Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 19.06.2024 Exécuté par COC-NitroBook (20-06-2024 21:25:27) Exécuté depuis C:\Users\simec\Desktop Microsoft Windows 11 Famille Version 23H2 22631.3737 (X64) (2023-11-03 20:37:18) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-1283810175-761726887-3710497458-500 - Administrator - Disabled) COC-NitroBook (S-1-5-21-1283810175-761726887-3710497458-1002 - Administrator - Enabled) => C:\Users\simec DefaultAccount (S-1-5-21-1283810175-761726887-3710497458-503 - Limited - Disabled) Invité (S-1-5-21-1283810175-761726887-3710497458-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1283810175-761726887-3710497458-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0} FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\uTorrent) (Version: 3.6.0.46904 - BitTorrent Inc.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe) Adobe After Effects 2023 (HKLM-x32\...\AEFT_23_5) (Version: 23.5 - Adobe Inc.) Adobe Animate 2023 (HKLM-x32\...\FLPR_23_0_2) (Version: 23.0.2 - Adobe Inc.) Adobe Audition 2023 (HKLM-x32\...\AUDT_23_5) (Version: 23.5 - Adobe Inc.) Adobe Bridge 2023 (HKLM-x32\...\KBRG_13_0_3) (Version: 13.0.3 - Adobe Inc.) Adobe Character Animator 2023 (HKLM-x32\...\CHAR_23_1) (Version: 23.1 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.) Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_0_1) (Version: 25.0.1 - Adobe Inc.) Adobe InCopy 2023 (HKLM-x32\...\AICY_18_4) (Version: 18.4 - Adobe Inc.) Adobe InDesign 2023 (HKLM-x32\...\IDSN_18_4) (Version: 18.4 - Adobe Inc.) Adobe Lightroom Classic (HKLM-x32\...\LTRM_12_4) (Version: 12.4 - Adobe Inc.) Adobe Media Encoder 2023 (HKLM-x32\...\AME_23_5) (Version: 23.5 - Adobe Inc.) Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7) (Version: 24.7.0.643 - Adobe Inc.) Adobe Premiere Pro 2023 (HKLM-x32\...\PPRO_23_5) (Version: 23.5 - Adobe Inc.) Adobe Premiere Rush (HKLM-x32\...\RUSH_2_9) (Version: 2.9 - Adobe Inc.) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Analyseur et SDK MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated) Cisco Webex Meetings (HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\ActiveTouchMeetingClient) (Version: 43.10.0 - Cisco Webex LLC) Discord (HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Discord) (Version: 1.0.9013 - Discord Inc.) DJI Assistant 2 For Phantom version V2.0.10.4 (HKLM-x32\...\{00DD3702-DB3B-4137-843C-3147F46B749E}_is1) (Version: V2.0.10.4 - DJI) EaseUS Partition Master (HKLM\...\EaseUS Partition Master_is1) (Version: 18.0 - EaseUS) Étude pour l'amélioration du produit HP Deskjet 1510 series (HKLM\...\{4FC8905C-0B85-4A31-B30B-F3CD3917F7D6}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 126.0.6478.63 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 92.0.1.0 - Google LLC) HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - ) Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HP Deskjet 1510 series Aide (HKLM-x32\...\{00645C10-53C9-46DC-B7D0-6F7B006972E9}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Inkscape (HKLM-x32\...\Inkscape) (Version: 1.3.0 - Inkscape) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Chipset Device Software (HKLM\...\{783DBEAB-DC48-436C-A8C7-C0E33F240DD4}) (Version: 10.1.18793.8276 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{8fd77154-9595-4dc2-9a8d-145cd53b5105}) (Version: 10.1.18793.8276 - Intel(R) Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.42.3 - Tonec Inc.) iZotope RX 10 Audio Editor Advanced (HKLM\...\iZotope RX 10 Audio Editor Advanced_is1) (Version: 10.5.0 - iZotope & Team V.R) Logiciel de base du périphérique HP Deskjet 1510 series (HKLM\...\{54C00C25-16ED-4035-BAEC-1C5F9B83B113}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Lumion 12.0 (HKLM\...\Lumion 12.0_is1) (Version: 12.0 - Act-3D B.V.) Magic Bullet Suite (HKLM\...\Magic Bullet Suite v2023.0.0) (Version: - Maxon Computer GmbH) Maxon Cinema 4D 2023 (HKLM\...\Maxon Cinema 4D 2023) (Version: 2023 - Maxon) Microsoft Access MUI (French) 2016 (HKLM\...\{90160000-0015-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft DCF MUI (French) 2016 (HKLM\...\{90160000-0090-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.61 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.61 - Microsoft Corporation) Microsoft Excel MUI (French) 2016 (HKLM\...\{90160000-0016-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Flight Simulator X Demo (HKLM-x32\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios) Microsoft Groove MUI (French) 2016 (HKLM\...\{90160000-00BA-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (French) 2016 (HKLM\...