Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27.01.2024 01 Exécuté par Admin R (28-01-2024 20:02:03) Exécuté depuis C:\Users\Admin R\Desktop Microsoft Windows 10 Professionnel Version 22H2 19045.3930 (X64) (2021-01-05 18:33:22) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Admin R (S-1-5-21-1243922167-2392459145-2998924318-1001 - Administrator - Enabled) => C:\Users\Admin R Administrateur (S-1-5-21-1243922167-2392459145-2998924318-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1243922167-2392459145-2998924318-503 - Limited - Disabled) Invité (S-1-5-21-1243922167-2392459145-2998924318-501 - Limited - Disabled) Ralph Ballmer (S-1-5-21-1243922167-2392459145-2998924318-1000 - Limited - Enabled) => C:\Users\Ralph Ballmer WDAGUtilityAccount (S-1-5-21-1243922167-2392459145-2998924318-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.) Adobe Photoshop Elements 2020 (HKLM-x32\...\PSE_18_2) (Version: 18.0 - Adobe Inc.) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.) Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden AnyTrans for Android (HKLM-x32\...\AnyTrans for Android) (Version: 7.1.0 - iMobie Inc.) ArteVOD Offline Player 3.0.6 (HKLM\...\4e5f7455-ac3f-516c-9fc1-b3c1ee5857d0) (Version: 3.0.6 - ) Audacity 3.4.2 (HKLM-x32\...\Audacity_is1) (Version: 3.4.2 - Audacity Team) calibre 64bit (HKLM\...\{920E3ABA-79B1-4194-A409-2B51E2DC61E9}) (Version: 6.25.0 - Kovid Goyal) Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.) Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.2.51 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.) Canon TS8100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS8100_series) (Version: 1.02 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform) Clic & Tax 2023 23.3.4 (HKLM-x32\...\NP_NE_2023) (Version: 23.3.4 - Ringler Informatik AG) Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - ) Cobian Reflector (HKLM\...\Cobian Reflector) (Version: 2.3.12 - Luis Cobian) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) CopyTrans Control Center désinstallation uniquement (HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\CopyTrans Suite) (Version: 5.003 - WindSolutions) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden D-Link DWA-171 (HKLM\...\{10C338DB-DE77-49C9-83CE-8E85509C036E}_is1) (Version: 3.01 - D-Link Corporation) DownloadHelper CoApp (HKLM-x32\...\DownloadHelper CoApp) (Version: 2.0.10.0 - ACLAP) DVD Flick v2 1.3.1.0 (HKLM-x32\...\DVD Flick v2_is1) (Version: 1.3.1.0 - Dennis Meuwissen) Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation) Epson Guide d'utilisation Epson Perfection V550 Photo (HKLM-x32\...\Epson Perfection V550 Photo Useg) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.3 - ) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft) Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Généatique 2020 (HKLM-x32\...\{BD4F48FF-79AE-42CC-A52E-918AFF8235FB}_is1) (Version: 2020.1.8.0.0 - CDIP) HDCleaner (HKLM\...\HDCleaner) (Version: 1.276 - Kurt Zimmermann) HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.) HouseCall for Home Networks (HKLM\...\DRScanner) (Version: 5.3.1313 - Trend Micro Inc.) ifolor Designer (HKLM-x32\...\ifolor-Designer) (Version: - Ifolor AG) Intel(R) Chipset Device Software (HKLM\...\{0B9D5D50-1530-496F-81FF-CB1B4A298FCA}) (Version: 10.0.14 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{5282A61E-0333-4D18-9F8F-3C6101C0DCD2}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{62C59ABA-8CEE-440F-9117-AED4DC5036D6}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Network Connections 27.0.0.3 (HKLM\...\{01FD1770-03E3-4949-88FE-BD77BA60F51E}) (Version: 27.0.0.3 - Intel) Hidden Intel(R) Network Connections 27.0.0.3 (HKLM\...\PROSetDX) (Version: 27.0.0.3 - Intel) Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.3.42 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{3DE97849-544D-4D68-9255-11DF6F9F10D8}) (Version: 1.35.127.1 - Intel Corporation) Hidden LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Logiciel de téléchargement pour Généatique 2020 (HKLM-x32\...