Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01 Exécuté par Quadman (11-05-2024 21:57:57) Exécuté depuis C:\Users\Quadman\Desktop Microsoft Windows 10 Professionnel Version 22H2 19045.4355 (X64) (2022-12-17 22:35:21) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-2566435625-1799573850-1386347091-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2566435625-1799573850-1386347091-503 - Limited - Disabled) Invité (S-1-5-21-2566435625-1799573850-1386347091-501 - Limited - Disabled) Quadman (S-1-5-21-2566435625-1799573850-1386347091-1001 - Administrator - Enabled) => C:\Users\Quadman WDAGUtilityAccount (S-1-5-21-2566435625-1799573850-1386347091-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov) 8GadgetPack (HKLM-x32\...\{6452120E-72FC-49D7-AB36-7042CC9746FB}) (Version: 31.0.0 - 8GadgetPack.net) ACDSee Gestionnaire de photos 12 (HKLM-x32\...\{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}) (Version: 12.0.342 - ACD Systems International Inc.) AeroFly RC 8 (HKLM-x32\...\AeroFly RC 8) (Version: - SKIDROW) Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software) AOMEI Backupper 7.3.3 Préactivé (HKLM\...\{7885F818-816D-4727-94E4-D689BE73997A}) (Version: 7.3.3 - FranceGallForever :)) AOMEI Partition Assistant 9.13.1 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: 9.13.1 - AOMEI International Network Limited.) Arduino (HKLM-x32\...\Arduino) (Version: 1.8.12 - Arduino LLC) Belgium e-ID middleware 5.0.17 (build 5498) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A75498}) (Version: 5.0.5498 - Belgian Government) Brother BRAdmin Light 1.37.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.37.0000 - Brother) Brother MFL-Pro Suite DCP-J4120DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.) Brother P-touch Address Book 1.4 (HKLM-x32\...\{183610C9-C423-4EF3-8B05-5B194851F9BA}) (Version: 1.4.0010 - Brother Industries, Ltd.) Brother P-touch Editor 5.4 (HKLM-x32\...\{3D6B8787-51B7-45F3-B730-79875DA88764}) (Version: 5.4.0140 - Brother Industries, Ltd.) Brother P-touch Update Software (HKLM-x32\...\{ACF49700-E155-4715-9D4D-C05D835D8CE9}) (Version: 1.0.0230 - Brother Industries, Ltd.) C-Media PCI Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008770}) (Version: 1.00.0003 - C-Media Electronics, Inc.) Cupdb 1.0 (HKLM-x32\...\{461C0377-D2EC-4FB0-B038-847BC6455432}_is1) (Version: 1.0 - CupDB) Dashboard (HKLM-x32\...\Western Digital SSD Dashboard) (Version: 3.7.2.5 - Western Digital Corporation) Désinstallation de l'imprimante EPSON Universal Print Driver (HKLM\...\EPSON Universal Print Driver) (Version: - SEIKO EPSON Corporation) DesktopOK (HKLM\...\DesktopOK) (Version: - hxxp://www.softwareok.com/) DIGIPASS Native Bridge 2.8.4 (HKLM\...\{FDAF6A70-EE14-486E-B110-34C478F068A5}) (Version: 2.8.4 - OneSpan Inc.) Hidden DIGIPASS Native Bridge 2.8.4 (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\{142a407b-6867-42a5-ab80-6b2dd15a3f0b}) (Version: 2.8.4 - OneSpan Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 198.4.7615 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.863.1 - Dropbox, Inc.) Hidden DVDFab 12 (x64) (13/06/2023) (HKLM-x32\...\DVDFab 12 (x64)) (Version: 12.1.0.8 - DVDFab Software Inc.) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) EaseUS Partition Master (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) EasyBCD 2.4 (HKLM-x32\...\EasyBCD) (Version: 2.4 - NeoSmart Technologies) ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden Epson Data Collection Agent (HKLM\...\{A144D202-5F5C-4AE0-8BFE-F374C31BA279}) (Version: 7.0 - Seiko Epson Corporation) EPSON ET-2820 Series Printer Uninstall (HKLM\...\EPSON ET-2820 Series) (Version: - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation) Epson Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 2.0.4.0 - Seiko Epson Corporation) Epson Photo+ (HKLM-x32\...\{82E09177-CD4D-412F-97B6-3C4763D6B0FA}) (Version: 3.7.2.0 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) Epson ScanSmart (HKLM-x32\...\{24D63D1B-83A2-4976-8D0D-8622D96B6B86}) (Version: 3.7.1 - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation) foobar2000 v2.2 preview 2024-04-10 (x64) (HKLM\...\foobar2000 (x64)) (Version: 2.2 preview 2024-04-10 - Peter Pawlowski) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.158 - Google LLC) Google Earth Pro (HKLM\...\{3470AD08-85F2-4B1D-8487-FC4750732087}) (Version: 7.3.6.9796 - Google) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.165 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HostsMan 4.8.106 (HKLM-x32\...\{1A3DD1A9-7B7B-4ECA-AD2F-98466F49F62C}_is1) (Version: 4.8.106.0 - abelhadigital.com) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) IP Camera Viewer 4 (HKLM-x32\...\IP Camera Viewer_is1) (Version: - DeskShare Inc.) iReboot 2.0 (HKLM-x32\...\iReboot) (Version: 2.0 - NeoSmart Technologies) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH) KC Softwares VideoInspector (HKLM-x32\...\KC Softwares VideoInspector_is1) (Version: 2.15.10.154 - KC Softwares) LastPass (HKLM-x32\...