Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02 Exécuté par tudor (16-11-2023 09:08:26) Exécuté depuis C:\Users\tudor\Downloads Microsoft Windows 10 Famille Version 22H2 19045.3570 (X64) (2021-04-18 17:09:23) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-3957000892-2833973652-2960825972-500 - Administrator - Disabled) Bakrchampion (S-1-5-21-3957000892-2833973652-2960825972-1004 - Limited - Enabled) => C:\Users\Bakrchampion DefaultAccount (S-1-5-21-3957000892-2833973652-2960825972-503 - Limited - Disabled) Invité (S-1-5-21-3957000892-2833973652-2960825972-501 - Limited - Disabled) merlr (S-1-5-21-3957000892-2833973652-2960825972-1003 - Limited - Disabled) tudor (S-1-5-21-3957000892-2833973652-2960825972-1001 - Administrator - Enabled) => C:\Users\tudor WDAGUtilityAccount (S-1-5-21-3957000892-2833973652-2960825972-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat Reader - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 23.006.20380 - Adobe Systems Incorporated) Adobe Connect (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\Adobe Connect App) (Version: 2019.1.2.32 - Adobe Systems Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{AEEF33DD-E3B9-4049-B709-0E546C2B1AAB}) (Version: 20.25.401.14526 - Alcor Micro Corp.) Anki (HKLM-x32\...\Anki) (Version: 2.1.54 - ) AnyTrans for Android (HKLM-x32\...\AnyTrans for Android) (Version: - iMobie Inc.) ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.) ASUS GiftBox Service (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 3.0.7 - ASUSTeK COMPUTER INC.) ASUS Hello (HKLM-x32\...\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.5.4 - ASUSTeK COMPUTER INC.) ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.20 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.23.0001 - ASUS) ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0060 - ASUSTeK COMPUTER INC.) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.5.64 - ICEpower a/s) Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.12.105.1006 - now.gg, Inc.) BlueStacks Services (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\BlueStacksServices) (Version: 3.0.2 - now.gg, Inc.) BlueStacks X (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\BlueStacks X) (Version: 10.2.10.1002 - now.gg, Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 119.1.60.118 - Auteurs de Brave) CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform) ChessX version 1.5.6 (HKLM\...\{8EB04E4D-9D75-4663-AAB2-ED6F742BEA58}}_is1) (Version: 1.5.6 - chessx.sourceforge.net) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.95.69 - Conexant) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) DeepL (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE) Docs (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\8d9bcc6cdcebd050493a9bdf9219a6de) (Version: 1.0 - Google\Chrome) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.1 - Seiko Epson Corporation) Feuilles de calcul (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\e489c821d5a6102a5b39d29c4da22864) (Version: 1.0 - Google\Chrome) FonePaw pour Android 2.9.0 (HKLM-x32\...\{10E7BD57-C5FE-484f-A3F2-A1755286C0A7}_is1) (Version: 2.9.0 - FonePaw) Gmail (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\8b08ad51532268c14c8577b08344a8ad) (Version: 1.0 - Google\Chrome) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.125 - Google LLC) Google Drive (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\ab3fc1e40f83b903eb16fff19eb35a1f) (Version: 1.0 - Google\Chrome) GoTo Opener (HKLM-x32\...\{C2A61D74-BB65-42AD-B81F-AC25E1F7DE02}) (Version: 1.0.536 - LogMeIn, Inc.) GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.) Grec avec clavier français — Michael Langlois — 1.2 (HKLM\...\{DA8041CD-904C-4FB6-8EAB-C390663F0046}) (Version: 1.0.3.40 - Michael Langlois) Hearthstone Deck Tracker (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\HearthstoneDeckTracker) (Version: 1.20.17 - HearthSim) Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{871689FB-5226-4641-8ED2-6FDAA2DF65C1}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{D9D63ED7-B857-450C-B46A-1371885084E5}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.3.1019 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{5EB3AF86-EFD5-4BB9-99BC-27CFA5483BCA}) (Version: 15.7.3.1019 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{0C21BBE5-F4B4-42E2-AE4B-BE210BB1B8AB}) (Version: 