\{9C811791-DB15-46B0-8FFE-56D75F6F7696}_is1) (Version: - CDIP) Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e}) (Version: 10.0.14 - Intel(R) Corporation) Hidden Malwarebytes version 4.6.3.282 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.3.282 - Malwarebytes) MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.) Menu Templates - Starter Kit (HKLM-x32\...\{B78120A0-CF84-4366-A393-4D0A59BC546C}) (Version: 9.6.0.0 - Nero AG) Hidden Microsoft .NET Framework 4.8 (FRA) (HKLM\...\{EED6E294-BB0E-32E8-B448-92F2B59EB418}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.26 (x64) (HKLM\...\{87EBA554-A002-4EF4-A612-4FFD06092B5B}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.26 - Shared Framework (x64) (HKLM-x32\...\{fc672bf5-721d-4dd3-98e9-c9ffcf762507}) (Version: 6.0.26.23605 - Microsoft Corporation) Microsoft ASP.NET Core 6.0.26 Shared Framework (x64) (HKLM\...\{ED755FBF-3CAE-3206-A32D-16E67F7CC9A3}) (Version: 6.0.26.23605 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.83 - Microsoft Corporation) Microsoft Office Access MUI (French) 2010 (HKLM-x32\...\{90140000-0015-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (French) 2010 (HKLM-x32\...\{90140000-0016-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (French) 2010 (HKLM-x32\...\{90140000-00BA-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (French) 2010 (HKLM-x32\...\{90140000-0044-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (French) 2010 (HKLM-x32\...\{90140000-00A1-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (French) 2010 (HKLM-x32\...\{90140000-001A-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (French) 2010 (HKLM-x32\...\{90140000-0018-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professionnel Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (Arabic) 2010 (HKLM-x32\...\{90140000-001F-0401-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Dutch) 2010 (HKLM-x32\...\{90140000-001F-0413-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (French) 2010 (HKLM-x32\...\{90140000-002C-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (French) 2010 (HKLM-x32\...\{90140000-0019-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (French) 2010 (HKLM\...\{90140000-002A-040C-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (French) 2010 (HKLM-x32\...\{90140000-006E-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (French) 2010 (HKLM-x32\...\{90140000-001B-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM-x32\...\{b2476903-b8da-4dcc-903f-378730bb4c48}) (Version: 6.0.26.33205 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Templates - Starter Kit (HKLM-x32\...\{E498385E-1C51-459A-B45F-1721E37AA1A0}) (Version: 9.6.0.0 - Nero AG) Hidden Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 122.0 (x64 fr)) (Version: 122.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0 - Mozilla) MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) myCloud Desktop 23.47.4 (HKLM\...\6427-8897-8914-3516) (Version: 23.47.4 - Swisscom (Schweiz) AG) MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels) Naviextras Toolbox (HKLM-x32\...\Naviextras Toolbox) (Version: 3.18.5.775151 - NNG Llc.) Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.) Nero 9 Essentials (HKLM-x32\...\{38f1a299-e562-4f92-a68f-610f85f3ae29}) (Version: - Nero AG) Nero BurnRights (HKLM-x32\...\{7829DB6F-A066-4E40-8912-CB07887C20BB}) (Version: 3.4.13.100 - Nero AG) Hidden Nero BurnRights Help (HKLM-x32\...\{F6BDD7C5-89ED-4569-9318-469AA9732572}) (Version: 3.4.4.100 - Nero AG) Hidden Nero ControlCenter (HKLM-x32\...\{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}) (Version: 9.0.0.1 - Nero AG) Hidden Nero ControlCenter (HKLM-x32\...\{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}) (Version: 9.0.0.1 - Nero AG) Hidden Nero DiscSpeed (HKLM-x32\...\{869200DB-287A-4DC0-B02B-2B6787FBCD4C}) (Version: 5.4.13.100 - Nero AG) Hidden Nero DriveSpeed (HKLM-x32\...\{33CF58F5-48D8-4575-83D6-96F574E4D83A}) (Version: 4.4.12.100 - Nero AG) Hidden Nero Express Help (HKLM-x32\...\{83202942-84B3-4C50-8622-B8C0AA2D2885}) (Version: 9.4.39.100 - Nero AG) Hidden Nero InfoTool (HKLM-x32\...\{FBCDFD61-7DCF-4E71-9226-873BA0053139}) (Version: 6.4.12.100 - Nero AG) Hidden Nero Installer (HKLM-x32\...\{E8A80433-302B-4FF1-815D-FCC8EAC482FF}) (Version: 4.4.9.0 - Nero AG) Hidden Nero Online Upgrade (HKLM-x32\...