\{9787E9DA-0489-42B8-9A71-5712B1AF8A40}) (Version: 4.111.0.49 - GoTo Group, Inc.) Logiciel d'archivage WinRAR (HKLM\...\WinRAR archiver) (Version: - ) MatterControl version 2.22.04.11498 (HKLM-x32\...\{EE5A0E0E-8608-4272-94D6-C2CDCD9307F2}_is1) (Version: 2.22.04.11498 - MatterHackers, Inc.) MEDION IPCAM Finder v1.0.23 (HKLM-x32\...\MEDION IPCAM Finder Utility_is1) (Version: - MEDION AG) Microsoft .NET Host - 6.0.29 (x64) (HKLM\...\{E7C485FB-3329-43E3-965B-3DE4B863E1D9}) (Version: 48.116.12053 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.29 (x64) (HKLM\...\{724B2734-4B1A-46E2-9333-6D3B83351D02}) (Version: 48.116.12053 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.29 (x64) (HKLM\...\{014E0350-0B29-483B-9252-8780DEBA0856}) (Version: 48.116.12053 - Microsoft Corporation) Hidden Microsoft Access database engine 2016 (English) (HKLM-x32\...\{90160000-00D1-0409-0000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation) Microsoft Access MUI (French) 2016 (HKLM\...\{90160000-0015-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.29 - Shared Framework (x64) (HKLM-x32\...\{00a1d429-6377-433e-aa29-7ca5cdd1432a}) (Version: 6.0.29.24171 - Microsoft Corporation) Microsoft ASP.NET Core 6.0.29 Shared Framework (x64) (HKLM\...\{78049619-B2AE-3EBE-AB8E-088602FFCD0B}) (Version: 6.0.29.24171 - Microsoft Corporation) Hidden Microsoft DCF MUI (French) 2016 (HKLM\...\{90160000-0090-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Excel MUI (French) 2016 (HKLM\...\{90160000-0016-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Groove MUI (French) 2016 (HKLM\...\{90160000-00BA-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (French) 2016 (HKLM\...\{90160000-0044-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (French) 2016 (HKLM\...\{90160000-00E1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (French) 2016 (HKLM\...\{90160000-00E2-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Office Proofing (French) 2016 (HKLM\...\{90160000-002C-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2016 - اللغة العربية (HKLM\...\{90160000-001F-0401-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (French) 2016 (HKLM\...\{90160000-00C1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (French) 2016 (HKLM\...\{90160000-006E-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.070.0407.0003 - Microsoft Corporation) Microsoft OneNote MUI (French) 2016 (HKLM\...\{90160000-00A1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Outlook MUI (French) 2016 (HKLM\...\{90160000-001A-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (French) 2016 (HKLM\...\{90160000-0018-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Publisher MUI (French) 2016 (HKLM\...\{90160000-0019-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Skype for Business MUI (French) 2016 (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29325 (HKLM-x32\...\{B40FC85D-2B12-46E0-B950-E5B27E348793}) (Version: 14.28.29325 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29325 (HKLM-x32\...\{EE2E15BB-54C8-4DB0-B1F3-026E3C166991}) (Version: 14.28.29325 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{C931A1C6-A7BF-3737-874A-818881A37E1B}) (Version: 10.0.60915 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60910 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.29 (x64) (HKLM\...\{A0DA3EDD-9C41-491F-A77E-5F90AFDB64B2}) (Version: 48.116.12057 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.29 (x64) (HKLM-x32\...\{54679abd-8ed9-4bd3-8400-7684dd7c6f03}) (Version: 6.0.29.33521 - Microsoft Corporation) Microsoft Word MUI (French) 2016 (HKLM\...\{90160000-001B-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden MiniTool MovieMaker (HKLM-x32\...\{MT-39B9213B-B182-41FB-B149-CD1016372F9C}_is1) (Version: 2.4 - MiniTool) MiniTool Partition Wizard 12.8 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.8 - MiniTool Software Limited) MiniTool Power Data Recovery 11.0 (HKLM\...\{E1BCD081-4BF4-4E2F-832A-911EC42EF3C5}_is1) (Version: 11.0 - MiniTool Software Limited) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.60910 - Microsoft Corporation) Movavi Video Suite 22 (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\Movavi Video Suite 22) (Version: 22.4.1 - Movavi) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.3.6 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - Seiko Epson Corporation) Navigation Updater (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\{c4e63098-d684-46f2-a106-42c8e3055705}) (Version: 2.2.2.0 - HYUNDAI MOTOR GROUP) Nitro PDF Pro 14.15.0.5 Préactivé (HKLM\...\{30ED4672-B2A8-4063-8B3F-6EE09C800D3E}) (Version: 14.15.0.5 - FranceGallForever :)) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote graphique 528.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.02 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Package de pilotes Windows - Intel (MEIx64) System (03/28/2016 11.0.5.1189) (HKLM\...