30.100.1725.1 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation) Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000071-0190-1033-84C8-B8D95FA3C8C3}) (Version: 19.71.0 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{32A56A06-5D92-4CF3-A2AB-43F7A58A657E}) (Version: 20.60.0.1530 - Intel Corporation) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{d5c53162-d8b4-4547-8a40-917a25c0172e}) (Version: 20.60.0 - Intel Corporation) Malwarebytes version 4.6.6.294 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.6.294 - Malwarebytes) Messenger (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 199.0.534762598 - Facebook, Inc.) Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.16924.20124 - Microsoft Corporation) Microsoft 365 - ro-ro (HKLM\...\O365HomePremRetail - ro-ro) (Version: 16.0.16924.20124 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.58 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.58 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\OneDriveSetup.exe) (Version: 23.221.1024.0002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3957000892-2833973652-2960825972-1004\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{D736B443-AF61-4775-9488-DDF59F87BD1F}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F102A269-3323-427C-914D-E5E71F61453D}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Mozilla Firefox 64.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 64.0.2 (x64 fr)) (Version: 64.0.2 - Mozilla) Mozilla Thunderbird (x64 fr) (HKLM\...\Mozilla Thunderbird 115.4.2 (x64 fr)) (Version: 115.4.2 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20078 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.16924.20088 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.11 (HKLM-x32\...\{89DCB28E-BB7B-41AA-8E58-F710C6C4F234}) (Version: 4.111.9808 - Apache Software Foundation) Présentations (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\8cb5c2269b19261255cd5b08be775fec) (Version: 1.0 - Google\Chrome) Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.16.321.2017 - Realtek) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Scrivener (HKLM\...\Scrivener 3) (Version: 3.1.5.1 - Literature and Latte) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23052.1 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23052.1 - Samsung Electronics Co., Ltd.) UCMcxRTK (HKLM-x32\...\{2441B0B9-F24A-4DD3-97FC-5AC3495162DD}) (Version: 10.0.15063.101 - Realtek Semiconductor Corp.) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.46-1 - Wacom Technology Corp.) WhatsApp (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\WhatsApp) (Version: 2.2310.5 - WhatsApp) WhatsApp (HKU\S-1-5-21-3957000892-2833973652-2960825972-1004\...\WhatsApp) (Version: 2.2216.8 - WhatsApp) Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (04/21/2017 11.0.0.16) (HKLM\...\7517F958DC823EE4C12050C16EFF05886960ABEF) (Version: 04/21/2017 11.0.0.16 - ASUS) Wondershare PDFelement ( Version 9.1.0 ) (HKLM\...\{BC2AC233-DEF1-4D05-B6B8-6B46AA69E885}_is1) (Version: 9.1.0 - Wondershare) YouTube (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\f1b2f52545316809ee8ac42a816c1d2f) (Version: 1.0 - Google\Chrome) Zoom (HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\ZoomUMX) (Version: 5.15.7 (20303) - Zoom Video Communications, Inc.) Zoom Rooms (HKLM-x32\...\Zoom Rooms) (Version: 4.6 - Zoom Video Communications, Inc.) Zotero (HKLM-x32\...\Zotero 5.0.74 (x86 en-US)) (Version: 5.0.74 - Corporation for Digital Scholarship) Packages: ========= Adobe Acrobat Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC [2023-11-15] () Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-09-22] (Adobe Systems Incorporated) ASUS Battery Health Charging -> C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy [2018-08-24] (ASUSTeK COMPUTER INC.) [Startup Task] ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.2.4.0_x64__qmba6cd70vzyy [2022-05-15] (ASUSTeK COMPUTER INC.) ASUS Product Registration Program -> C:\Program Files\WindowsApps\B9ECED6F.ASUSProductRegistrationProgram_3.0.3.0_x86__qmba6cd70vzyy [2018-08-24] (ASUSTeK COMPUTER INC.) [Startup Task] Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-07-14] (Canon Inc.) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.19.954.0_x64__rz1tebttyb220 [2023-10-31] (Dolby Laboratories) Fresco -> C:\Program Files\WindowsApps\Adobe.Fresco_4.1.0.1104_x64__pc75e8sa7ep4e [2022-11-19] (Adobe Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-12] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-18] (Microsoft Corporation) [MS Ad] Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2310.25001.0_x64__8wekyb3d8bbwe [2023-11-12] (Microsoft Corporation) [Startup Task] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2023-10-31] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-05-15] (Netflix, Inc.) Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1108.0_x64__8wekyb3d8bbwe [2023-11-15] (Microsoft Corporation) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2344.5.0_x64__cv1g1gvanyjgm [2023-11-15] (WhatsApp Inc.) [Startup Task] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3957000892-2833973652-2960825972-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7BDCEA87C953} -> [Creative Cloud Files] => C:\Users\tudor\Creative Cloud Files [2022-09-22 13:58] CustomCLSID: HKU\S-1-5-21-3957000892-2833973652-2960825972-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-3957000892-2833973652-2960825972-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\tudor\AppData\Local\GoToMeeting\19932\G2MOutlookAddin64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-3957000892-2833973652-2960825972-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> "C:\Users\tudor\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe" -ToastActivated => Pas de fichier CustomCLSID: HKU\S-1-5-21-3957000892-2833973652-2960825972-1001_Classes\CLSID\{D0E646DB-70D6-4D13-BF56-02CA96FACE5C}\InprocServer32 -> LptdS3.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-3957000892-2833973652-2960825972-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-3957000892-2833973652-2960825972-1001_Classes\CLSID\{fcf0f353-0070-42e8-a043-e5b4f3de72a2}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => Pas de fichier ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-04] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-04] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-04] (Adobe Inc. -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-04] (Adobe Inc. -> ) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Pas de fichier ContextMenuHandlers1: [PDFelement.ContextMenu] -> {ea6c980d-7823-3752-88ac-d43b3a873d20} => C:\Program Files\Common Files\Wondershare\PDFelement9\Shell Extensions\PEShellContextMenu.exe [2022-09-22] (Wondershare Technology Group Co.,Ltd -> Wondershare) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-05] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Pas de fichier ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxDTCM.dll [2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-04] (Adobe Inc. -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-05] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\tudor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Tudor - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ==================== Modules chargés (Avec liste blanche) ============= 2023-05-15 22:37 - 2022-08-21 02:44 - 001160192 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\tudor\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll 2023-11-16 08:56 - 2023-11-16 08:56 - 002319872 _____ () [Fichier non signé] \\?\C:\Users\tudor\AppData\Local\Temp\c6621a24-8b82-4a69-accd-f81d23d75267.tmp.node 2017-10-03 13:45 - 2017-10-03 13:45 - 000147968 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2017-10-24 12:24 - 2017-10-24 12:24 - 000036864 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2023-05-15 22:37 - 2022-08-19 08:38 - 175591424 _____ () [Fichier non signé] C:\Users\tudor\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll 2023-05-15 22:37 - 2022-08-19 07:11 - 000442880 _____ () [Fichier non signé] C:\Users\tudor\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll 2023-05-15 22:38 - 2022-08-19 07:10 - 006480384 _____ () [Fichier non signé] C:\Users\tudor\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll 2023-05-15 22:38 - 2022-08-19 07:07 - 004077568 _____ () [Fichier non signé] C:\Users\tudor\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll 2023-05-15 22:37 - 2022-08-19 07:10 - 000828928 _____ () [Fichier non signé] C:\Users\tudor\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll 2023-07-10 10:04 - 2023-10-19 07:28 - 002862080 _____ () [Fichier non