Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 06-10-2023 Exécuté par Flavien (09-10-2023 18:00:08) Exécuté depuis C:\Users\Flavien\Downloads Microsoft Windows 10 Famille Version 22H2 19045.3448 (X64) (2023-09-17 16:14:25) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-266307271-186719744-3698087808-500 - Administrator - Disabled) Compte intermédiaire (S-1-5-21-266307271-186719744-3698087808-1001 - Administrator - Enabled) => C:\Users\Compte intermédiaire DefaultAccount (S-1-5-21-266307271-186719744-3698087808-503 - Limited - Disabled) Flavien (S-1-5-21-266307271-186719744-3698087808-1023 - Administrator - Enabled) => C:\Users\Flavien Invité (S-1-5-21-266307271-186719744-3698087808-501 - Limited - Disabled) Jocelyne (S-1-5-21-266307271-186719744-3698087808-1024 - Administrator - Enabled) => C:\Users\Jocelyne WDAGUtilityAccount (S-1-5-21-266307271-186719744-3698087808-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 23.006.20320 - Adobe) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.) CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.) DeepL (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\DeepL) (Version: 4.0.6052 - DeepL SE) Discord (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) Discord (HKU\S-1-5-21-266307271-186719744-3698087808-1023\...\Discord) (Version: 1.0.9017 - Discord Inc.) Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.817.1 - Dropbox, Inc.) Hidden Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.149 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden Grammarly for Windows (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\Grammarly Desktop Integrations) (Version: 1.0.0.106 - ) HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP) HP Audio Switch (HKLM-x32\...\{0C5D69BD-B518-46DB-8471-506CD27F9478}) (Version: 1.0.138.0 - HP Inc.) HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM\...\{2CB12285-90BF-469F-B973-34495ABAF048}) (Version: 5.2.20454 - HP Inc.) Hidden HP ePrint SW (HKLM\...\{5C690381-6AF5-4374-B50C-02F0390E9980}) (Version: 5.2.20454 - HP Inc.) Hidden HP ePrint SW (HKLM\...\{D711D91A-127D-4A11-BA83-634868AD8016}) (Version: 5.2.20454 - HP Inc.) Hidden HP ePrint SW (HKLM\...\{EA274518-738D-4A48-A1CB-596173D4C6A2}) (Version: 5.2.20454 - HP Inc.) Hidden HP ePrint SW (HKLM-x32\...\{03ED1397-7E72-4F6E-A0F0-2994A0A13421}) (Version: 5.2.20454 - HP Inc.) Hidden HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.) HP ePrint SW (HKLM-x32\...\{B9ADB0F9-459B-4E6B-A021-0F38C73FC060}) (Version: 5.2.20454 - HP Inc.) Hidden HP JumpStart Bridge (HKLM-x32\...\{9B252E0D-7B31-48A6-B01E-B5CCBA286E8E}) (Version: 1.1.0.168 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.) HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.) HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP) HP Support Solutions Framework (HKLM-x32\...\{11B7269C-6904-485C-9875-F23AAE32E671}) (Version: 12.5.32.53 - HP Inc.) HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.) HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP) Intel(R) Chipset Device Software (HKLM\...\{3AAD3A73-0D6A-4EFE-93FC-7719DC6C89E4}) (Version: 10.1.1.37 - Intel Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{6574B7E5-BC77-4EE6-8319-C18FD8B0C960}) (Version: 11.6.0.1030 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{AC4709F9-831D-4EDD-B8E8-83AC7C563B66}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4526 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{EBE12EC7-60DF-41C2-AAC8-0B2586F15C96}) (Version: 15.2.0.1020 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{278F5FF6-100E-4089-924F-80BDB7F81B4E}) (Version: 19.10.1635.0483 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden Intel® PROSet/Wireless WiFi Software (HKLM\...\{11BD5062-5227-4A48-91AF-904B1802EEA8}) (Version: 19.10.0.0866 - Intel Corporation) Hidden Intel® Trusted Connect Service Client (HKLM\...\{75FE588B-F158-4BB3-A283-A8D18E522A52}) (Version: 1.43.301.1 - Intel Corporation) Hidden Malwarebytes version 4.6.4.286 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.4.286 - Malwarebytes) Microsoft 365 Apps for enterprise - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.16827.20130 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.60 - Microsoft Corporation) Microsoft Office Famille et Étudiant 2016 - fr-fr (HKLM\...\HomeStudentRetail - fr-fr) (Version: 16.0.16827.20130 - Microsoft Corporation) Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.16827.20130 - Microsoft Corporation) Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.16827.20130 - Microsoft Corporation) Microsoft Office Home and Student 2016 - it-it (HKLM\...