\63CEF5543DBF9887E6220C5C2F7F85C2D4C726D5) (Version: 03/28/2016 11.0.5.1189 - Intel) Package de pilotes Windows - Marvell Inc. (mvs91xx) SCSIAdapter (01/26/2016 1.2.0.1049) (HKLM\...\BA4CB814B421309A8C3F53649E8BEBFEC698497D) (Version: 01/26/2016 1.2.0.1049 - Marvell Inc.) Package de pilotes Windows - Marvell Inc. System (01/26/2016 1.2.0.1049) (HKLM\...\CA58952F353C9D4E42F1E34BB027E7F007E887F6) (Version: 01/26/2016 1.2.0.1049 - Marvell Inc.) Package de pilotes Windows - Marvell Semiconductor Inc. (mv91cons) System (01/26/2016 1.2.0.1049) (HKLM\...\7B03E2167D03B48E94828FE423096AC7E3C4C9EB) (Version: 01/26/2016 1.2.0.1049 - Marvell Semiconductor Inc.) Package de pilotes Windows - Timeleak Electronics, Ltd. (TrdHCap64) MEDIA (12/26/2012 1.0.6.4) (HKLM\...\C9730E0385F103452C0002ED744C3E1856443BAC) (Version: 12/26/2012 1.0.6.4 - Timeleak Electronics, Ltd.) paint.net (HKLM\...\{A89BF790-0679-403A-9CC7-4015DBF4FEBA}) (Version: 5.0.13 - dotPDN LLC) PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific) Pochette Express 2 (HKLM-x32\...\Pochette Express 2) (Version: - ) Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.11 - Proton AG) Python 3.8.10 (64-bit) (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\{e9cd241b-9125-4624-9625-ff42d2f3647f}) (Version: 3.8.10150.0 - Python Software Foundation) Python 3.8.10 Core Interpreter (64-bit) (HKLM\...\{D971F398-7F11-4956-AB73-1FB70E59A11F}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden Python 3.8.10 Development Libraries (64-bit) (HKLM\...\{75320A88-439F-497A-B856-FF397ED71203}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden Python 3.8.10 Documentation (64-bit) (HKLM\...\{47769D6A-1947-4B6F-9B2F-E881F204CA5A}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden Python 3.8.10 Executables (64-bit) (HKLM\...\{A0FBEF5B-B925-4F86-9B50-A7315736C481}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden Python 3.8.10 pip Bootstrap (64-bit) (HKLM\...\{E542AFFC-389C-4330-A0F5-D0B162297729}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden Python 3.8.10 Standard Library (64-bit) (HKLM\...\{080E0048-853C-49FB-96ED-30DEF7AB6E34}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden Python 3.8.10 Tcl/Tk Support (64-bit) (HKLM\...\{92B27283-38B6-4C6B-B23B-3DE902F4FEA7}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden Python 3.8.10 Test Suite (64-bit) (HKLM\...\{B91DB0E4-637F-469E-8309-0D69FD18A1E5}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden Python 3.8.10 Utility Scripts (64-bit) (HKLM\...\{CD36D248-F36C-4535-97A9-9CB7B4E0C186}) (Version: 3.8.10150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{81CDF5BF-4777-4CF8-B6CC-0902061F7314}) (Version: 3.8.7427.0 - Python Software Foundation) qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.4 - The qBittorrent project) RealFlight 7 R/C Simulator (HKLM-x32\...\RealFlight7Pro) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.63.1014.2022 - Realtek) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation) Repetier-Host version 2.3.2 (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 2.3.2 - repetier) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Setup versão 1.5 (HKLM-x32\...\{009476EE-71CA-4629-9823-FBB0616E4C9C}_is1) (Version: 1.5 - Microsoft, Inc.) Snagit 11 (HKLM-x32\...\{F8E3C768-71F3-11E1-9DF7-70804824019B}) (Version: 11.0.1 - TechSmith Corporation) Spektrum Programmer (HKLM-x32\...\Spektrum Programmer) (Version: 3.8.0.0 - Horizon Hobby) Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden TeraCopy (HKLM\...\{3B52584E-B01A-456B-A6D9-A2135F8B1E98}) (Version: 3.10 - Code Sector) Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.14.0 - Tweaking.com) Ultimaker Cura 5.2.1 (HKLM-x32\...\Ultimaker Cura 5.2.1-5.2.1) (Version: 5.2.1 - Ultimaker B.V.) Unlocker 1.9.0-x64 (HKLM\...\Unlocker) (Version: 1.9.0-x64 - Cedrick Collomb) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN) VPN by Google One (HKLM\...\{A1F022B1-145B-4EBF-9752-95B413C837A3}) (Version: 1.9.0.6 - Google LLC) VSO CopyToDVD 4 (HKLM-x32\...\{870F1750-BA89-11DA-A94D-0800200C9A66}_is1) (Version: 4.2.2.10 - VSO Software) WhatsApp (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\WhatsApp) (Version: 2.2310.5 - WhatsApp) Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com) Windows Driver Package - Horizon Hobby USB Interface AS3X Programmer Driver (03/09/2016 2.12.16) (HKLM\...\AF31292D759C0492C6EA53A117E414F0A74F3AD3) (Version: 03/09/2016 2.12.16 - Horizon Hobby) WinMSS 8.4.3.0 (HKLM-x32\...