signé] C:\Users\tudor\AppData\Local\Programs\bluestacks-services\ffmpeg.dll 2023-07-10 10:04 - 2023-10-19 07:28 - 000479232 _____ () [Fichier non signé] C:\Users\tudor\AppData\Local\Programs\bluestacks-services\libegl.dll 2023-07-10 10:04 - 2023-10-19 07:28 - 007513600 _____ () [Fichier non signé] C:\Users\tudor\AppData\Local\Programs\bluestacks-services\libglesv2.dll 2023-07-10 10:04 - 2023-10-19 07:28 - 005209088 _____ () [Fichier non signé] C:\Users\tudor\AppData\Local\Programs\bluestacks-services\vk_swiftshader.dll 2023-09-21 09:49 - 2023-09-21 09:49 - 000372736 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\def34e5eb79873571bddb321783ea3f5\Interop.CxHDAudioAPILib.ni.dll 2023-09-21 09:49 - 2023-09-21 09:49 - 000018944 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\1336c9fce28e5a889036ed4160a534c6\Interop.CxUtilSvcLib.ni.dll 2017-10-24 12:24 - 2017-10-24 12:24 - 000073216 _____ (ASUS TeK Computer Inc.) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll 2017-10-24 12:24 - 2017-10-24 12:24 - 000242688 _____ (ASUS TeK Computer Inc.) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll 2017-10-24 12:24 - 2017-10-24 12:24 - 000407040 _____ (ASUSTeK Computer Inc.) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll 2020-02-05 08:58 - 2018-03-13 09:21 - 001173504 _____ (Conexant Systems, Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll 2023-05-15 22:38 - 2022-08-19 07:16 - 001231872 _____ (The Chromium Authors) [Fichier non signé] C:\Users\tudor\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll 2017-10-24 12:24 - 2017-10-24 12:24 - 000403968 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ColorUGameDLL.dll 2017-10-24 12:24 - 2017-10-24 12:24 - 000029184 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2017-11-15 13:16 - 2017-11-15 13:16 - 000250368 _____ (Windows (R) Codename Longhorn DDK provider) [Fichier non signé] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE HKU\S-1-5-21-3957000892-2833973652-2960825972-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE HKU\S-1-5-21-3957000892-2833973652-2960825972-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll => Pas de fichier BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-11-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll => Pas de fichier Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\...\localhost -> localhost ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-09-29 14:46 - 2019-01-07 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2022-01-15 23:05 - 2022-01-15 23:10 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-3957000892-2833973652-2960825972-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg HKU\S-1-5-21-3957000892-2833973652-2960825972-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{C7331F76-2EFD-4EBD-995E-EE4646219A47}] => (Allow) C:\Users\tudor\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{A2768246-D232-4194-A7BF-EF5004B0CA86}] => (Allow) C:\Users\tudor\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{AD1DA8C4-665B-4B6A-BDF0-84D3F46BAB57}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\mDNSResponder.exe (Zoom Video Communications, Inc. -> Audinate Pty Ltd) FirewallRules: [{CBB8225F-F948-4EB3-947A-CB8C70777890}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\ptp.exe (Zoom Video Communications, Inc. -> Audinate Pty Ltd) FirewallRules: [{624F9453-5566-4616-A9D6-C32C6AE4FD0A}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\conmon_server.exe (Zoom Video Communications, Inc. -> Audinate Pty Ltd) FirewallRules: [{7F897921-92D1-4819-8DE9-27410381F59D}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\apec3.exe (Zoom Video Communications, Inc. -> Audinate Pty Ltd) FirewallRules: [{3FA1276F-7E63-477C-B513-E03005DC5EE1}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\zaapi.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc) FirewallRules: [{28B85286-9D14-4A80-9183-0BE7F01D9458}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\zrairhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{4F22ECE7-535E-46D0-BEDD-E85D93465260}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\ZoomRooms.