\HomeStudentRetail - it-it) (Version: 16.0.16827.20130 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.194.0917.0001 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{6CAEAB4F-2B43-485A-B7F9-AFC2D88BD7A3}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{1AB26641-D555-4648-B08B-676F707A0B1B}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Mozilla Firefox (x64 fr) (HKU\S-1-5-21-266307271-186719744-3698087808-1023\...\Mozilla Firefox 118.0.1 (x64 fr)) (Version: 118.0.1 - Mozilla) Notion 2.0.16 (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.16 - Notion Labs, Incorporated) NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation) NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Pilote graphique 461.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.92 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20056 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden OpenOffice 4.1.7 (HKLM-x32\...\{A9222889-1CDA-42BD-B11B-113E7C91C1C7}) (Version: 4.17.9800 - Apache Software Foundation) Outlook (PWA) (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\8ae6b01c0ab96e01085f0b1913119ec2) (Version: 1.0 - Google\Chrome) Qustodio (HKLM-x32\...\Qustodio) (Version: 188.1.2187.0 - Qustodio) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.) Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated) TeamLink 1.17.2 (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\{c7e47634-eaac-57e5-9e5e-a335c6affe63}) (Version: 1.17.2 - Cybrook Inc.) Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.3.0.13565 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - Intel Corporation Inc.) War Thunder Launcher 1.0.3.243 (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) WhatsApp (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\WhatsApp) (Version: 2.2305.7 - WhatsApp) Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited) WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH) Wondershare Filmora9(Build 9.4.5) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) World_of_Warships (HKU\S-1-5-21-266307271-186719744-3698087808-1023\...\WOWS.WW.PRODUCTION) (Version: - Wargaming.net) Zoom (HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.) Zotero (HKLM-x32\...\Zotero 5.0.95.1 (x86 en-US)) (Version: 5.0.95.1 - Corporation for Digital Scholarship) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2023-09-19] (Adobe Systems Incorporated) Adobe Photoshop Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.12.1.0_x64__mtcwf2zmmt10c [2023-09-19] (Adobe Inc.) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corporation) Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-09-17] (Microsoft Corporation) HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2023-10-09] (HP Inc.) HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2022-08-27] (Universal Music Mobile) HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.3.2.0_x64__v10z8vjag6ke6 [2023-09-25] (HP Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-17] (HP Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-09-18] (NVIDIA Corp.) Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.727.100_x64__8wekyb3d8bbwe [2023-09-17] (Microsoft Corporation) Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.4.96.0_x64__kx24dqmazqk8j [2023-10-05] (Random Salad Games LLC) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-10-05] (Microsoft Studios) [MS Ad] Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.929.2012.128_neutral__8wekyb3d8bbwe [2023-10-04] (Microsoft Corporation) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-266307271-186719744-3698087808-1023_Classes\CLSID\{04271989-C4D2-E962-05A8-5B9D957CED70} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-266307271-186719744-3698087808-1023_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-90154281CF9A} -> [Creative Cloud Files] => C:\Users\Flavien\Creative Cloud Files [2023-09-19 22:06] CustomCLSID: HKU\S-1-5-21-266307271-186719744-3698087808-1023_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-266307271-186719744-3698087808-1023_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-266307271-186719744-3698087808-1023_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-266307271-186719744-3698087808-1023_Classes\CLSID\{4ABFC4CE-866C-45DB-A23A-16B693DAD656}\InprocServer32 -> C:\Users\Flavien\AppData\Local\BraveSoftware\Update\1.3.361.137\psuser_64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-266307271-186719744-3698087808-1023_Classes\CLSID\{A1BB21C1-2B9D-44F2-97B6-40D4DA19FEED}\InprocServer32 -> C:\Users\Flavien\AppData\Local\BraveSoftware\Update\1.3.361.137\psuser_64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-266307271-186719744-3698087808-1023_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Flavien\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Pas de fichier CustomCLSID: HKU\S-1-5-21-266307271-186719744-3698087808-1023_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-29] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-29] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-29] (Adobe Inc. -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-29] (Adobe Inc. -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-09] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxDTCM.dll [2018-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_9f074a9de859939d\nvshext.dll [2021-03-13] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-29] (Adobe Inc. -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-09] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2023-09-23 13:13 - 2023-09-23 13:13 - 000138752 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\924cce97e6d47a92e411c5d86ac98e7a\BRIDGECommon.ni.dll 2023-09-23 13:14 - 2023-09-23 13:14 - 000114688 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\79c6fc98c33453360b5b564cbeead352\BridgeExtension.ni.dll 2023-07-25 16:29 - 2023-07-25 16:29 - 005112440 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Qustodio\qapp\Qt5Core.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\Flavien\Downloads\adwcleaner_8.4.0.exe:MBAM.Zone.Identifier [156] AlternateDataStreams: C:\Users\Flavien\Downloads\FRST64.exe:MBAM.Zone.Identifier [240] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-266307271-186719744-3698087808-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE SearchScopes: HKLM -> {99638044-5860-4263-B59A-BF509AB945D6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {99638044-5860-4263-B59A-BF509AB945D6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-266307271-186719744-3698087808-1001 -> {99638044-5860-4263-B59A-BF509AB945D6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Pas de fichier BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Pas de fichier Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\hola.org -> hxxp://hola.org IE trusted site: HKU\S-1-5-21-266307271-186719744-3698087808-1001\...\sharepoint.com -> hxxps://eduvaud-files.sharepoint.com IE trusted site: HKU\S-1-5-21-266307271-186719744-3698087808-1023\...\sharepoint.com -> hxxps://eduvaud-files.sharepoint.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2023-09-16 21:34 - 2023-09-16 21:34 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2020-08-13 08:40 - 2023-09-13 21:23 - 000000588 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 8.137.1 LAPTOP-0TV008PC.mshome.net # 2027 9 5 10 11 44 50 223 68.137.239 Macbook.mshome.net # 2022 8 6 27 7 20 23 508 78 301 ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files\Intel\WiFi\bin\;c:\Program Files\Common Files\Intel\WirelessCommon\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-266307271-186719744-3698087808-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Compte intermédiaire\desktop\pinterest —_ @tessarensink_.jpg HKU\S-1-5-21-266307271-186719744-3698087808-1023\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg HKU\S-1-5-21-266307271-186719744-3698087808-1024\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKU\S-1-5-21-266307271-186719744-3698087808-1023\...\StartupApproved\Run: => "Windscribe" HKU\S-1-5-21-266307271-186719744-3698087808-1023\...\StartupApproved\Run: => "Lync" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{80D3A3DE-2113-4EC4-B471-052FAB898A4C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B0540FA3-C078-45DC-BD6B-3BD8CC8DBFE2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3D6BC667-9852-42AF-BD7E-7BDFD64298FD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{11C20832-DFAA-4934-9075-8F08B32F821C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{0EC24E87-8610-4311-B8C7-2A03063949D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{98E9B32E-162E-40BA-AAB6-E2F61D2B4F22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{9AFF1304-D725-494F-82ED-6D398DA4F2FB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [UDP Query User{40CB9366-CE97-44CE-B089-1A37F207DB06}C:\users\flavien\appdata\local\discord\app-1.0.9013\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9013\discord.exe => Pas de fichier FirewallRules: [TCP Query User{3B169FAF-02CC-4F3E-9A03-33DB55CE2268}C:\users\flavien\appdata\local\discord\app-1.0.9013\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9013\discord.exe => Pas de fichier FirewallRules: [UDP Query User{F459A685-CBC9-4F77-BFDA-FF45619D155D}C:\users\flavien\appdata\local\discord\app-1.0.9012\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9012\discord.exe => Pas de fichier FirewallRules: [TCP Query User{36116172-DA0C-447D-8031-2DBCD3DF9805}C:\users\flavien\appdata\local\discord\app-1.0.9012\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9012\discord.exe => Pas de fichier FirewallRules: [{978808C3-B812-49DF-B22E-DB502E305BF0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{FD3E0B12-2425-468F-A10C-83F69FBFE2B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{72F3C046-9D09-4877-8F37-4946725294ED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{995C8591-0848-4F93-9528-A2A2FE3A8302}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [UDP Query User{7C8B94CB-B0A8-4447-8CA4-BFBE12E4AB9A}C:\users\flavien\appdata\local\discord\app-1.0.9011\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9011\discord.exe => Pas de fichier FirewallRules: [TCP Query User{E29E464E-F615-4A74-8453-4FB1021237A1}C:\users\flavien\appdata\local\discord\app-1.0.9011\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9011\discord.exe => Pas de fichier FirewallRules: [{9027972D-40F5-4FE3-AC2C-AD4C63100747}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{316F7AA8-1B4D-49B6-958A-14948232FD3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{B0959F25-8989-4F26-AA8D-C66C3DCBB426}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{19AB8AC5-B311-48B5-A204-701EC4026873}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [UDP Query User{CF352E5B-B896-414F-8744-0E78628CD5A6}C:\users\flavien\appdata\local\discord\app-1.0.9008\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9008\discord.exe => Pas de fichier FirewallRules: [TCP Query User{109E4649-6CEC-4E1E-B3A3-BFE92554F1A2}C:\users\flavien\appdata\local\discord\app-1.0.9008\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9008\discord.exe => Pas de fichier FirewallRules: [UDP Query User{663161CD-4DBA-4894-8CC6-EBD26D8FEA7A}C:\users\flavien\appdata\local\discord\app-1.0.9007\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9007\discord.exe => Pas de fichier FirewallRules: [TCP Query User{6D785236-4FAC-4BF5-9969-71664BB00C98}C:\users\flavien\appdata\local\discord\app-1.0.9007\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9007\discord.exe => Pas de fichier FirewallRules: [UDP Query User{0F652BB1-BD55-41DD-BA19-D3FEC8C2BCDE}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe => Pas de fichier FirewallRules: [TCP Query User{11EECC1F-A7ED-4A64-9556-934BD948A7AA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe => Pas de fichier FirewallRules: [UDP Query User{22AD8F74-C8BF-408A-A7B3-6DDE33F6E84E}C:\users\flavien\appdata\local\discord\app-1.0.9006\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9006\discord.exe => Pas de fichier FirewallRules: [TCP Query User{00ABD6DF-488A-4168-9B59-7E9D6ECB7DEA}C:\users\flavien\appdata\local\discord\app-1.0.9006\discord.exe] => (Block) C:\users\flavien\appdata\local\discord\app-1.0.9006\discord.exe => Pas de fichier FirewallRules: [{81D42035-7E75-436E-9486-EE6C8CC39794}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => Pas de fichier FirewallRules: [{FFA8EA10-55C5-4547-853A-9C1922C47B2B}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => Pas de fichier FirewallRules: [{105899B6-E75F-4AF1-B465-3945CB8900C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3F10C1BD-68C1-41ED-916E-456D6F0E6429}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7DCADC95-2DB5-4723-956C-6AB848E5A14D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FAA559FD-590B-4B6B-A19D-9592FE7712B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{81EF340C-969B-45F2-BD64-6B54C0615862}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6CAF9CDB-8A85-4C04-9307-C73743BD85EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BD548348-D824-4434-B452-73B3B55E3F80}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9723F61D-6D01-4A44-9432-390B18B864A1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{52FAB61B-8B69-4521-A1AB-BF49BF7CF7D4}] => (Allow) C:\Program Files\CyberLink\PowerDirector14\PDR10.EXE => Pas de fichier FirewallRules: [{0CB318CF-A3AE-4DF9-91BD-D65502DA66AD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{820CCA84-9C9B-4A94-8E62-29B47724CE29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{81F485F9-40E3-4073-96E3-B2CB9B8D4D16}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => Pas de fichier FirewallRules: [{935851BF-1D0F-48FC-9955-69C3C118974D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{7EE24B03-EF06-4B9A-A174-96E928CD9C3F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{EC94B6D2-84CF-4ED4-A976-7231BA226829}] => (Allow) c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> ) FirewallRules: [{E18E7EEA-9160-4C60-A126-914AFD3B4A87}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{91276785-BDF5-4B4A-88A6-2070535DA4E7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{D770AA65-735F-4685-AD1F-E3F1BC4AA878}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0C34F6FC-B6F5-4018-977D-A3293E2D75B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{BD623392-FDD5-4D49-81EF-66BBE0A06BA4}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [UDP