\WinMSS_is1) (Version: 8.4.3.0 - Aeon Innovation) Chrome apps: ============ Docs (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\cbf68d751452aa6144780a71bd71c2f5) (Version: 1.0 - Google\Chrome) Feuilles de calcul (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\5cd09209cfa58f75af7118dcb930038c) (Version: 1.0 - Google\Chrome) Gmail (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\34eda8b5407c2c549628d91f01f1d03a) (Version: 1.0 - Google\Chrome) Google Drive (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\ab0772edb0b5073d3e97cce2ce09a8d9) (Version: 1.0 - Google\Chrome) Présentations (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\d0c8eeecf7bf36198fb497ef83927273) (Version: 1.0 - Google\Chrome) YouTube (HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\42fe455b8059e8b52dc05229aeb3d737) (Version: 1.0 - Google\Chrome) Packages: ========= Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-09-06] (Microsoft Corporation) Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1300.477.0_x64__8wekyb3d8bbwe [2024-04-24] (Microsoft Corporation) Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-05-02] (Dropbox Inc.) LastPass for Windows Desktop -> C:\Program Files\WindowsApps\LastPass.LastPass_4.9.0.0_x64__sbg7naapqq8fj [2024-01-12] (LastPass) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation) [MS Ad] Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.) Recherche Web de Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-03-01] (Microsoft Corporation) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.18.194.0_x64__43tkc6nmykmb6 [2024-02-17] (Ookla) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2417.4.0_x64__cv1g1gvanyjgm [2024-05-03] (WhatsApp Inc.) [Startup Task] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{04d5c66b-d515-61ec-258f-a409f9443e98}\localserver32 -> "C:\Program Files\Proton\VPN\v3.0.7\ProtonVPN.exe" -ToastActivated => Pas de fichier CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{052DB226-BE3B-44D4-B932-9C8049B2110B}\InprocServer32 -> C:\Users\Quadman\AppData\Local\Microsoft\Windows Sidebar\Gadgets\volume-gadget-win7gadgets-com.gadget\dlls\VolumeControl64.dll (Indev) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Quadman\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Quadman\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> "c:\program files\macrium\common\reflectmonitor.exe" -ToastActivated => Pas de fichier CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.exe (Proton AG -> ) CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{71B1723C-1EC2-4b4d-868E-FA58C7F95CD9}\InprocServer32 -> C:\Users\Quadman\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Volume_Control.gadget\SoundControl.dll (Orbmu2k) [Fichier non signé] [Fichier en cours d'utilisation] CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{a04f95c0-6183-7419-2316-954e331d0cbc}\localserver32 -> "C:\Program Files\Proton\VPN\v3.2.2\ProtonVPN.exe" -ToastActivated => Pas de fichier CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{bdf037d5-d1f4-16de-7c00-9c2204d45001}\localserver32 -> "C:\Program Files\Proton\VPN\v3.0.5\ProtonVPN.exe" -ToastActivated => Pas de fichier CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => Pas de fichier CustomCLSID: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Quadman\Dropbox [2023-10-24 20:55] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2023-09-23] (Nitro Software, Inc. -> Nitro Software, Inc.) ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2012-05-16] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [Fichier non signé] ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [Fichier non signé] ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2012-05-16] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [Fichier non signé] ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [Fichier non signé] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.72.0.dll [2024-05-02] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_fe354dfce3aefac6\nvshext.dll [2022-12-29] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [Fichier non signé] ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [Fichier non signé] ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [VIDC.ACDV] => ACDV.dll HKLM\...\Drivers32-x32: [VIDC.ACDV] => ACDV.dll HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [Fichier non signé] ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\Quadman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Docs.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb ShortcutWithArgument: C:\Users\Quadman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Feuilles de calcul.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf ShortcutWithArgument: C:\Users\Quadman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm ShortcutWithArgument: C:\Users\Quadman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=aghbiahbpaijignceidepookljebhfak ShortcutWithArgument: C:\Users\Quadman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Présentations.