\{90160000-0044-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (French) 2016 (HKLM\...\{90160000-00E1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (French) 2016 (HKLM\...\{90160000-00E2-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Office Proofing (French) 2016 (HKLM\...\{90160000-002C-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2016 - اللغة العربية (HKLM\...\{90160000-001F-0401-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (French) 2016 (HKLM\...\{90160000-00C1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (French) 2016 (HKLM\...\{90160000-006E-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.108.0528.0005 - Microsoft Corporation) Microsoft OneNote MUI (French) 2016 (HKLM\...\{90160000-00A1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Outlook MUI (French) 2016 (HKLM\...\{90160000-001A-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (French) 2016 (HKLM\...\{90160000-0018-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Publisher MUI (French) 2016 (HKLM\...\{90160000-0019-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Skype for Business MUI (French) 2016 (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Word MUI (French) 2016 (HKLM\...\{90160000-001B-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Nextcloud (HKLM\...\{E78CC941-C105-4677-9AC1-D3A54B20FDE1}) (Version: 3.9.0.20230613 - Nextcloud GmbH) NitroSense Service (HKLM\...\{6FC78E80-6385-43D6-8A43-FA80094F1A2E}) (Version: 3.01.3028 - Acer Incorporated) Norton 360 (HKLM-x32\...\NGC) (Version: 22.24.3.2 - NortonLifeLock Inc) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA Pilote graphique 551.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.52 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3038 - Acer Incorporated) RØDE Application Fonts (HKLM\...\{D742CB1C-CAA5-4675-AD29-9B0EE782A3C9}) (Version: 1.0.0.0 - RØDE Microphones) RODE Central (HKLM\...\{B460DB50-04A8-4335-BFD3-28ADE0E53FA5}) (Version: 2.0.45 - RØDE Microphones) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.59.0 - Samsung Electronics Co., Ltd.) Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Telegram Desktop (HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.16.8 - Telegram FZ-LLC) TeraCopy version 3.6 (HKLM\...\TeraCopy_is1) (Version: 3.6 - Code Sector) Topaz Gigapixel AI (HKLM\...\{12A23EC2-5BA1-43CA-8FFB-44CBE22575AA}) (Version: 7.1.0 - Topaz Labs LLC) Update for Skype for Business 2016 (KB4011662) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{D8CEB754-14AC-425F-A513-CBEE01FA8E78}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4011662) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{D8CEB754-14AC-425F-A513-CBEE01FA8E78}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4011662) 64-Bit Edition (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{D8CEB754-14AC-425F-A513-CBEE01FA8E78}) (Version: - Microsoft) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VanceAI PC (02/06/2023) (HKLM-x32\...\VanceAI PC) (Version: 1.3.2.0 - VanceAI PC) VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN) Webex (HKLM\...\{9D5D7A52-35B3-561C-AA14-67879D08BECB}) (Version: 44.4.0.29298 - Cisco Systems, Inc) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wondershare Filmora 13(Build 13.0.25.4414) (HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) Wondershare NativePush(Build 1.0.1.0) (HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Wondershare NativePush_is1) (Version: - Wondershare Software) Zoom (HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\ZoomUMX) (Version: 5.16.6 (24712) - Zoom Video Communications, Inc.) Packages: ========= Adobe Acrobat DC -> C:\Program Files\Adobe\Acrobat DC [2023-11-02] () AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5536.0_x64__8j3eq9eme6ctt [2024-06-17] (INTEL CORP) [Startup Task] Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-06-13] (Disney) DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.13.5.0_x64__t5j2fzbtdg37r [2024-04-18] (DTS, Inc.) Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3216.0_x64__rh07ty8m5nkag [2022-03-25] (Rivet Networks LLC) [Startup Task] LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.30.0_x64__w1wdnht996qgy [2024-06-03] (LinkedIn) [Startup Task] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Corp.) Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-06-10] (Microsoft Corporation) Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-06-19] (Microsoft Corporation) MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24052.57.0_x64__cw5n1h2txyewy [2024-06-18] (Microsoft Windows) [Startup Task] NitroSense_V31 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseV31_3.1.3028.0_x64__48frkmn4z8aw4 [2022-08-18] (Acer Incorporated) Norton Security -> C:\Program Files\Norton Security\Engine\22.24.3.2 [2024-06-20] (NortonLifeLock Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-25] (NVIDIA Corp.) Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.12008.0_x64__8wekyb3d8bbwe [2024-06-17] (Microsoft Corporation) [Startup Task] QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2023-08-24] (Acer Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.19.234.0_x64__dt26b99r8h8gj [2022-04-28] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0 [2024-06-20] (Spotify AB) [Startup Task] Trello -> C:\Program Files\WindowsApps\45273LiamForsyth.PawsforTrello_2.14.7.0_x64__7pb5ddty8z1pa [2024-04-25] (Trello, Inc.) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm [2024-06-20] (WhatsApp Inc.) [Startup Task] WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2024-02-10] (Microsoft Corp.) WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1227.1637.0_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft Corp.) WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-13] (Microsoft Corp.) WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-13] (Microsoft Corp.) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-06-13] (Microsoft Windows) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1283810175-761726887-3710497458-1002_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-02] (Tonec Inc. -> Tonec FZE) ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\NCOverlays.dll [2023-06-13] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\NCOverlays.dll [2023-06-13] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\NCOverlays.dll [2023-06-13] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\NCOverlays.dll [2023-06-13] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\NCOverlays.dll [2023-06-13] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-16] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-16] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-16] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.3.2\buShell.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.3.2\buShell.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.3.2\buShell.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.3.2\buShell.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.3.2\buShell.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.3.2\buShell.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-16] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.3.2\buShell.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [EpmRightMenu] -> {a5354344-b5da-4901-afd1-f0adc1d0b8bd} => C:\Program Files\EaseUS\RightMenu\epmright.dll [2023-08-22] (CHENGDU YIWO Tech Development Co., Ltd. -> TODO: ) ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.3.2\NavShExt.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2021-02-10] () [Fichier non signé] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [EpmRightMenu] -> {a5354344-b5da-4901-afd1-f0adc1d0b8bd} => C:\Program Files\EaseUS\RightMenu\epmright.dll [2023-08-22] (CHENGDU YIWO Tech Development Co., Ltd. -> TODO: ) ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.3.2\NavShExt.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2021-02-10] () [Fichier non signé] ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\NCContextMenu.dll [2023-06-13] (Nextcloud GmbH -> Nextcloud GmbH) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [EpmRightMenu] -> {a5354344-b5da-4901-afd1-f0adc1d0b8bd} => C:\Program Files\EaseUS\RightMenu\epmright.dll [2023-08-22] (CHENGDU YIWO Tech Development Co., Ltd. -> TODO: ) ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2021-02-10] () [Fichier non signé] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncShell64.dll [2024-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [EpmRightMenu] -> {a5354344-b5da-4901-afd1-f0adc1d0b8bd} => C:\Program Files\EaseUS\RightMenu\epmright.dll [2023-08-22] (CHENGDU YIWO Tech Development Co., Ltd. -> TODO: ) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_2ba22b3456e19b2f\nvshext.dll [2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-16] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.3.2\buShell.