Query User{F942F863-9B69-4D2F-9AF9-B81142002793}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [{F792AF07-B743-4679-9940-868DE0AE46A8}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe => Pas de fichier FirewallRules: [{F7486E6B-9B43-4422-8CB4-548F32DD1F9E}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe => Pas de fichier FirewallRules: [TCP Query User{50E0A782-BFEA-435F-90DD-0EB381EBEADD}D:\programmes\warthunder\launcher.exe] => (Allow) D:\programmes\warthunder\launcher.exe => Pas de fichier FirewallRules: [UDP Query User{B6F6D7EC-0B55-4BBD-98FF-65D55C636AC7}D:\programmes\warthunder\launcher.exe] => (Allow) D:\programmes\warthunder\launcher.exe => Pas de fichier FirewallRules: [{988F1D39-FBFA-4505-8CA1-CB1CD7E0ED3D}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => Pas de fichier FirewallRules: [{CAFEE5F4-B976-41EE-A4E5-A68D8846F82A}] => (Allow) C:\Users\Compte intermédiaire\AppData\Local\Chromium\Application\chrome.exe => Pas de fichier FirewallRules: [{BB61C106-AFCB-46FD-8D79-DDEE6F34040F}] => (Allow) C:\Users\Compte intermédiaire\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{7777FA33-1A27-4199-A251-28938C58AFF3}] => (Allow) C:\Users\Compte intermédiaire\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier FirewallRules: [TCP Query User{6D73CCC6-622D-4153-9F04-F8E938C70EE1}D:\program files\warthunder\launcher.exe] => (Allow) D:\program files\warthunder\launcher.exe => Pas de fichier FirewallRules: [UDP Query User{209B64CA-E0C4-4872-8DFE-08120F796795}D:\program files\warthunder\launcher.exe] => (Allow) D:\program files\warthunder\launcher.exe => Pas de fichier FirewallRules: [TCP Query User{C102B244-9F17-42E6-B5F2-3FF8A5380E62}D:\program files\warthunder\win64\aces.exe] => (Allow) D:\program files\warthunder\win64\aces.exe => Pas de fichier FirewallRules: [UDP Query User{6AE7AFA4-ED94-4DF9-B1FC-47FC542EB6D5}D:\program files\warthunder\win64\aces.exe] => (Allow) D:\program files\warthunder\win64\aces.exe => Pas de fichier FirewallRules: [TCP Query User{98793E62-2ED1-4EAC-A040-B7FCF0C9FC50}C:\users\compte intermédiaire\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\compte intermédiaire\appdata\local\warthunder\launcher.exe (Gaijin Network Ltd -> Gaijin) FirewallRules: [UDP Query User{2A7468BA-205A-4E6A-B712-126C039400DE}C:\users\compte intermédiaire\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\compte intermédiaire\appdata\local\warthunder\launcher.exe (Gaijin Network Ltd -> Gaijin) FirewallRules: [TCP Query User{97F80286-26EE-42C9-9016-19D3A5096640}C:\users\compte intermédiaire\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\compte intermédiaire\appdata\local\warthunder\win64\aces.exe (Gaijin Network Ltd -> Gaijin Entertainment) FirewallRules: [UDP Query User{A74F4DF2-8D32-4BC9-8DA7-1275B8E5D6B7}C:\users\compte intermédiaire\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\compte intermédiaire\appdata\local\warthunder\win64\aces.exe (Gaijin Network Ltd -> Gaijin Entertainment) FirewallRules: [{DC80581B-EA99-4D11-A7A7-C5300C8A340C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.104.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{B4D47498-CACE-473F-9827-5E0FB99D1ABE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.104.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{BED59945-0DBB-4545-BFA6-24334FA46D7D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.104.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{AF5DFB7E-CB0D-42AC-BC4E-6CE66E474971}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.104.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [TCP Query User{84E3E075-2B7E-4ABE-81FA-644BE2FF6855}C:\users\flavien\appdata\local\bravesoftware\brave-browser\application\brave.exe] => (Block) C:\users\flavien\appdata\local\bravesoftware\brave-browser\application\brave.exe => Pas de fichier FirewallRules: [UDP Query User{A290E668-6F9E-4E79-BA1F-CB285C2953AC}C:\users\flavien\appdata\local\bravesoftware\brave-browser\application\brave.exe] => (Block) C:\users\flavien\appdata\local\bravesoftware\brave-browser\application\brave.exe => Pas de fichier FirewallRules: [{E89DFA14-9958-439D-81A9-8A4B51DC82E5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{23A711B8-EC93-4F64-B01B-5C2F02531292}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{6461C245-3A7B-45F3-926E-54C7EC5842D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{BFE2C382-A77B-4480-A59F-33EF3827C044}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{F93CBBBD-A7FE-4231-9E2B-8158C5BABB42}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{39209A84-C3C5-42CD-AFEB-7F99ADEE85D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{515F1C00-344B-4F6C-A792-7BB6C134C743}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{C633BA61-17A6-4C76-81CE-2293744210A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{087CD395-AC2D-4C4D-A004-7C0A6C4D9B78}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BA423345-1DD0-45B1-897E-6502F288B627}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6A11E74D-1130-4D8D-9986-D914BC7C73EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{7A377D6B-11E4-48F8-A68C-E2FCA6B657E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B8E001DF-8CAC-4ABD-8C43-05209F1DEE9E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{CFBDB6E9-E88A-4A97-96BA-F122AF54E708}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{9DCABC4E-D96D-4409-91A0-BF0451E89AED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{446F38E3-ABC7-4C05-97ED-1A79751E4EA1}] => (Allow) %programfiles%\Qustodio\qapp\qwelcomewzd.exe => Pas de fichier FirewallRules: [{474C2EB6-42F9-49E4-AF66-47E04A015B37}] => (Allow) %programfiles%\Qustodio\qapp\QUpdateService.exe => Pas de fichier FirewallRules: [{BCDB347D-86B6-4C22-A47B-F951E0DED00C}] => (Allow) %programfiles%\Qustodio\qapp\QReport.exe => Pas de fichier FirewallRules: [{93D4BA94-BE9B-470A-86FB-05AA4E36E4FC}] => (Allow) %programfiles%\Qustodio\qproxy\qengine.exe => Pas de fichier FirewallRules: [{C6E0E65B-03AA-4C4E-8968-7ACC28EBBE39}] => (Allow) %programfiles%\Qustodio\qapp\QAppTray.exe => Pas de fichier FirewallRules: [{0F62A48F-1A48-4D86-A02A-0EF79DCE0194}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.60\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C7D00709-AA1B-4D1F-AEB3-D6030C683664}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9C0A81C3-0DD7-4484-A5B1-994373E84CFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DB5F694C-398C-4F97-93E8-0800874A231E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C882789C-A07B-4522-84C3-A9FFCB629AF7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Points de restauration ========================= ATTENTION: La Restauration système est désactivée (Total:118.01 GB) (Free:3.34 GB) (3%) ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (10/09/2023 04:32:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante DropboxOEM.exe, version : 3.1.18.0, horodatage : 0x57e2ea34 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.3448, horodatage : 0x743fa6b7 Code d’exception : 0xe0434352 Décalage d’erreur : 0x0013d902 ID du processus défaillant : 0x4b54 Heure de début de l’application défaillante : 0x01d9fabd5be947e7 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 63960b1d-f7fb-4464-8385-b38151b26d89 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/09/2023 04:32:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : DropboxOEM.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Xml.XmlException à System.Xml.XmlTextReaderImpl.Throw(System.Exception) à System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[]) à System.Xml.XmlTextReaderImpl.ParseText(Int32 ByRef, Int32 ByRef, Int32 ByRef) à System.Xml.XmlTextReaderImpl.ParseText() à System.Xml.XmlTextReaderImpl.ParseElementContent() à System.Xml.XmlTextReaderImpl.Read() à System.Xml.XmlTextReader.Read() à System.Xml.XmlTextReaderImpl.Skip() à System.Xml.XmlTextReader.Skip() à System.Configuration.XmlUtil.StrictSkipToNextElement(System.Configuration.ExceptionAction) à System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) à System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) à System.Configuration.BaseConfigurationRecord.ScanSections(System.Configuration.XmlUtil) à System.Configuration.BaseConfigurationRecord.InitConfigFromFile() Informations sur l'exception : System.Configuration.ConfigurationErrorsException à System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean) à System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(System.Configuration.ConfigurationSchemaErrors) à System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors() à System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs) Informations sur l'exception : System.Configuration.ConfigurationErrorsException à System.Configuration.ConfigurationManager.PrepareConfigSystem() à System.Configuration.ConfigurationManager.RefreshSection(System.String) à System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean) à System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection) à System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider) à System.Configuration.SettingsBase.GetPropertyValueByName(System.String) à System.Configuration.SettingsBase.get_Item(System.String) à System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String) à System.Configuration.ApplicationSettingsBase.get_Item(System.String) à DropboxOEM.Properties.Settings.get_AppLocalFolder() à DropboxOEM.LogUploader.uploadLogs(Boolean, Boolean) à DropboxOEM.App.Application_Startup(System.Object, System.Windows.StartupEventArgs) à System.Windows.Application.OnStartup(System.Windows.StartupEventArgs) à System.Windows.Application.