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=kefjledonklijopmnomlcbpllchaibag ShortcutWithArgument: C:\Users\Quadman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=agimnkijcaahngcdmfeangaknmldooml ShortcutWithArgument: C:\Users\Quadman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Megashoot (Jean Michel) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\Extension\5.2.9._0" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\Extension\9.9.9._0" ==================== Modules chargés (Avec liste blanche) ============= 2022-12-18 00:50 - 2007-09-02 14:57 - 000069632 _____ () [Fichier non signé] C:\Program Files (x86)\RocketDock\RocketDock.dll 2022-12-18 01:49 - 2010-03-15 12:28 - 000166400 _____ () [Fichier non signé] C:\Program Files\WinRAR\rarext.dll 2022-12-18 01:43 - 2022-12-18 01:43 - 000122880 _____ (C-Media Electronics Inc.) [Fichier non signé] C:\Windows\System\HsSrv64.dll 2022-12-18 21:56 - 2019-10-17 09:38 - 000645120 _____ (Helmut Buhler) [Fichier non signé] C:\Program Files\Windows Sidebar\dwmapi.dll 2012-05-16 15:36 - 2012-05-16 15:36 - 000480256 _____ (hxxp://hunspell.sourceforge.net/) [Fichier non signé] C:\Program Files (x86)\TechSmith\Snagit 11\libhunspell.dll 2022-07-15 20:00 - 2022-07-15 20:00 - 000094720 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll 2012-05-16 15:37 - 2012-05-16 15:37 - 000066192 ____R (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [Fichier non signé] C:\Program Files (x86)\TechSmith\Snagit 11\LFJbg15U.DLL 2012-05-16 15:37 - 2012-05-16 15:37 - 000126096 ____R (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [Fichier non signé] C:\Program Files (x86)\TechSmith\Snagit 11\LFPng15U.DLL 2012-05-16 15:37 - 2012-05-16 15:37 - 000212112 _____ (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [Fichier non signé] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgclr15u.dll 2012-05-16 15:37 - 2012-05-16 15:37 - 000208016 _____ (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [Fichier non signé] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgefx15u.dll 2012-05-16 15:37 - 2012-05-16 15:37 - 000134288 _____ (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [Fichier non signé] C:\Program Files (x86)\TechSmith\Snagit 11\Ltimgutl15u.dll 2012-05-16 15:37 - 2012-05-16 15:37 - 000122000 _____ (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [Fichier non signé] C:\Program Files (x86)\TechSmith\Snagit 11\Lttwn15u.dll 2022-12-18 22:02 - 2012-05-19 07:16 - 000083456 _____ (Microsoft Corporation) [Fichier non signé] C:\Program Files\Windows Sidebar\sbdrop.dll 2024-01-25 20:26 - 2024-01-25 20:26 - 000065536 _____ (Microsoft Corporation) [Fichier non signé] C:\Windows\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll 2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Windows\System32\enppmon.dll 2022-12-19 01:01 - 2008-12-29 19:17 - 000118784 _____ (VSO Software SARL) [Fichier non signé] C:\Program Files (x86)\VSO\copytodvd\ctcdshell64.dll 2023-02-24 11:32 - 2023-02-24 11:32 - 002771456 _____ (wxWidgets development team) [Fichier non signé] C:\Users\Quadman\AppData\Local\OneSpan\NativeBridge\wxbase315u_vc14x_x64.dll 2023-02-24 11:32 - 2023-02-24 11:32 - 008467456 _____ (wxWidgets development team) [Fichier non signé] C:\Users\Quadman\AppData\Local\OneSpan\NativeBridge\wxmsw315u_core_vc14x_x64.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Windows:nlsPreferences [386] AlternateDataStreams: C:\ProgramData\TEMP:3F30E778 [139] AlternateDataStreams: C:\ProgramData\TEMP:69E87FA2 [116] AlternateDataStreams: C:\ProgramData\TEMP:A9967A61 [133] AlternateDataStreams: C:\ProgramData\TEMP:F4C624DE [123] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2024-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files\Nitro\PDF Pro\14\npnitroie.dll [2023-09-23] (Nitro Software, Inc. -> Nitro Software, Inc.) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2024-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files (x86)\Nitro\PDF Pro\14\npnitroie.dll [2023-09-23] (Nitro Software, Inc. -> Nitro Software, Inc.) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2023-06-30 00:01 - 2024-01-12 08:06 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Quadman\AppData\Local\Microsoft\Windows\Themes\CZ Shadow\DesktopBackground\pistol_cz_75_sp-01_shadow_dualtone.jpg DNS Servers: 1.1.1.1 - 1.0.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) MSCONFIG\Services: BrYNSvc => 3 MSCONFIG\Services: CupDBService => 2 MSCONFIG\Services: dbupdate => 2 MSCONFIG\Services: dbupdatem => 3 MSCONFIG\Services: DbxSvc => 2 MSCONFIG\Services: DCAgent => 2 MSCONFIG\Services: EaseUS UPDATE SERVICE => 2 MSCONFIG\Services: EpsonScanSvc => 2 MSCONFIG\Services: FvSvc => 3 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: iReboot => 2 MSCONFIG\Services: MTAgentService => 2 MSCONFIG\Services: MTSchedulerService => 2 MSCONFIG\Services: MyEpson Portal Service => 2 MSCONFIG\Services: NitroDriverReadSpool11 => 2 MSCONFIG\Services: NitroUpdateService => 3 MSCONFIG\Services: nlsX86cc => 2 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: ProtonVPN Service => 3 MSCONFIG\Services: ProtonVPN WireGuard => 3 MSCONFIG\Services: TeraCopyService.exe => 2 MSCONFIG\Services: VPN by Google One Service => 3 MSCONFIG\Services: windowsnetservicehelper.exe => 2 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "DataCollectionAgentController" HKLM\...