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.3.2\NavShExt.dll [2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2021-02-10] () [Fichier non signé] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\simec\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat () ==================== Modules chargés (Avec liste blanche) ============= 2023-11-07 16:18 - 2016-07-21 10:54 - 000137728 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2023-11-07 16:18 - 2017-09-12 10:34 - 001506304 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2021-02-01 21:49 - 2021-02-01 21:49 - 000010240 _____ () [Fichier non signé] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\fr_fr\acrotray.fra 2022-04-07 08:01 - 2022-04-07 08:01 - 000022016 _____ (Adobe Systems Inc.) [Fichier non signé] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\fr_fr\Acrobat Elements\ContextMenuShim64.fra 2023-11-03 00:21 - 2023-06-02 11:30 - 000408064 _____ (The curl library, hxxps://curl.haxx.se/) [Fichier non signé] C:\Program Files\VanceAI PC\libcurl.dll 2023-11-03 00:21 - 2023-06-02 11:30 - 002103296 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\VanceAI PC\LIBEAY32.dll 2023-11-03 00:21 - 2023-06-02 11:31 - 000357888 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\VanceAI PC\SSLEAY32.dll 2023-11-03 00:21 - 2023-06-02 11:31 - 001249280 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files\VanceAI PC\platforms\qwindows.dll 2023-11-03 00:21 - 2023-06-02 11:31 - 005664256 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files\VanceAI PC\Qt5Core.dll 2023-11-03 00:21 - 2023-06-02 11:31 - 006019072 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files\VanceAI PC\Qt5Gui.dll 2023-11-03 00:21 - 2023-06-02 11:31 - 001064960 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files\VanceAI PC\Qt5Network.dll 2023-11-03 00:21 - 2023-06-02 11:31 - 005472768 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files\VanceAI PC\Qt5Widgets.dll 2023-11-07 16:18 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [Fichier non signé] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-01-17] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-01-17] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-01-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-01-17] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-01-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-01-17] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2021-06-05 13:08 - 2024-06-20 20:50 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Inkscape\bin HKU\S-1-5-21-1283810175-761726887-3710497458-1002\Control Panel\Desktop\\Wallpaper -> d:\fond d'ecran coc\img_20190828_190718_495.png DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{0E2953D7-86E4-4675-A096-05A1E1A6A550}] => (Allow) C:\Users\simec\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.) FirewallRules: [{C0334120-EA6D-4EDB-83CF-F98288FB493B}] => (Allow) C:\Users\simec\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.) FirewallRules: [{5D5F5A8C-ACCA-48D6-A6AE-96078A500C10}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3DFC68F4-500A-4B9A-8AA4-7258CD3B4BFC}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{84DDD39B-CD29-4754-9BE2-B03910BF7F42}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Pas de fichier FirewallRules: [{1A3243E0-6A32-4C66-B0A0-C3A907322426}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D925C76E-5901-4C8E-8F1E-F5585100C22B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C774CA1B-747C-48AD-89D6-F167B14899AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{97D5D777-9324-4EAA-ADC7-4A4C9BC56E79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FBF6CD8D-984D-4F90-BF5A-D5353319535E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9094E4E1-8755-4109-979F-40AD2E29EAD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{83901D8E-E93A-4AEB-9B9D-996FC2B8324C}] => (Allow) C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare) FirewallRules: [{4D7DF495-F019-47A1-803A-C26C42A1E300}] => (Allow) C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare) FirewallRules: [{F603EC8A-68EC-4892-842F-A2AD72029EAD}] => (Allow) C:\Program Files\iZotope\RX Pro Audio Editor\win64\iZotope RX 10 Audio Editor.exe (iZotope, Inc.) [Fichier non signé] FirewallRules: [{B0496E8D-031E-4001-866D-4E9A1E49243C}] => (Allow) C:\Program Files\iZotope\RX Pro Audio Editor\win64\iZotope RX 10 Audio Editor.exe (iZotope, Inc.) [Fichier non signé] FirewallRules: [{8710C56D-75E3-46D1-A7B3-79BB38407AE2}] => (Allow) C:\Program Files\Office 2016 Permanent Activator Ultimate v1.5\Office 2016 Permanent Activator Ultimate v1.5.exe => Pas de fichier FirewallRules: [{44BE39AB-D2E2-4EB4-AF32-BD9E50004844}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C5B212D6-19C9-462D-B098-CDD67829E7DF}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C74CC797-6580-4D6C-8EB8-7E1413977620}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6C2375F3-A1C3-4C5A-865A-172671421A1F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D536A873-5BF8-4016-8A89-3D6C4E47198A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FBD0E941-19BC-49D5-A545-9D05C00A0F7E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FCA959FA-D36A-43C5-B490-37236E2D7BAA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{4FA6F14A-26B7-45B5-A57B-C8C11A764D72}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A5D7B49D-F4AA-4E29-8385-0C6D51EDE916}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{2A7570AC-50D8-4F01-ADB3-1707994D9BD7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{DA929458-D509-4018-9A0A-22E58CB4D536}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{65FF4632-2D6F-4A36-AF29-D5307F97D5EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{4813F3C9-E9EC-4475-820D-849F9495B2E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{70CF3856-5861-402A-86D9-9818E92626FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{A245E9D5-8096-49AF-845B-DE84C3A60816}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{468A3FEC-D2D0-4129-A6FC-F3423D7D78B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{65A6CA69-EA49-412B-AA06-3872B531912D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{DD38F9D9-91B8-4302-9CEC-B8837A3D7F77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) ==================== Points de restauration ========================= 18-06-2024 12:22:09 Windows Update 18-06-2024 12:22:17 Windows Update ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (06/20/2024 09:23:55 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de la création de la classe COM du fournisseur de cliché instantané avec CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80070005, Accès refusé. ]. Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Supprimer des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (06/20/2024 09:23:55 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} et de nom SW_PROV. [0x80070005, Accès refusé.] Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Supprimer des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (06/20/2024 09:23:55 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de la création de la classe COM du fournisseur de cliché instantané avec CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80070005, Accès refusé. ]. Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Obtenir les propriétés de cliché instantané Supprimer des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Contexte d’exécution: Coordinator Error: (06/20/2024 09:23:55 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} et de nom SW_PROV. [0x80070005, Accès refusé.] Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Obtenir les propriétés de cliché instantané Supprimer des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Contexte d’exécution: Coordinator Error: (06/20/2024 09:23:55 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de la création de la classe COM du fournisseur de cliché instantané avec CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80070005, Accès refusé. ]. Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Interroger des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (06/20/2024 09:23:55 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} et de nom SW_PROV. [0x80070005, Accès refusé.] Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Interroger des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (06/20/2024 09:23:54 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de la création de la classe COM du fournisseur de cliché instantané avec CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} [0x80070005, Accès refusé. ]. Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Interroger des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Error: (06/20/2024 09:23:54 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {e5b50e88-1fd9-4123-bdad-d0e79026fa55} et de nom SW_PROV. [0x80070005, Accès refusé.] Opération : Obtenir une interface pouvant être appelée pour ce fournisseur Afficher la liste des interfaces pour tous les fournisseurs prenant en charge ce contexte Interroger des clichés instantanés Contexte : ID du fournisseur: {02029a6e-d74a-4ecd-ba26-c12be9323128} ID de classe: {e5b50e88-1fd9-4123-bdad-d0e79026fa55} Contexte de l’instantané: -1 Contexte de l’instantané: -1 Contexte d’exécution: Coordinator Erreurs système: ============= Error: (06/20/2024 09:06:03 PM) (Source: DCOM) (EventID: 10001) (User: COC-NITROBOOK) Description: Impossible de démarrer