<.ctor>b__1_0(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.DispatcherOperation.InvokeImpl() à System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) à System.Windows.Threading.DispatcherOperation.Invoke() à System.Windows.Threading.Dispatcher.ProcessQueue() à System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) à MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) à MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) à System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) à System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) à System.Windows.Application.RunDispatcher(System.Object) à System.Windows.Application.RunInternal(System.Windows.Window) à System.Windows.Application.Run(System.Windows.Window) à DropboxOEM.App.Main() Error: (10/09/2023 04:03:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 25297 Error: (10/09/2023 04:03:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 25297 Error: (10/09/2023 04:03:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/09/2023 12:03:30 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 16281 Error: (10/09/2023 12:03:30 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 16281 Error: (10/09/2023 12:03:30 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Erreurs système: ============= Error: (10/09/2023 05:01:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service NVIDIA LocalSystem Container s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 6000 millisecondes : Redémarrer le service. Error: (10/09/2023 05:01:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Microsoft Office Click-to-Run Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service. Error: (10/09/2023 05:01:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Intel(R) PROSet/Wireless Event Log s’est terminé de façon inattendue pour la 1ème fois. Error: (10/09/2023 05:01:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service HP JumpStart Bridge s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error: (10/09/2023 05:01:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service SynTPEnh Caller Service s’est terminé de façon inattendue pour la 1ème fois. Error: (10/09/2023 05:01:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service AdobeUpdateService s’est terminé de façon inattendue pour la 1ème fois. Error: (10/09/2023 05:01:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service HP Software Framework Service s’est terminé de façon inattendue pour la 1ème fois. Error: (10/09/2023 05:01:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service HPWMISVC s’est terminé de façon inattendue pour la 1ème fois. Windows Defender: ================ Date: 2023-10-08 16:55:10 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {F31F56AD-CE2C-4E4D-BE6F-AAB478F634B0} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2023-10-07 16:55:07 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {898AF267-B839-4057-9642-6CF98711069B} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2023-10-07 11:52:40 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {1F81CE71-BD13-45B5-AAA6-B042122EEF5B} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2023-10-03 19:02:34 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {2890C85E-CC89-4031-BC59-FA30BAF49A52} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2023-10-02 19:08:03 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {4E76FAA7-F0D0-40EF-B93C-27840BF7DF4B} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2023-10-09 16:30:38 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-10-08 16:53:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: Insyde F.48 06/22/2018 Carte mère: HP 8216 Processeur: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz Pourcentage de mémoire utilisée: 75% Mémoire physique - RAM - totale: 8077.14 MB Mémoire physique - RAM - disponible: 1950.69 MB Mémoire virtuelle totale: 12966.13 MB Mémoire virtuelle disponible: 4793.52 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:3.34 GB) (Model: SanDisk SD8SNAT-128G-1006) NTFS Drive d: () (Fixed) (Total:931.5 GB) (Free:752.42 GB) (Model: WDC WD10JPVX-60JC3T0) NTFS \\?\Volume{28cd6781-fbe3-407a-89b4-28ad29f4c863}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.35 GB) NTFS \\?\Volume{4071e62d-c398-4eeb-8c3f-bbca4aaf4520}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: FFF2AB0D) Partition: GPT. ==================== Fin de Addition.txt =======================