\StartupApproved\Run: => "Fortect" HKLM\...\StartupApproved\Run: => "Reflect UI" HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKLM\...\StartupApproved\Run32: => "BrHelp" HKLM\...\StartupApproved\Run32: => "EPPCCMON" HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2566435625-1799573850-1386347091-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C1A63E0D3E9E4EFAC62BD695BD9B3C1D" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [TCP Query User{5CC46C24-15C6-4813-A796-293E527A3961}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{112B2316-8BF4-41BD-BF80-D82C682B122F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{914D09D3-A94C-4E26-A041-FC2FDB8E1412}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Fichier non signé] FirewallRules: [UDP Query User{52B707A0-A9CA-417A-A5BE-2E66DAABED0E}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Fichier non signé] FirewallRules: [{CD7958D6-1F61-44CC-BCCA-B6D0552CB050}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [{F3D824D8-110E-440C-983A-4848FEDA1497}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [{406DC02D-F586-4CFA-A884-F06CB25A6224}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [{EDF5A429-CE0B-4C98-B239-B28F439BD963}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{04F8E654-CCE9-46E9-A170-034646A7EEE1}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C706B1C8-BBD4-41CD-9D73-93CF83AC1853}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5A1F09E9-2C8A-4EF4-9A1F-CF72A35178CC}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{698C8791-ACF5-4EE7-9C84-4D6D6DBF8276}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FD4618C1-E06D-4418-B3A1-C1BCBB45CBAB}] => (Allow) C:\Program Files\Fortect\MainService.exe => Pas de fichier FirewallRules: [{CDCAD1F6-267B-4648-AF84-5DA83EF56B53}] => (Allow) C:\Program Files\Fortect\MainService.exe => Pas de fichier FirewallRules: [{1F0BBAAD-4FBE-40FF-9AA8-A3EB9394746E}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => Pas de fichier FirewallRules: [{ECAE2D9A-B7EE-4851-A1A4-8BC34C206A6C}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => Pas de fichier FirewallRules: [{15F67E72-D72B-4E18-A530-EF7F763F0299}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => Pas de fichier FirewallRules: [{05E82480-8BC9-483F-A664-F0680874BBEF}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => Pas de fichier FirewallRules: [TCP Query User{5E4F95F4-DFD4-4B31-BB3A-EDE0F3BD481B}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Fichier non signé] FirewallRules: [UDP Query User{F448E58C-1157-4CD5-89D6-60BF70C26BF5}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Fichier non signé] FirewallRules: [TCP Query User{A359E39F-DFCB-4FC1-BEBF-D45B8BF32A2F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{41742549-F66C-4F14-9FAB-1701C767C9B4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{C1C5C009-3DD3-4769-A27E-A647AA0D71FD}] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{CA8A0E3F-5832-48C7-A816-6A946561D9DD}] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{04E99A2D-2A85-4677-A1D8-FA8A0B493D93}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe () [Fichier non signé] FirewallRules: [UDP Query User{042D4580-20F8-4E1E-B9DD-F7A53E29D4A8}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe () [Fichier non signé] FirewallRules: [{A87382AB-6CD6-4A12-B984-B118A6D3BED3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{472A164C-9561-44B1-94D1-25E72DE2BE2C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{77E1EBB2-CABF-464A-AA0F-76041835F77D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A4588CE9-220B-4CE7-88AA-0F8D8F238519}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.118.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{92DCC479-61F7-456B-9D90-39D528A2B5DA}C:\users\quadman\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe] => (Allow) C:\users\quadman\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe () [Fichier non signé] FirewallRules: [UDP Query User{FA7CEF75-FE63-4171-B957-3B125468112B}C:\users\quadman\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe] => (Allow) C:\users\quadman\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe () [Fichier non signé] FirewallRules: [TCP Query User{6245E14B-9234-4DBD-92FE-293AB42500C3}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe FirewallRules: [UDP Query User{C661FE20-4A54-4001-8BA3-D62FB26698DE}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe FirewallRules: [{146801DF-3473-40FD-A922-AC9D3020E534}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{40FEA67A-1398-4D08-97A6-FD95977EE130}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{1AABB743-25EA-4ADA-9FDA-E526291EF937}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============ Name: Contrôleur High Definition Audio Description: Contrôleur High Definition Audio Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HDAudBus Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Realtek PCIe GbE Family Controller Description: Realtek PCIe GbE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: rt640x64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (05/11/2024 09:56:42 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de la création de la classe COM du fournisseur de cliché instantané avec CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80070005, Accès refusé. ]. Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Supprimer des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (05/11/2024 09:56:42 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} et de nom SW_PROV. [0x80070005, Accès refusé.] Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Supprimer des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (05/11/2024 09:56:42 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de la création de la classe COM du fournisseur de cliché instantané avec CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80070005, Accès refusé. ]. Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Obtenir les propriétés de cliché instantané Supprimer des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Contexte d’exécution: Coordinator Error: (05/11/2024 09:56:42 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} et de nom SW_PROV. [0x80070005, Accès refusé.] Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Obtenir les propriétés de cliché instantané Supprimer des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Contexte d’exécution: Coordinator Error: (05/11/2024 09:56:42 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de la création de la classe COM du fournisseur de cliché instantané avec CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80070005, Accès refusé. ]. Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Interroger des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (05/11/2024 09:56:42 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} et de nom SW_PROV. [0x80070005, Accès refusé.] Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Interroger des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (05/11/2024 09:56:41 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de la création de la classe COM du fournisseur de cliché instantané avec CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80070005, Accès refusé. ]. Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Interroger des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (05/11/2024 09:56:41 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} et de nom SW_PROV. [0x80070005, Accès refusé.] Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Interroger des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Erreurs système: ============= Error: (05/11/2024 09:55:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (05/11/2024 09:55:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Error: (05/11/2024 09:55:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (05/11/2024 09:55:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Error: (05/11/2024 09:55:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (05/11/2024 09:55:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Error: (05/11/2024 09:55:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (05/11/2024 09:55:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Windows Defender: ================ Date: 2024-05-11 21:56:01 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/zgRAT.O!MTB&threatid=2147898079&enterprise=0 Nom : Trojan:MSIL/zgRAT.O!MTB ID : 2147898079 Gravité : Grave Catégorie : Cheval de Troie Chemin : amsi:_\Device\HarddiskVolume16\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Origine de la détection : Inconnu Type de détection : Concret Source de détection : AMSI Utilisateur : PC-DE-JM\Quadman Nom du processus : C:\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Version de la veille de sécurité : AV: 1.411.85.0, AS: 1.411.85.0, NIS: 1.411.85.0 Version du moteur : AM: 1.1.24040.1, NIS: 1.1.24040.1 Date: 2024-05-11 21:49:18 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/zgRAT.O!MTB&threatid=2147898079&enterprise=0 Nom : Trojan:MSIL/zgRAT.O!MTB ID : 2147898079 Gravité : Grave Catégorie : Cheval de Troie Chemin : amsi:_\Device\HarddiskVolume16\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Origine de la détection : Inconnu Type de détection : Concret Source de détection : AMSI Utilisateur : PC-DE-JM\Quadman Nom du processus : C:\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Version de la veille de sécurité : AV: 1.411.85.0, AS: 1.411.85.0, NIS: 1.411.85.0 Version du moteur : AM: 1.1.24040.1, NIS: 1.1.24040.1 Date: 2024-05-11 21:42:35 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/zgRAT.O!MTB&threatid=2147898079&enterprise=0 Nom : Trojan:MSIL/zgRAT.O!MTB ID : 2147898079 Gravité : Grave Catégorie : Cheval de Troie Chemin : amsi:_\Device\HarddiskVolume16\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Origine