : DESKTOP-AT5QH78\barry Nom du processus : F:\Games\WWE 2K15\WWE2K15_x64.exe Version de la veille de sécurité : AV: 1.387.163.0, AS: 1.387.163.0, NIS: 1.387.163.0 Version du moteur : AM: 1.1.20200.4, NIS: 1.1.20200.4 Event[0] Date: 2023-09-27 16:38:38 Description: La fonctionnalité de protection en temps réel Antivirus Microsoft Defender a rencontré une erreur et échoué. Fonctionnalité : Sur accès Code d’erreur : 0x8007043c Description de l’erreur : Ce service ne peut pas être démarré en mode sans échec Raison : La veille de sécurité contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème. Date: 2023-09-27 13:00:20 Description: La fonctionnalité de protection en temps réel Antivirus Microsoft Defender a rencontré une erreur et échoué. Fonctionnalité : Sur accès Code d’erreur : 0x8007043c Description de l’erreur : Ce service ne peut pas être démarré en mode sans échec Raison : La veille de sécurité contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème. Date: 2023-09-26 19:41:03 Description: La fonctionnalité de protection en temps réel Antivirus Microsoft Defender a rencontré une erreur et échoué. Fonctionnalité : Sur accès Code d’erreur : 0x8007043c Description de l’erreur : Ce service ne peut pas être démarré en mode sans échec Raison : La veille de sécurité contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème. Date: 2023-09-26 19:38:31 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité et va tenter de rétablir une version précédente. Veille de sécurité tentée : Sauvegarde Code d’erreur : 0x80004004 Description de l’erreur : Opération abandonnée Version de la veille de sécurité : 1.397.1543.0;1.397.1543.0 Version du moteur : 1.1.23080.2005 Date: 2023-09-26 19:38:30 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité et va tenter de rétablir une version précédente. Veille de sécurité tentée : Actuelle Code d’erreur : 0x80004004 Description de l’erreur : Opération abandonnée Version de la veille de sécurité : 1.397.1581.0;1.397.1581.0 Version du moteur : 1.1.23080.2005 CodeIntegrity: =============== Date: 2023-09-28 09:11:38 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f12908b4ff13ff7\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-09-28 09:08:51 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\drivers\Amfltx64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2023-09-28 08:27:10 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: Insyde F.04 08/02/2018 Carte mère: HP 84A6 Processeur: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz Pourcentage de mémoire utilisée: 39% Mémoire physique - RAM - totale: 12203.1 MB Mémoire physique - RAM - disponible: 7426.83 MB Mémoire virtuelle totale: 19115.1 MB Mémoire virtuelle disponible: 14307.3 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:236.49 GB) (Free:55 GB) (Model: SAMSUNG MZALQ256HAJD-000L2) NTFS Drive d: () (Fixed) (Total:0.57 GB) (Free:0.53 GB) (Model: WDC WD5000LPCX-60VHAT0) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive f: () (Fixed) (Total:464.65 GB) (Free:140.22 GB) (Model: WDC WD5000LPCX-60VHAT0) NTFS \\?\Volume{5d2b767d-9902-4f96-8899-68f056d03491}\ () (Fixed) (Total:0.73 GB) (Free:0.08 GB) NTFS \\?\Volume{0b279a12-bc42-4dc3-859d-d0d1c209a7e5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.41 GB) NTFS \\?\Volume{29b1ce4c-0000-0000-0000-904d74000000}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS \\?\Volume{bda910a4-f6a6-4671-b69b-48e8be73e688}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 29B1CE4C) Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=464.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=561 MB) - (Type=27) ========================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: 8312A375) Partition: GPT. ==================== Fin de Addition.txt =======================