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{3A20BCAC-D0C5-443A-A47A-FD50794FB266}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A7EB0036-5448-47AB-948B-FF39A9424E62}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2BE13747-CD1B-49E0-B105-8FD19AA5714C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => Pas de fichier FirewallRules: [UDP Query User{02EC2FAF-A4B3-4894-9640-961B4FB2D23F}C:\games\iw4x\iw4x.exe] => (Allow) C:\games\iw4x\iw4x.exe => Pas de fichier FirewallRules: [TCP Query User{A4E4A75E-689F-446C-BAF9-F9A573C9D272}C:\games\iw4x\iw4x.exe] => (Allow) C:\games\iw4x\iw4x.exe => Pas de fichier FirewallRules: [UDP Query User{D9788FDB-1F31-49D9-BF20-A0B8755E64C4}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe => Pas de fichier FirewallRules: [TCP Query User{3DF14A99-7A9C-4FBA-88C3-4177FF952CE5}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1\bf1.exe => Pas de fichier FirewallRules: [{E0143550-E1E8-4C66-AA0B-D453B78DFFBD}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.) FirewallRules: [TCP Query User{3CFE1197-4162-48DD-B1A0-5D9AE6C68071}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => Pas de fichier FirewallRules: [UDP Query User{56201214-9AD5-4ACF-932F-1047A9AF2C42}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => Pas de fichier FirewallRules: [TCP Query User{D4B83B0A-0B25-4D2A-970A-58355A0A9B6A}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => Pas de fichier FirewallRules: [UDP Query User{5DC5E37D-D56F-412C-8B52-73F34EA465ED}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => Pas de fichier FirewallRules: [TCP Query User{2EB0D685-1D55-48ED-91D6-2E2FA10FA6C4}C:\users\tudor\appdata\roaming\utorrent\updates\3.5.5_45231.exe] => (Block) C:\users\tudor\appdata\roaming\utorrent\updates\3.5.5_45231.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{305839D7-8B32-448F-8409-F34063BCA552}C:\users\tudor\appdata\roaming\utorrent\updates\3.5.5_45231.exe] => (Block) C:\users\tudor\appdata\roaming\utorrent\updates\3.5.5_45231.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{3A336F57-3DBF-41A5-B9C6-EFB3FE276334}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Pas de fichier FirewallRules: [{0ECAC3F7-68A3-4FAF-9C31-C57AD286FB4C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Pas de fichier FirewallRules: [{B398BF90-0431-445C-A16E-B7B0E3D0BB40}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier FirewallRules: [{49F22E98-D8BF-4934-9EE8-41E2188D8E7E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier FirewallRules: [TCP Query User{252D9C5E-D50D-49D0-B656-504940BFEB9F}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => Pas de fichier FirewallRules: [UDP Query User{426B72BB-3514-4CB4-9AC5-83850D27CD3B}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => Pas de fichier FirewallRules: [{F82FB1DF-04D6-483D-A213-9DEC33679E4E}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{CEF6D9AE-DF7A-4D6B-BABE-1816CE5ACE67}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{514AE1D7-754A-47E0-85F2-C5ECC6FDE3D2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Pas de fichier FirewallRules: [{BD307E05-B3CC-486B-AF3E-1B1FA6101AF1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Pas de fichier FirewallRules: [TCP Query User{5F1D4A88-2830-476C-B282-B4B6B551AD7E}C:\users\tudor\appdata\local\programs\lelivrescolaire.fr\lelivrescolaire.fr.exe] => (Allow) C:\users\tudor\appdata\local\programs\lelivrescolaire.fr\lelivrescolaire.fr.exe => Pas de fichier FirewallRules: [UDP Query User{E47A9B6E-6AE2-4BFC-BC26-F26BE3BADD81}C:\users\tudor\appdata\local\programs\lelivrescolaire.fr\lelivrescolaire.fr.exe] => (Allow) C:\users\tudor\appdata\local\programs\lelivrescolaire.fr\lelivrescolaire.fr.exe => Pas de fichier FirewallRules: [TCP Query User{4E9C6761-E209-471D-9725-667FE0B2ADAD}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Pas de fichier FirewallRules: [UDP Query User{6723995E-4816-409B-8EFA-B5A1C01ECEFF}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Pas de fichier FirewallRules: [TCP Query User{D0CF07B4-6ACD-40FE-82AF-618CD9970CC8}C:\users\tudor\appdata\local\programs\ringcentral\ringcentral.exe] => (Allow) C:\users\tudor\appdata\local\programs\ringcentral\ringcentral.exe => Pas de fichier FirewallRules: [UDP Query User{E4827551-9EE7-47C4-9BAF-33BDD6A8A7DB}C:\users\tudor\appdata\local\programs\ringcentral\ringcentral.exe] => (Allow) C:\users\tudor\appdata\local\programs\ringcentral\ringcentral.exe => Pas de fichier FirewallRules: [{5121B8D2-74D0-4B35-8C29-E35612418506}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{36E54168-4C40-41A4-A4D4-8B9EE5AD8E80}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.) FirewallRules: [{792F7EC9-D988-423A-95A6-EFBC314229BA}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME) FirewallRules: [{7C77D0AF-F421-420A-B4ED-3E9D6302AEB2}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems) FirewallRules: [{C0CE3199-0E46-4E05-A1AB-CA3671FD8D34}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.) FirewallRules: [{A5CE7C06-1305-4FF9-ACFA-698CDF32695E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{298A8314-1670-4E2C-9B67-632FE3D738FB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D9B28083-B567-4628-9045-DFCF2D108285}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C65869C4-1DF1-48FB-B710-38FE47641364}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F74B8315-EA99-4142-B254-3AF746D3979E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.107.3215.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F3A09192-9301-4A43-A807-1469C6B8C9BE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{DF28E8BE-62B5-468C-8C3E-623CDFEDF5FD}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) ==================== Points de restauration ========================= 15-11-2023 10:40:57 Programme d’installation pour les modules Windows 15-11-2023 10:41:50 Programme d’installation pour les modules Windows 15-11-2023 10:42:49 Programme d’installation pour les modules Windows 15-11-2023 16:40:38 Programme d’installation pour les modules Windows ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (11/16/2023 08:23:56 AM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT) Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 57534097 ms DPTF Build Version: 8.6.10401.9906 DPTF Build Date: Jun 14 2019 17:55:37 Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79 Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy Message: Unhandled exception caught during execution of work item Framework Event: DomainPowerControlCapabilityChanged [25] Participant: TCPU [1] Domain: Invalid [0] Policy: Passive Policy 2 [1] Exception Function: Policy::executeDomainPowerControlCapabilityChanged Exception Text: invalid map key Error: (11/16/2023 12:30:08 AM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT) Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 29106056 ms DPTF Build Version: 8.6.10401.9906 DPTF Build Date: Jun 14 2019 17:55:37 Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79 Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy Message: Unhandled exception caught during execution of work item Framework Event: DomainPowerControlCapabilityChanged [25] Participant: TCPU [0] Domain: Invalid [0] Policy: Passive Policy 2 [1] Exception Function: Policy::executeDomainPowerControlCapabilityChanged Exception Text: invalid map key Error: (11/15/2023 11:12:21 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme SystemSettings.exe version 10.0.19041.3570 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 39ac Heure de début : 01da17e13ce630e8 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\ImmersiveControlPanel\SystemSettings.exe ID de rapport : 6d6e4b5c-ba34-4bee-8c5f-dc79046ea418 Nom complet du package défectueux : windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : microsoft.windows.immersivecontrolpanel Type de blocage : Quiesce Error: (11/15/2023 10:21:10 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT) Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 21367108 ms DPTF Build Version: 8.6.10401.9906 DPTF Build Date: Jun 14 2019 17:55:37 Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79 Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy Message: Unhandled exception caught during execution of work item Framework Event: DomainPowerControlCapabilityChanged [25] Participant: TCPU [1] Domain: Invalid [0] Policy: Passive Policy 2 [1] Exception Function: Policy::executeDomainPowerControlCapabilityChanged Exception Text: invalid map key Error: (11/15/2023 08:37:16 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT) Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 15133995 ms DPTF Build Version: 8.6.10401.9906 DPTF Build Date: Jun 14 2019 17:55:37 Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79 Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy Message: Unhandled exception caught during execution of work item Framework Event: DomainPowerControlCapabilityChanged [25] Participant: TCPU [1] Domain: Invalid [0] Policy: Passive