un serveur DCOM : {F3B5324B-98B2-4523-BBE5-1ABAB8B4D7D3} en tant que Non disponible/Non disponible. L’erreur « 2147942403 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.30.0_x64__w1wdnht996qgy\LinkedIn\LinkedIn.exe" ----WindowsAppRuntimePushServer: -Embedding Error: (06/20/2024 09:06:03 PM) (Source: DCOM) (EventID: 10001) (User: COC-NITROBOOK) Description: Impossible de démarrer un serveur DCOM : {F3B5324B-98B2-4523-BBE5-1ABAB8B4D7D3} en tant que Non disponible/Non disponible. L’erreur « 2147942403 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.30.0_x64__w1wdnht996qgy\LinkedIn\LinkedIn.exe" ----WindowsAppRuntimePushServer: -Embedding Error: (06/20/2024 09:06:03 PM) (Source: DCOM) (EventID: 10001) (User: COC-NITROBOOK) Description: Impossible de démarrer un serveur DCOM : {F3B5324B-98B2-4523-BBE5-1ABAB8B4D7D3} en tant que Non disponible/Non disponible. L’erreur « 2147942403 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.30.0_x64__w1wdnht996qgy\LinkedIn\LinkedIn.exe" ----WindowsAppRuntimePushServer: -Embedding Error: (06/20/2024 08:53:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (06/20/2024 08:53:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Service Google Update (gupdate). Error: (06/20/2024 08:50:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue. Chemin d’accès du module : C:\WINDOWS\system32\IntelIHVRouter08.dll Error: (06/20/2024 08:50:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue. Chemin d’accès du module : C:\WINDOWS\system32\IntelIHVRouter08.dll Error: (06/20/2024 08:49:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Quick Access Service s’est terminé de façon inattendue pour la 1ème fois. Windows Defender: ================ Date: 2024-06-20 18:19:06 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!ml&threatid=2147748148&enterprise=0 Nom : Backdoor:Win32/Bladabindi!ml ID : 2147748148 Gravité : Grave Catégorie : Porte dérobée Chemin : containerfile:_G:\Master Collection February 2021.iso; file:_G:\Master Collection February 2021.iso->Start_Master.exe Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Utilisateur Utilisateur : COC-NITROBOOK\COC-NitroBook Nom du processus : Unknown Version de la veille de sécurité : AV: 1.413.414.0, AS: 1.413.414.0, NIS: 1.413.414.0 Version du moteur : AM: 1.1.24050.5, NIS: 1.1.24050.5 Date: 2024-06-20 17:13:27 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:VBS/Tnega!MSR&threatid=2147754826&enterprise=0 Nom : Trojan:VBS/Tnega!MSR ID : 2147754826 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\WINDOWS\system32\SyncAppvPublishingServer.vbs Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Système Utilisateur : AUTORITE NT\Système Nom du processus : Unknown Version de la veille de sécurité : AV: 1.413.414.0, AS: 1.413.414.0, NIS: 1.413.414.0 Version du moteur : AM: 1.1.24050.5, NIS: 1.1.24050.5 Date: 2023-11-15 10:15:55 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {3B7B6E74-3A02-4407-BBB8-84887363A401} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2023-11-13 13:35:01 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {97124BFA-0BC7-4DB8-9074-FEE387B56D53} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2023-11-12 13:31:55 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {406E988B-AFEB-4F35-9FF8-C4CB671243CE} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2024-06-20 21:25:40 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.24.3.2\symamsi.dll that did not meet the Windows signing level requirements. ==================== Infos Mémoire =========================== BIOS: Insyde Corp. V2.06 08/19/2021 Carte mère: CML Stonic_CMS Processeur: Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz Pourcentage de mémoire utilisée: 25% Mémoire physique - RAM - totale: 32599.05 MB Mémoire physique - RAM - disponible: 24356.81 MB Mémoire virtuelle totale: 58199.05 MB Mémoire virtuelle disponible: 49776.7 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:375.6 GB) (Free:122 GB) (Model: NVMe SAMSUNG MZVLB512) NTFS Drive d: (DATA) (Fixed) (Total:100.62 GB) (Free:18.45 GB) (Model: NVMe SAMSUNG MZVLB512) NTFS Drive f: (WORKSTORE 1) (Fixed) (Total:931.51 GB) (Free:93.01 GB) (Model: SanDisk Extreme SSD SCSI Disk Device) exFAT Drive g: (COC SHOOT) (Fixed) (Total:931.51 GB) (Free:166.46 GB) (Model: SanDisk Extreme SSD SCSI Disk Device) exFAT \\?\Volume{069fd880-99ab-4ff3-a5c8-a3d359e01070}\ () (Fixed) (Total:0.6 GB) (Free:0.59 GB) NTFS \\?\Volume{f34330dc-bbd8-460c-8ddc-30ecbef68122}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 010EAFE9) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================