\{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}) (Version: 1.3.0.0 - Nero AG) Hidden Nero ShowTime (HKLM-x32\...\{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}) (Version: 5.4.27.100 - Nero AG) Hidden Nero StartSmart (HKLM-x32\...\{7748AC8C-18E3-43BB-959B-088FAEA16FB2}) (Version: 9.4.40.100 - Nero AG) Hidden Nero StartSmart Help (HKLM-x32\...\{2348B586-C9AE-46CE-936C-A68E9426E214}) (Version: 9.4.40.100 - Nero AG) Hidden Nero Vision (HKLM-x32\...\{43E39830-1826-415D-8BAE-86845787B54B}) (Version: 6.4.19.100 - Nero AG) Hidden Nero Vision Help (HKLM-x32\...\{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}) (Version: 6.4.15.100 - Nero AG) Hidden NeroExpress (HKLM-x32\...\{595A3116-40BB-4E0F-A2E8-D7951DA56270}) (Version: 1.0.0.0 - Nero AG) Hidden neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote graphique 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation) Opera Stable 105.0.4970.48 (HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Opera 105.0.4970.48) (Version: 105.0.4970.48 - Opera Software) Opera Stable 105.0.4970.48 (HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Opera 105.0.4970.48) (Version: 105.0.4970.48 - Opera Software) Opera Stable 106.0.4998.52 (HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Opera 106.0.4998.52) (Version: 106.0.4998.52 - Opera Software) Opera Stable 66.0.3515.103 (HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Opera 66.0.3515.103) (Version: 66.0.3515.103 - Opera Software) Package de pilotes Windows - STMicroelectronics (usbser) Ports (04/25/2010 1.3.1) (HKLM\...\3EC7C72AA67B4ECE1197C3CAF0460DE1FCEFBFF5) (Version: 04/25/2010 1.3.1 - STMicroelectronics) Password Safe (HKLM-x32\...\Password Safe) (Version: - ) Password Safe 3.54.1 for Windows (32-bit) (HKLM-x32\...\{C2A02857-D138-446B-B181-442DEE20C8E6}) (Version: 3.54.1 - Rony Shapiro) PayMaker (HKLM-x32\...\{CD0F1ADC-1715-4497-96CC-29008F5FF41C}) (Version: 5.1.16.0 - CREALOGIX) PDF-XChange 2012 (HKLM\...\{504022CD-6A58-42D5-ACC9-966F695AAD93}_is1) (Version: 5.5.316.1 - Tracker Software Products Ltd) Photo Common (HKLM-x32\...\{3751BF9B-5F23-4976-AA62-1BF4D791DCFE}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.9 - Proton AG) PSE10 STI Installer (HKLM-x32\...\{11D08055-939C-432b-98C3-E072478A0CD7}) (Version: 10.0 - Adobe Systems Incorporated) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8454 - Realtek Semiconductor Corp.) RegSeeker (HKLM-x32\...\RegSeeker) (Version: 3.01.3680 - HoverDesk) Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.) RFG 2015 (HKLM-x32\...\RFG 2015) (Version: - ) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{00767F40-7075-4A18-90F4-137834D8F0FC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{00767F40-7075-4A18-90F4-137834D8F0FC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{00767F40-7075-4A18-90F4-137834D8F0FC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{00767F40-7075-4A18-90F4-137834D8F0FC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{00767F40-7075-4A18-90F4-137834D8F0FC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{00767F40-7075-4A18-90F4-137834D8F0FC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0401-0000-0000000FF1CE}_Office14.PROPLUSR_{00694B53-36C7-472D-9CB1-37BAE02F0E78}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{2C2D6CA0-1F04-4551-A82A-E0800CD616FA}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{40D99E15-CD30-43EA-9A72-1A6DB7BD0A6B}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{F8BE2445-4A05-4F85-B958-A7C4E942E9DF}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{00767F40-7075-4A18-90F4-137834D8F0FC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{D8590FBE-194F-4AD2-8FA3-EEA8EAA4EBD5}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{00767F40-7075-4A18-90F4-137834D8F0FC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{00767F40-7075-4A18-90F4-137834D8F0FC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.) SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TagScanner 6.1.15 (32bit) (HKLM-x32\...\TagScanner 6.1.15 (32bit)_is1) (Version: 6.1.15 - Sergey Serkov) TeamViewer (HKLM\...