Policy 2 [1] Exception Function: Policy::executeDomainPowerControlCapabilityChanged Exception Text: invalid map key Error: (11/15/2023 08:05:30 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT) Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 13227381 ms DPTF Build Version: 8.6.10401.9906 DPTF Build Date: Jun 14 2019 17:55:37 Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79 Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy Message: Unhandled exception caught during execution of work item Framework Event: DomainPowerControlCapabilityChanged [25] Participant: TCPU [1] Domain: Invalid [0] Policy: Passive Policy 2 [1] Exception Function: Policy::executeDomainPowerControlCapabilityChanged Exception Text: invalid map key Error: (11/15/2023 06:07:57 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-45P3M699) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (11/15/2023 04:40:26 PM) (Source: DPTF) (EventID: 17) (User: AUTORITE NT) Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 923443 ms DPTF Build Version: 8.6.10401.9906 DPTF Build Date: Jun 14 2019 17:55:37 Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79 Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy Message: Unhandled exception caught during execution of work item Framework Event: DomainPowerControlCapabilityChanged [25] Participant: TCPU [1] Domain: Invalid [0] Policy: Passive Policy 2 [1] Exception Function: Policy::executeDomainPowerControlCapabilityChanged Exception Text: invalid map key Erreurs système: ============= Error: (11/16/2023 08:55:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service MBAMService n’a pas pu démarrer en raison de l’erreur : Windows ne peut pas vérifier la signature numérique de ce fichier. Il est possible qu’une modification matérielle ou logicielle récente ait installé un fichier endommagé ou dont la signature est incorrecte, ou qu’il s’agisse d’un logiciel malveillant provenant d’une source inconnue. Error: (11/16/2023 08:55:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service SecDrv n’a pas pu démarrer en raison de l’erreur : Le chargement du pilote a été bloqué Error: (11/16/2023 08:55:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service LMS n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (11/16/2023 08:24:32 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-45P3M699) Description: Le serveur {9AA46009-3CE0-458A-A354-715610A075E6} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/16/2023 08:24:32 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-45P3M699) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/16/2023 08:24:32 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-45P3M699) Description: Le serveur {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/16/2023 08:24:32 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-45P3M699) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/16/2023 08:24:32 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-45P3M699) Description: Le serveur {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Windows Defender: ================ Date: 2023-11-15 18:07:35 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {FB3BC31A-5B85-4E34-B54F-902DD99C0BAF} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2023-11-16 09:04:29 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-11-16 08:55:53 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-11-16 08:55:49 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\GrFr12.dll that did not meet the Windows signing level requirements. Date: 2023-11-15 17:50:40 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. UX410UAR.309 04/16/2019 Carte mère: ASUSTeK COMPUTER INC. UX410UAR Processeur: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz Pourcentage de mémoire utilisée: 91% Mémoire physique - RAM - totale: 8074.86 MB Mémoire physique - RAM - disponible: 725.08 MB Mémoire virtuelle totale: 25276.12 MB Mémoire virtuelle disponible: 15590.7 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:237.42 GB) (Free:49.35 GB) (Model: HFS256G39TND-N210A) NTFS \\?\Volume{1a686d01-6132-4860-a2ff-d79ece0d71a4}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.19 GB) NTFS \\?\Volume{02be2c25-33d2-4db0-b3fa-f8d618accec1}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 6DC472EB) Partition: GPT. ==================== Fin de Addition.txt =======================