de la détection : Inconnu Type de détection : Concret Source de détection : AMSI Utilisateur : PC-DE-JM\Quadman Nom du processus : C:\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Version de la veille de sécurité : AV: 1.411.85.0, AS: 1.411.85.0, NIS: 1.411.85.0 Version du moteur : AM: 1.1.24040.1, NIS: 1.1.24040.1 Date: 2024-05-11 21:35:52 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/zgRAT.O!MTB&threatid=2147898079&enterprise=0 Nom : Trojan:MSIL/zgRAT.O!MTB ID : 2147898079 Gravité : Grave Catégorie : Cheval de Troie Chemin : amsi:_\Device\HarddiskVolume16\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Origine de la détection : Inconnu Type de détection : Concret Source de détection : AMSI Utilisateur : PC-DE-JM\Quadman Nom du processus : C:\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Version de la veille de sécurité : AV: 1.411.85.0, AS: 1.411.85.0, NIS: 1.411.85.0 Version du moteur : AM: 1.1.24040.1, NIS: 1.1.24040.1 Date: 2024-05-11 21:29:09 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/zgRAT.O!MTB&threatid=2147898079&enterprise=0 Nom : Trojan:MSIL/zgRAT.O!MTB ID : 2147898079 Gravité : Grave Catégorie : Cheval de Troie Chemin : amsi:_\Device\HarddiskVolume16\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Origine de la détection : Inconnu Type de détection : Concret Source de détection : AMSI Utilisateur : PC-DE-JM\Quadman Nom du processus : C:\Users\Quadman\AppData\Local\TypeId\xymlydkn\Source.exe Version de la veille de sécurité : AV: 1.411.85.0, AS: 1.411.85.0, NIS: 1.411.85.0 Version du moteur : AM: 1.1.24040.1, NIS: 1.1.24040.1  CodeIntegrity: =============== Date: 2024-05-11 16:51:06 Description: Code Integrity determined that a process (\Device\HarddiskVolume16\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe) attempted to load \Device\HarddiskVolume16\Program Files\Microsoft Office\Office16\OLMAPI32.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. V2.8 12/08/2014 Carte mère: MSI X79A-GD45 (MS-7735) Processeur: Intel(R) Core(TM) i7-3930K CPU @ 3.20GHz Pourcentage de mémoire utilisée: 74% Mémoire physique - RAM - totale: 16297.36 MB Mémoire physique - RAM - disponible: 4211.08 MB Mémoire virtuelle totale: 28093.43 MB Mémoire virtuelle disponible: 4289.62 MB ==================== Lecteurs ================================ Drive c: (W10 / 500 / SAM) (Fixed) (Total:464.42 GB) (Free:230.48 GB) (Model: Samsung SSD 850 EVO 500GB) NTFS Drive d: (W10 / 500 / WDC) (Fixed) (Total:464.6 GB) (Free:306.08 GB) (Model: WDC WDS500G1B0A-00H9H0) NTFS Drive e: (BackUp Image W10 Diff.) (Fixed) (Total:476.93 GB) (Free:303.51 GB) (Model: XrayDisk 512GB SSD SCSI Disk Device) NTFS Drive f: ( Full Miror Sync) (Fixed) (Total:953.86 GB) (Free:447.83 GB) (Model: XrayDisk 1TB SSD SCSI Disk Device) NTFS Drive g: (Pictures SSD 250) (Fixed) (Total:238.47 GB) (Free:209.47 GB) (Model: SSD 256G B SCSI Disk Device) NTFS Drive h: (Stockage 1,5TB (Tour)) (Fixed) (Total:1397.26 GB) (Free:392.86 GB) (Model: Hitachi HDS723015BLA642) NTFS Drive i: (W11/480/ Golden) (Fixed) (Total:446.41 GB) (Free:340.64 GB) (Model: SSD 480G B SCSI Disk Device) NTFS Drive j: (500 GB MP4_MG4) (Fixed) (Total:465.76 GB) (Free:404.03 GB) (Model: HGST HTS 545050A7E680 SCSI Disk Device) NTFS Drive m: (Job 80GB_Meca) (Fixed) (Total:74.51 GB) (Free:31.05 GB) (Model: Hitachi HTS541680J9SA00 USB Device) NTFS \\?\Volume{2211e004-a816-aec3-a740-d710e0ef71d8}\ () (Fixed) (Total:1.04 GB) (Free:0.57 GB) NTFS \\?\Volume{0013e8c9-0630-7745-b866-de3b92d12700}\ () (Fixed) (Total:1 GB) (Free:0.53 GB) NTFS \\?\Volume{7c4dc0a1-610f-41a8-89ff-398875156645}\ () (Fixed) (Total:0.6 GB) (Free:0.06 GB) NTFS \\?\Volume{6bc2bd46-ff5a-4707-8308-fb2302273343}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 \\?\Volume{6de5e9e0-46b5-01da-f0f4-f2b65a23ed00}\ () (Fixed) (Total:0.32 GB) (Free:0.3 GB) FAT32 \\?\Volume{9cece313-0d38-44e3-a261-85d05fce45da}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00004823) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0B351A9A) Partition: GPT. ========================================================== Disk: 2 (Size: 1397.3 GB) (Disk ID: 0B46A68C) Partition: GPT. ========================================================== Disk: 3 (Size: 476.9 GB) (Disk ID: 94153BA5) Partition: GPT. ========================================================== Disk: 4 (Size: 953.9 GB) (Disk ID: 417A63BF) Partition: GPT. ========================================================== Disk: 5 (Size: 238.5 GB) (Disk ID: 01C49388) Partition: GPT. ========================================================== Disk: 6 (Size: 465.8 GB) (Disk ID: B05CD80C) Partition: GPT. Could not read MBR for disk 7. ========================================================== Disk: 8 (Size: 447.1 GB) (Disk ID: 06D59DAA) Partition: GPT. ========================================================== Disk: 10 (Size: 74.5 GB) (Disk ID: 34B4D103) Partition: GPT. ==================== Fin de Addition.txt =======================