\TeamViewer) (Version: 15.31.5 - TeamViewer) Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VideoDownloaderUltimate (HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\VideoDownloaderUltimateWinApp) (Version: 1.0.1.217 - Link64) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN) WinDirStat 1.1.2 (HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\WinDirStat) (Version: - ) Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (HKLM\...\{CE52672C-A0E9-4450-8875-88A221D5CD50}) (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (HKLM-x32\...\{33B992ED-B59B-4E25-9F3F-CF2D79BBA914}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Wise Disk Cleaner (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 11.0.7 - Lespeed Technology Co., Ltd.) XnConvert 1.85.1 (HKLM-x32\...\XnConvert_is1) (Version: 1.85.1 - Gougelet Pierre-e) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-09] () Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2023-12-31] (Adobe Systems Incorporated) Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-12-31] (Microsoft Corporation) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa [2024-01-09] (Apple Inc.) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-12-31] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-12-31] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-12-31] (NVIDIA Corp.) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1243922167-2392459145-2998924318-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-1243922167-2392459145-2998924318-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-9683603F9902} -> [Creative Cloud Files] => C:\Users\Admin R\Creative Cloud Files CustomCLSID: HKU\S-1-5-21-1243922167-2392459145-2998924318-1001_Classes\CLSID\{19841221-BBBB-45FE-BB16-F55BADC6D9E3} -> [myCloud] => D:\Images\myCloud [2023-04-10 12:01] CustomCLSID: HKU\S-1-5-21-1243922167-2392459145-2998924318-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Admin R\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\MicrosoftListSync.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1243922167-2392459145-2998924318-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.9\ProtonVPN.exe (Proton AG -> ) CustomCLSID: HKU\S-1-5-21-1243922167-2392459145-2998924318-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Admin R\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\MicrosoftListSync.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1243922167-2392459145-2998924318-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) SSODL: EldosMountNotificator-cbfs6 - {7E62EC25-25C6-4BE5-B5DB-326F1C2A6543} - C:\Windows\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.) SSODL-x32: EldosMountNotificator-cbfs6 - {7E62EC25-25C6-4BE5-B5DB-326F1C2A6543} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.) ShellServiceObjects: Virtual Storage Mount Notification -> {2B32AB32-B282-4532-8E8F-C7626CB8FE95} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ShellServiceObjects: Virtual Storage Mount Notification -> {7E62EC25-25C6-4BE5-B5DB-326F1C2A6543} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ShellServiceObjects-x32: Virtual Storage Mount Notification -> {2B32AB32-B282-4532-8E8F-C7626CB8FE95} => C:\Windows\SysWOW64\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ShellServiceObjects-x32: Virtual Storage Mount Notification -> {7E62EC25-25C6-4BE5-B5DB-326F1C2A6543} => C:\Windows\SysWOW64\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ DesktopClient1SyncedOverlayIcon] -> {19841221-BBBB-4A04-8E8C-0D8698CE0001} => C:\Users\Admin R\AppData\Local\myCloud Desktop\windows\DesktopClientOverlayIconHandler.net4.x64.DLL [2023-11-22] (Swisscom (Schweiz) AG) [Fichier non signé] [Fichier en cours d'utilisation] ShellIconOverlayIdentifiers: [ DesktopClient2SyncingOverlayIcon] -> {19841221-BBBB-4A04-8E8C-0D8698CE0002} => C:\Users\Admin R\AppData\Local\myCloud Desktop\windows\DesktopClientOverlayIconHandler.net4.x64.DLL [2023-11-22] (Swisscom (Schweiz) AG) [Fichier non signé] [Fichier en cours d'utilisation] ShellIconOverlayIdentifiers: [ DesktopClient3IgnoredOverlayIcon] -> {19841221-BBBB-4A04-8E8C-0D8698CE0003} => C:\Users\Admin R\AppData\Local\myCloud Desktop\windows\DesktopClientOverlayIconHandler.net4.x64.DLL [2023-11-22] (Swisscom (Schweiz) AG) [Fichier non signé] [Fichier en cours d'utilisation] ShellIconOverlayIdentifiers: [ MyCloud1SyncedOverlayIcon] -> {19841221-F0EE-4A04-8E8C-0D8698CD0001} => C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MyCloud2SyncingOverlayIcon] -> {19841221-F0EE-4A04-8E8C-0D8698CD0002} => C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MyCloud3IgnoredOverlayIcon] -> {19841221-F0EE-4A04-8E8C-0D8698CD0003} => C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {93E95FB5-9EFC-43B9-8A5E-C8608BEF7E98} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {93E95FB5-9EFC-43B9-8A5E-C8608BEF7E98} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.) ContextMenuHandlers1: [AccExt] -> {TrendCleaner}{2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> Pas de fichier ContextMenuHandlers1: [FormatFactoryShell] -> [CC]{A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> Pas de fichier ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-10] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> ) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\nvshext.dll [2023-06-21] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {TrendCleaner}{2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> Pas de fichier ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-10] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers1_S-1-5-21-1243922167-2392459145-2998924318-1001: [ FileSyncEx] -> {TrendCleaner}{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Pas de fichier ContextMenuHandlers4_S-1-5-21-1243922167-2392459145-2998924318-1001: [ FileSyncEx] -> {TrendCleaner}{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Pas de fichier ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Modules chargés (Avec liste blanche) ============= 2023-07-14 10:26 - 1996-12-03 14:50 - 002159616 ____N () [Fichier non signé] C:\Program Files\corel\plugins\kpt21hub.dll 2020-02-07 16:08 - 2017-09-13 13:58 - 000073728 _____ () [Fichier non signé] C:\Program Files\D-Link\DWA-171 revC\ALPBCC\ANPDApi.dll 2014-09-16 08:46 - 2024-01-28 19:42 - 000033576 _____ (ASUSTeK Computer Inc. -> ) [Fichier non signé] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll 2023-07-14 10:28 - 1996-12-04 12:53 - 000119808 ____N (Corel Corporation) [Fichier non signé] C:\Program Files\corel\filters\ietif70.flt 2023-07-14 10:26 - 1997-01-15 12:49 - 002050560 ____N (Corel Corporation) [Fichier non signé] C:\Program Files\corel\plugins\pipnt70.dll 2023-07-14 10:27 - 1997-01-16 15:33 - 002255872 ____N (Corel Corporation) [Fichier non signé] C:\Program Files\corel\programs\pntintl.dll 2024-01-28 19:43 - 2024-01-28 19:43 - 000254464 ____N (Java(TM) Native Access (JNA)) [Fichier non signé] C:\TEMP\jna-525010849\jna5049437365071938713.dll 2018-02-12 11:57 - 2011-04-12 11:46 - 000271360 ____R (Microsoft Corporation) [Fichier non signé] C:\Windows\System32\oobe\wdscore.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpage.com/ HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://duckduckgo.com/?natb=v195-2g_&cp=atbhc BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKU\S-1-5-21-1243922167-2392459145-2998924318-1001 -> Pas de nom - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Pas de fichier DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\localhost -> localhost IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\1001movie.com -> 1001movie.com Il y a 6088 plus de sites. IE trusted site: HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\localhost -> localhost ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2009-07-14 03:34 - 2021-01-02 18:31 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Calibre2\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\ HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\Control Panel\Desktop\\Wallpaper -> D:\Images\Fonds d'écran\panure_a_moustaches-1535035608.jpg HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 194.230.55.105 - 212.98.37.137 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier) Le Pare-feu est activé. Network Binding: ============= Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Ethernet 2: ANOD Network Security Filter driver -> MS_ANODNdisLwf (enabled) ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) MSCONFIG\Services: WsAppService => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MoneyPen.lnk => MSCONFIG\startupfolder: C:^Users^Admin R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Alertes de surveillance de l'encre - .lnk => C:\Windows\pss\Alertes de surveillance de l'encre - .lnk.Startup MSCONFIG\startupfolder: C:^Users^Admin R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Alertes de surveillance de l'encre - HP Officejet Pro 8600 (réseau).lnk => C:\Windows\pss\Alertes de surveillance de l'encre - HP Officejet Pro 8600 (réseau).lnk.Startup MSCONFIG\startupfolder: C:^Users^Admin R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CLX.ScanMouse.lnk => C:\Windows\pss\CLX.ScanMouse.lnk.Startup MSCONFIG\startupfolder: C:^Users^Admin R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^myCloud Desktop.lnk => C:\Windows\pss\myCloud Desktop.lnk.Startup MSCONFIG\startupfolder: C:^Users^Admin R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^myCloudDesktop.lnk => MSCONFIG\startupfolder: C:^Users^Admin R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Password Safe.lnk => C:\Windows\pss\Password Safe.lnk.Startup MSCONFIG\startupfolder: C:^Users^Ralph Ballmer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Alertes de surveillance de l'encre - HP Officejet Pro 8600 (réseau).lnk => C:\Windows\pss\Alertes de surveillance de l'encre - HP Officejet Pro 8600 (réseau).lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Creative Cloud => MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe MSCONFIG\startupreg: amreboot => MSCONFIG\startupreg: ArcSoft Connection Service => MSCONFIG\startupreg: CAHeadless => MSCONFIG\startupreg: Cobian Backup 11 => "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe" MSCONFIG\startupreg: DivXMediaServer => MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: FAHConsole => C:\Program Files\File Association Helper\FAHConsole.exe MSCONFIG\startupreg: IAStorIcon => MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60 MSCONFIG\startupreg: Malwarebytes Anti-Exploit => MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "Look 'n' Stop" HKLM\...\StartupApproved\Run: => "AdobePSE18AutoAnalyzer" HKLM\...\StartupApproved\Run: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "BCSSync" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "My Swisscom Assistant" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2" HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\StartupApproved\Run: => "CCXProcess" HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_492BCF494D8261940120A2D572EE8C60" HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\StartupApproved\StartupFolder: => "CLX.ScanMouse.lnk" HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\StartupApproved\Run: => "CCXProcess" HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A9554AEBE4ED1935363DEC92424C58A6" HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\StartupApproved\Run: => "Cleaner One Pro" HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\StartupApproved\Run: => "DRScanner" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{3EAD6EBB-6187-4151-BC89-675E90820F82}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{FE2D752B-F06B-44DF-AEEC-35CD3FED8D6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{4C853B1D-D75A-4936-852D-6472FB050108}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2E3B26EC-5C99-49D3-B451-F2D2B96A24AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E946D931-FECE-433B-8804-716284B5FCB9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{29A0EEE4-74E0-47FF-8983-E5D391097229}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6290334C-1F4A-4D1B-9ECE-B8D389F3F17C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0DD9A888-33AB-4038-A745-4E5E01237AEC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{149D6B9F-339F-4231-A38C-33712E27C80B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{856062CA-C495-43E1-88B1-9C97B73DED47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{242E6C41-5DCE-48D2-BD57-8413A12ABC9A}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe (Ventis Media, Inc. -> Ventis Media Inc.) [Fichier non signé] FirewallRules: [UDP Query User{7CAA9255-3998-4D52-8723-633F7404B0EB}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe (Ventis Media, Inc. -> Ventis Media Inc.) [Fichier non signé] FirewallRules: [TCP Query User{9813800E-45FA-44D8-A83F-EC5B83006006}C:\users\ralph ballmer\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\ralph ballmer\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{B22AFEF3-F8A2-4245-AE04-FFCD0948C381}C:\users\ralph ballmer\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\ralph ballmer\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{3CBE98B7-1911-421B-B224-55AAB8327B85}] => (Block) C:\users\ralph ballmer\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{783DFB57-A822-4F40-AC4E-95A045F7A2F7}] => (Block) C:\users\ralph ballmer\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{7103DC15-533E-432B-A49E-4E49DC50B102}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{AEE840B7-1CBF-4ED5-9A66-4B27ACD157B9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{70D01D8D-B9AE-4861-916F-E4405C2EA5EA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{7DBC9B1D-FAF0-4EEF-ACCE-2038958AA84D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{4F5A1A83-CB5F-444C-816B-C4F2C12B25D4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{F1AB2D80-3546-47CB-9C3D-B48FDAFB301D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{DC28ADAA-9589-4075-AAC3-65C78BE09429}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{D2C68AB2-8FA0-4238-B5D9-F31720868415}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) ==================== Points de restauration ========================= 21-01-2024 13:52:15 Image Resizer for Windows 21-01-2024 13:54:05 Revo Uninstaller's restore point - Image Resizer for Windows 24-01-2024 13:11:40 Programme d’installation pour les modules Windows ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (01/28/2024 07:44:44 PM) (Source: IntelDalJhi) (EventID: 7) (User: ) Description: Intel(R) Dynamic Application Loader Host Interface Service has failed to write to registry. Error: (01/28/2024 07:42:46 PM) (Source: ESENT) (EventID: 455) (User: ) Description: wuaueng.dll (7908,R,98) SUS20ClientDataStore: L’erreur -1811 (0xfffff8ed) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb0001C.log. Error: (01/28/2024 07:42:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.. Error: (01/28/2024 07:42:06 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.] Error: (01/28/2024 07:42:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.. Error: (01/28/2024 07:42:06 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.] Error: (01/28/2024 07:00:00 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Échec de la sauvegarde. Raison : une erreur d'écriture s'est produite à l'emplacement de sauvegarde (E:\). Erreur : Emplacement de sauvegarde introuvable ou non valide. Vérifiez-le en passant en revue vos paramètres de sauvegarde. (0x81000006). Error: (01/28/2024 02:32:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ProtonVPN.exe, version : 0.0.0.0, horodatage : 0x657ffb1d Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.3930, horodatage : 0x9141f979 Code d’exception : 0xe0434352 Décalage d’erreur : 0x000000000002cf19 ID du processus défaillant : 0x2b40 Heure de début de l’application défaillante : 0x01da51d62915e4cf Chemin d’accès de l’application défaillante : C:\Program Files\Proton\VPN\v3.2.9\ProtonVPN.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 50f14f21-98f7-4bfc-8c87-28bf317f3274 Nom complet du package défaillant : ID de l’application relative au package défaillant : Erreurs système: ============= Error: (01/28/2024 08:25:10 PM) (Source: DCOM) (EventID: 10010) (User: RALPHPC) Description: Le serveur {4991D34B-80A1-4291-83B6-3328366B9097} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/28/2024 08:23:14 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service Service de transfert intelligent en arrière-plan s’est arrêté avec l’erreur spécifique au service suivante : %%2388525606 Error: (01/28/2024 08:23:14 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: AUTORITE NT) Description: Échec du démarrage du service BITS. Erreur 2388525606. Error: (01/28/2024 08:23:10 PM) (Source: DCOM) (EventID: 10010) (User: RALPHPC) Description: Le serveur {F087771F-D74F-4C1A-BB8A-E16ACA9124EA} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/28/2024 08:21:14 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service Service de transfert intelligent en arrière-plan s’est arrêté avec l’erreur spécifique au service suivante : %%2388525606 Error: (01/28/2024 08:21:14 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: AUTORITE NT) Description: Échec du démarrage du service BITS. Erreur 2388525606. Error: (01/28/2024 08:21:10 PM) (Source: DCOM) (EventID: 10010) (User: RALPHPC) Description: Le serveur {6D18AD12-BDE3-4393-B311-099C346E6DF9} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/28/2024 08:19:14 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service Service de transfert intelligent en arrière-plan s’est arrêté avec l’erreur spécifique au service suivante : %%2388525606 Windows Defender: ================ Date: 2024-01-28 12:12:26 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {4D3B7453-F037-4B16-854D-3F082AF3738D} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2024-01-27 17:06:59 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {3FD13943-4CDE-4A93-87DB-CE550E492762} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2024-01-27 16:40:30 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {C1236DFF-D8A2-4A51-851C-4DD78B1C4744} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2024-01-27 16:31:36 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {4BA6E47C-6EF5-437D-839C-7B29CD07C2F0} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2024-01-27 15:39:02 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {2FE88F4C-DAB8-44AB-9E95-28C37687C1D2} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\SERVICE RÉSEAU Event[0]: Date: 2024-01-25 20:03:47 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.403.2668.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.23110.2 Code d’erreur : 0x8024402c Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. Date: 2024-01-25 12:11:22 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.403.2668.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.23110.2 Code d’erreur : 0x80240438 Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. Date: 2024-01-23 13:24:10 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.403.2460.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.23110.2 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2024-01-23 13:24:10 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.403.2460.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de veille de sécurité : Logiciel anti-espion Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.23110.2 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2024-01-23 13:24:10 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.403.2460.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.23110.2 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu CodeIntegrity: =============== Date: 2024-01-28 12:01:05 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2024-01-25 13:08:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2024-01-25 13:08:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2024-01-25 13:08:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2024-01-25 13:08:56 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2024-01-25 12:42:39 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 2906 02/24/2016 Carte mère: ASUSTeK COMPUTER INC. H97-PRO Processeur: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz Pourcentage de mémoire utilisée: 49% Mémoire physique - RAM - totale: 8101.79 MB Mémoire physique - RAM - disponible: 4114.38 MB Mémoire virtuelle totale: 11680.79 MB Mémoire virtuelle disponible: 5803.13 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:232.66 GB) (Free:133.04 GB) (Model: Crucial_ CT128MX100SSD1 SCSI Disk Device) NTFS Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:507.16 GB) (Model: WDC WD10EZEX-08M2NA0 SCSI Disk Device) NTFS \\?\Volume{ff08662a-a48a-4c6c-89cf-48f11c2ea02e}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0B3E60E9) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================